Total
3148 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9843 | 1 Das | 1 Parking Management System | 2025-10-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| A flaw has been found in Das Parking Management System 停车场管理系统 6.2.0. Affected is an unknown function of the file /Operator/FindAll. This manipulation causes information disclosure. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-54914 | 1 Microsoft | 1 Azure Networking | 2025-10-20 | N/A | 10.0 CRITICAL |
| Azure Networking Elevation of Privilege Vulnerability | |||||
| CVE-2025-7106 | 1 Librechat | 1 Librechat | 2025-10-20 | N/A | 5.3 MEDIUM |
| danny-avila/librechat is affected by an authorization bypass vulnerability due to improper access control checks. The `checkAccess` function in `api/server/middleware/roles/access.js` uses `permissions.some()` to validate permissions, which incorrectly grants access if only one of multiple required permissions is present. This allows users with the 'USER' role to create agents despite having `CREATE: false` permission, as the check for `['USE', 'CREATE']` passes with just `USE: true`. This vulnerability affects other permission checks as well, such as `PROMPTS`. The issue is present in all versions prior to the fix. | |||||
| CVE-2025-59951 | 1 Termix | 1 Termix | 2025-10-20 | N/A | 9.1 CRITICAL |
| Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's IP when using the req.ip method. This results in isLocalhost always returning True. Consequently, the /ssh/db/host/internal endpoint can be accessed directly without login or authentication. This endpoint records the system's stored SSH host information, including addresses, usernames, and passwords, posing an extremely high security risk. Users who use the official Termix docker image, build their own image using the official dockerfile, or utilize reverse proxy functionality will be affected by this vulnerability. This issue is fixed in version 1.6.0. | |||||
| CVE-2025-11647 | 2025-10-18 | 1.8 LOW | 3.1 LOW | ||
| A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is needed for the attack. The exploitability is assessed as difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-45424 | 1 Xinference | 1 Xinference | 2025-10-18 | N/A | 5.3 MEDIUM |
| Incorrect access control in Xinference before v1.4.0 allows attackers to access the Web GUI without authentication. | |||||
| CVE-2025-45157 | 1 Splashin | 1 Splashin | 2025-10-17 | N/A | 6.5 MEDIUM |
| Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users. | |||||
| CVE-2025-50897 | 1 Boom-core | 1 Boomv | 2025-10-17 | N/A | 4.3 MEDIUM |
| A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translations configured with write permissions (PTE_W) in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions (sd). This occurs despite the presence of proper page table entries and valid memory access modes. The fault is reproducible when transitioning into virtual memory and attempting store operations in mapped kernel memory, indicating a potential flaw in the MMU, PMP, or memory access enforcement logic. This may cause unexpected kernel panics or denial of service in systems using BOOMv1.2. | |||||
| CVE-2025-9804 | 2025-10-17 | N/A | 9.6 CRITICAL | ||
| An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information. This vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager's API Gateway remain unaffected. | |||||
| CVE-2025-55244 | 1 Microsoft | 1 Azure Ai Bot Service | 2025-10-17 | N/A | 9.0 CRITICAL |
| Azure Bot Service Elevation of Privilege Vulnerability | |||||
| CVE-2025-55240 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2025-10-17 | N/A | 7.3 HIGH |
| Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-59201 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-10-17 | N/A | 7.8 HIGH |
| Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-59253 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-17 | N/A | 5.5 MEDIUM |
| Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally. | |||||
| CVE-2025-45615 | 1 User-xiangpeng | 1 Yaoqishan | 2025-10-17 | N/A | 9.8 CRITICAL |
| Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted request. | |||||
| CVE-2025-45616 | 1 Baidu | 1 Brcc | 2025-10-17 | N/A | 9.8 CRITICAL |
| Incorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request. | |||||
| CVE-2025-45617 | 1 Megagao | 1 Production Ssm | 2025-10-17 | N/A | 7.5 HIGH |
| Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload. | |||||
| CVE-2025-59218 | 1 Microsoft | 1 Entra Id | 2025-10-16 | N/A | 9.6 CRITICAL |
| Azure Entra ID Elevation of Privilege Vulnerability | |||||
| CVE-2025-23242 | 2 Linux, Nvidia | 2 Linux Kernel, Riva | 2025-10-16 | N/A | 7.3 HIGH |
| NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure. | |||||
| CVE-2025-23243 | 2 Linux, Nvidia | 2 Linux Kernel, Riva | 2025-10-16 | N/A | 6.5 MEDIUM |
| NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service. | |||||
| CVE-2025-61543 | 2025-10-16 | N/A | 7.1 HIGH | ||
| A Host Header Injection vulnerability exists in the password reset functionality of CraftMyCMS 4.0.2.2. The system uses `$_SERVER['HTTP_HOST']` directly to construct password reset links sent via email. An attacker can manipulate the Host header to send malicious reset links, enabling phishing attacks or account takeover. | |||||