Total
302436 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45192 | 1 Matrix | 1 Olm | 2025-06-17 | N/A | 5.3 MEDIUM |
| An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-45193 | 1 Matrix | 1 Olm | 2025-06-17 | N/A | 4.3 MEDIUM |
| An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria (does not ensure that S < n). This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-4325 | 1 Mrcms | 1 Mrcms | 2025-06-17 | 3.3 LOW | 2.4 LOW |
| A vulnerability has been found in MRCMS 3.1.2 and classified as problematic. This vulnerability affects unknown code of the file /admin/category/add.do of the component Category Management Page. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4326 | 1 Mrcms | 1 Mrcms | 2025-06-17 | 3.3 LOW | 2.4 LOW |
| A vulnerability was found in MRCMS 3.1.2 and classified as problematic. This issue affects some unknown processing of the file /admin/chip/add.do of the component Add Fragment Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-32441 | 1 Rack | 1 Rack | 2025-06-17 | N/A | 4.2 MEDIUM |
| Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the `Rack::Session::Pool` middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. Rack session middleware prepares the session at the beginning of request, then saves is back to the store with possible changes applied by host rack application. This way the session becomes to be a subject of race conditions in general sense over concurrent rack requests. When using the `Rack::Session::Pool` middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. Version 2.2.14 contains a patch for the issue. Some other mitigations are available. Either ensure the application invalidates sessions atomically by marking them as logged out e.g., using a `logged_out` flag, instead of deleting them, and check this flag on every request to prevent reuse; or implement a custom session store that tracks session invalidation timestamps and refuses to accept session data if the session was invalidated after the request began. | |||||
| CVE-2024-28063 | 1 Totemo | 1 Totemomail | 2025-06-17 | N/A | 6.1 MEDIUM |
| Kiteworks Totemomail through 7.0.0 allows /responsiveUI/EnvelopeOpenServlet envelopeRecipient reflected XSS. | |||||
| CVE-2025-46727 | 1 Rack | 1 Rack | 2025-06-17 | N/A | 7.5 HIGH |
| Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, `Rack::QueryParser` parses query strings and `application/x-www-form-urlencoded` bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with extremely large numbers of parameters. The vulnerability arises because `Rack::QueryParser` iterates over each `&`-separated key-value pair and adds it to a Hash without enforcing an upper bound on the total number of parameters. This allows an attacker to send a single request containing hundreds of thousands (or more) of parameters, which consumes excessive memory and CPU during parsing. An attacker can trigger denial of service by sending specifically crafted HTTP requests, which can cause memory exhaustion or pin CPU resources, stalling or crashing the Rack server. This results in full service disruption until the affected worker is restarted. Versions 2.2.14, 3.0.16, and 3.1.14 fix the issue. Some other mitigations are available. One may use middleware to enforce a maximum query string size or parameter count, or employ a reverse proxy (such as Nginx) to limit request sizes and reject oversized query strings or bodies. Limiting request body sizes and query string lengths at the web server or CDN level is an effective mitigation. | |||||
| CVE-2024-55651 | 1 Portabilis | 1 I-educar | 2025-06-17 | N/A | 5.4 MEDIUM |
| i-Educar is free, fully online school management software. Version 2.9 of the application fails to properly validate and sanitize user supplied input, leading to a stored cross-site scripting vulnerability that resides within the user type (Tipo de Usuário) input field. Through this attacker vector a malicious user might be able to retrieve information belonging to another user, which may lead to sensitive information leakage or other malicious actions. As of time of publication, no patched versions are known to exist. | |||||
| CVE-2025-32873 | 1 Djangoproject | 1 Django | 2025-06-17 | N/A | 5.3 MEDIUM |
| An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags(). | |||||
| CVE-2025-28389 | 1 Openc3 | 1 Cosmos | 2025-06-17 | N/A | 9.8 CRITICAL |
| Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack. | |||||
| CVE-2025-45818 | 1 Slims | 1 Senayan Library Management System Bulian | 2025-06-17 | N/A | 6.5 MEDIUM |
| Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/item_status.php. | |||||
| CVE-2025-45819 | 1 Slims | 1 Senayan Library Management System Bulian | 2025-06-17 | N/A | 6.5 MEDIUM |
| Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/author.php. | |||||
| CVE-2025-45820 | 1 Slims | 1 Senayan Library Management System Bulian | 2025-06-17 | N/A | 6.5 MEDIUM |
| Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/bibliography/pop_author_edit.php. | |||||
| CVE-2025-28388 | 1 Openc3 | 1 Cosmos | 2025-06-17 | N/A | 9.8 CRITICAL |
| OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. | |||||
| CVE-2025-32390 | 1 Espocrm | 1 Espocrm | 2025-06-17 | N/A | 8.5 HIGH |
| EspoCRM is a free, open-source customer relationship management platform. Prior to version 9.0.8, HTML Injection in Knowledge Base (KB) articles leads to complete page defacement imitating the login page. Authenticated users with the read knowledge article privilege can browse to the KB article and if they submit their credentials, they get captured in plain text. The vulnerability is allowed by overly permissive HTML editing being allowed on the KB articles. Any authenticated user with the privilege to read KB articles is impacted. In an enterprise with multiple applications, the malicious KB article could be edited to match the login pages of other applications, which would make it useful for credential harvesting against other applications as well. Version 9.0.8 contains a patch for the issue. | |||||
| CVE-2025-45864 | 1 Totolink | 2 A3002r, A3002r Firmware | 2025-06-17 | N/A | 5.4 MEDIUM |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface. | |||||
| CVE-2025-45866 | 1 Totolink | 2 A3002r, A3002r Firmware | 2025-06-17 | N/A | 5.4 MEDIUM |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface. | |||||
| CVE-2025-45867 | 1 Totolink | 2 A3002r, A3002r Firmware | 2025-06-17 | N/A | 5.4 MEDIUM |
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Setup interface. | |||||
| CVE-2024-46506 | 1 Netalertx | 1 Netalertx | 2025-06-17 | N/A | 10.0 CRITICAL |
| NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php. | |||||
| CVE-2025-6111 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||