CVE ID : CVE-2025-40658
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40657
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/forms/collectform.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40659
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40660
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40661
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40662
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-13090
Published : June 10, 2025, 11:15 a.m. | 52 minutes ago
Description : A privilege escalation vulnerability may enable a service account to elevate its privileges.
The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account.
It is important to note that no such vector has been identified in this instance.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-13089
Published : June 10, 2025, 11:15 a.m. | 52 minutes ago
Description : An OS command injection vulnerability within the update functionality may allow an authenticated administrator to execute unauthorized arbitrary OS commands.
Users with administrative privileges may upload update packages to upgrade the versions of Nozomi Networks Guardian and CMC.
While these updates are signed and their signatures are validated prior to installation, an improper signature validation check has been identified.
This issue could potentially enable users to execute commands remotely on the appliance, thereby impacting confidentiality, integrity, and availability.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-41657
Published : June 10, 2025, 11:15 a.m. | 52 minutes ago
Description : Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49454
Published : June 10, 2025, 1:15 p.m. | 31 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in LoftOcean TinySalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a before 3.10.0.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49455
Published : June 10, 2025, 1:15 p.m. | 31 minutes ago
Description : Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49507
Published : June 10, 2025, 1:15 p.m. | 31 minutes ago
Description : Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection.This issue affects CozyStay: from n/a before 1.7.1.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1041
Published : June 10, 2025, 6:15 a.m. | 2 hours, 59 minutes ago
Description : An improper input validation discovered in
Avaya Call Management System
could allow an unauthorized
remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4840
Published : June 10, 2025, 6:15 a.m. | 3 hours, 29 minutes ago
Description : The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4954
Published : June 10, 2025, 6:15 a.m. | 3 hours, 29 minutes ago
Description : The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary files such as PHP on the server
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-27818
Published : June 10, 2025, 8:15 a.m. | 1 hour, 29 minutes ago
Description : A possible security vulnerability has been identified in Apache Kafka.
This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config
and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0).
When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`
property for any of the connector’s Kafka clients to “com.sun.security.auth.module.LdapLoginModule”, which can be done via the
`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.
This will allow the server to connect to the attacker’s LDAP server
and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.
Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.
Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box
configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector
client override policy that permits them.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property (“-Dorg.apache.kafka.disallowed.login.modules”) to disable the problematic login modules usage
in SASL JAAS configuration. Also by default “com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule” are disabled in Apache Kafka Connect 3.9.1/4.0.0.
We advise the Kafka users to validate connector configurations and only allow trusted LDAP configurations. Also examine connector dependencies for
vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,
in addition to leveraging the “org.apache.kafka.disallowed.login.modules” system property, Kafka Connect users can also implement their own connector
client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-27819
Published : June 10, 2025, 8:15 a.m. | 1 hour, 29 minutes ago
Description : In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.
Since Apache Kafka 3.4.0, we have added a system property (“-Dorg.apache.kafka.disallowed.login.modules”) to disable the problematic login modules usage in SASL JAAS configuration. Also by default “com.sun.security.auth.module.JndiLoginModule” is disabled in Apache Kafka 3.4.0, and “com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule” is disabled by default in in Apache Kafka 3.9.1/4.0.0
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-27817
Published : June 10, 2025, 8:15 a.m. | 1 hour, 29 minutes ago
Description : A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including “sasl.oauthbearer.token.endpoint.url” and “sasl.oauthbearer.jwks.endpoint.url”. Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the “sasl.oauthbearer.token.endpoint.url” and “sasl.oauthbearer.jwks.endpoint.url” configuratin to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property (“-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls”) to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5945
Published : June 10, 2025, 8:15 a.m. | 1 hour, 29 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3112
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an
authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…