CVE-2025-67999

Technical details for CVE-2025-67999 are not provided in the supplied documents. Monitor for updates; the materials do not specify affected product versions, impact, or remediation.

CVE-2025-67999 WordPress Newsletter plugin <= 9.0.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

PT-2025-12767 · WordPress · Teachpress

Name of the Vulnerable Software and Affected Versions: teachPress plugin for WordPress versions up to, and including, 9.0.9 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the "import.php" page. This allows unauthenticated attackers ...

CVE-2024-29946 Risky command safeguards bypass in Dashboard Examples Hub

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into...

PT-2024-2533 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.1 Splunk Enterprise versions prior to 9.1.4 Splunk Enterprise versions prior to 9.0.9 Description: The issue is related to the lack of protections for risky SPL commands in the Dashboard Examples Hub...

Grafana 8.5.0 < 8.5.13, 9.0.0 < 9.0.9, 9.1.0 < 9.1.6 Privilege Escalation Vulnerability (GHSA-p978-56hq-r492)

Grafana is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:grafana:grafana"; if...

CVE-2020-2034 — PAN-OS: OS command injection vulnerability in GlobalProtect portal

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if...

Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability - Windows

Apache Tomcat is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...

Apache Tomcat Security Restriction Bypass Vulnerability (CNVD-2018-15543)

Tomcat server is a free and open source web application server that is a lightweight application server. A security bypass vulnerability exists in Apache Tomcat versions 7.0.25 through 7.0.88, 8.5.0 through 8.5.31, and 9.0.0.M1 and 9.0.9. A remote attacker could use this vulnerability to bypass...