PT-2025-37444

Name of the Vulnerable Software and Affected Versions: Gotac Statistical Database System affected versions not specified Description: The Gotac Statistical Database System has a Missing Authentication vulnerability. This allows unauthenticated remote attackers to read, modify, and delete database...

CVE-2025-9214

A missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service...

CVE-2025-10267

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side...

CVE-2025-10267

CVE-2025-10267 affects the NUP Portal by NewType Infortech. The issue is missing authentication, allowing unauthenticated remote attackers to upload files. If file extension restrictions are bypassed, attackers could upload a webshell and execute it on the server side. Modeled across multiple fee...

CVE-2025-10267 NewType Infortech｜NUP Portal - Missing Authentication

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side...

CVE-2025-10267 NewType Infortech｜NUP Portal - Missing Authentication

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side...

CVE-2025-56578

An issue in RTSPtoWeb v.2.4.3 allows a remote attacker to obtain sensitive information and executearbitrary code via the lack of authentication mechanisms...

PT-2025-37302

Name of the Vulnerable Software and Affected Versions: NUP Portal affected versions not specified Description: The NUP Portal application developed by NewType Infortech suffers from a missing authentication issue. This allows unauthenticated remote attackers to directly upload files to the system...

CVE-2025-9214

A missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service...

CVE-2025-9214

CVE-2025-9214 describes a missing authentication vulnerability in Lenovo printers that could allow an attacker to view limited device information or modify network settings via the CUPS service. The issue affects Lenovo printers (via CUPS) and is rooted in a lack of authentication, enabling adjac...

CVE-2025-9214

A missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service...

CVE-2025-9214

A missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service...

PT-2025-37262

Name of the Vulnerable Software and Affected Versions: Lenovo printers affected versions not specified Description: A missing authentication vulnerability exists in some Lenovo printers. This vulnerability could allow a user to view limited device information or modify network settings via the CU...

CVE-2025-42958 Missing Authentication check in SAP NetWeaver

Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a high impact on the...

CVE-2025-42958 Missing Authentication check in SAP NetWeaver

Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a high impact on the...

CVE-2025-42926 Missing Authentication check in SAP NetWeaver Application Server Java

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker attempts to access internal files within the web application.Upon successfully exploitation, an unauthenticated attacker could access these files to gather additional sensitive information about the...

CVE-2025-42926 Missing Authentication check in SAP NetWeaver Application Server Java

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker attempts to access internal files within the web application.Upon successfully exploitation, an unauthenticated attacker could access these files to gather additional sensitive information about the...

CVE-2025-42926

CVE-2025-42926 concerns SAP NetWeaver Application Server Java. The issue is a missing authentication check that could let an unauthenticated attacker access internal web-app files via network access. Per the sources, the impact is limited to confidentiality (low), with no stated effects on integr...

PT-2025-36563

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver affected versions not specified Description: A missing authentication check in the SAP NetWeaver application on IBM i-series allows unauthorized users with high privileges to read, modify, or delete sensitive information, and...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-24363link is external TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability CVE-2025-55177link is external Meta Platforms WhatsApp...