SurrealDB has local file read of 2-column TSV files via analyzers

An authenticated system user at the root, namespace, or database levels can use the DEFINE ANALYZER statement to point to arbitrary file locations on the file system, and should the file be tab separated with two columns, the analyzer can be leveraged to exfiltrate the content. This issue was...

SurrealDB vulnerable to memory exhaustion via nested functions and scripts

In order to prevent DoS situations due to infinite recursions, SurrealDB implements a limit of nested calls for both native functions and embedded JavaScript functions. However, in SurrealDB instances with embedded scripting functions enabled, it was found that this limit can be circumvented by...

GHSA-5XQW-8HWV-WG92 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

A Helm contributor discovered that a specially crafted JSON Schema within a chart can lead to a stack overflow. Impact A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack...

CVE-2025-32395 Vite has an `server.fs.deny` bypass with an invalid `request-target`

Vite is a frontend tooling framework for javascript. Prior to 6.2.6, 6.1.5, 6.0.15, 5.4.18, and 4.5.13, the contents of arbitrary files can be returned to the browser if the dev server is running on Node or Bun. HTTP 1.1 spec RFC 9112 does not allow in request-target. Although an attacker can sen...

ibexa/fieldtype-richtext allows access to external entities in XML

Impact This security advisory resolves a vulnerability in the RichText field type. By entering a maliciously crafted input into the RichText XML, an attacker could perform an attack using XML external entity XXE injection, which might be able to read files on the server. To exploit this...

Security Bulletin: There is a vulnerability in pandas-2.2.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-9880)

Summary There is a vulnerability in pandas-2.2.3-cp311-cp311-manylinux217x8664.manylinux2014x8664.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-9880 DESCRIPTION: Rejected reason: This CVE ID has been rejected or withdrawn by its CV...

PT-2025-16889 · Tp Link · Tp-Link M7000

Name of the Vulnerable Software and Affected Versions: TP-Link M7000 4G LTE Mobile Wi-Fi Router Firmware version 1.0.7 Build 180127 Rel.55998n Description: A SQL Injection vulnerability exists in the TP-Link M7000 4G LTE Mobile Wi-Fi Router Firmware, allowing an unauthenticated attacker to inject...

PT-2025-16019 · Crates.Io · Surrealdb

An authenticated system user at the root, namespace, or database levels can use the DEFINE ANALYZER statement to point to arbitrary file locations on the file system, and should the file be tab separated with two columns, the analyzer can be leveraged to exfiltrate the content. This issue was...

GitLab 13.12 < 17.8.7 / 17.9 < 17.9.6 / 17.10 < 17.10.4 (CVE-2025-2408)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 13.12 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. Under certain conditions users could bypass IP access...

Windows App Client < 2.0.379.0 RCE Vulnerability (Apr 2025) - Windows

Windows App Client is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2025-15972 · Videx · Videx Cyberaudit-Web

Name of the Vulnerable Software and Affected Versions: Videx CyberAudit-Web versions prior to 9.5 Description: An authentication bypass issue was found, allowing an attacker to create a valid session without credentials by exploiting a logic flaw. Recommendations: For versions prior to 9.5, updat...

100,000 WordPress Sites Affected by Administrative User Creation Vulnerability in SureTriggers WordPress Plugin

📢Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

CVE-2025-32379

Koa is expressive middleware for Node.js using ES2017 async functions. In koa 2.16.1 and 3.0.0-alpha.5, passing untrusted user input to ctx.redirect even after sanitizing it, may execute javascript code on the user who use the app. This issue is patched in 2.16.1 and 3.0.0-alpha.5...

WordPress ALD Login Page plugin <= 1.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin ALD Login Page versions = 1.1...

CVE-2025-32379

CVE-2025-32379 (Koa, Node.js): In koa &lt; 2.16.1 and

CVE-2025-1632 affecting package libarchive for versions less than 3.7.7-2

CVE-2025-1632 affecting package libarchive for versions less than 3.7.7-2. A patched version of the package is available...

GHSA-X2RG-Q646-7M2V Koajs vulnerable to Cross-Site Scripting (XSS) at ctx.redirect() function

Summary In koa 2.16.1 and 3.0.0-alpha.5, passing untrusted user input to ctx.redirect even after sanitizing it, may execute javascript code on the user who use the app. Patches This issue is patched in 2.16.1 and 3.0.0-alpha.5. PoC Coming soon... Impact 1. Redirect user to another phishing site 2...

PT-2025-15868 · Unknown · Codeastro Internet Banking System

Name of the Vulnerable Software and Affected Versions: Code Astro Internet Banking System version 2.0.0 Description: A Stored Cross-Site Scripting XSS issue exists in the name parameter of pages add acc type.php in the Code Astro Internet Banking System. This allows for malicious script execution...

PT-2025-15755

Name of the Vulnerable Software and Affected Versions: Koa versions prior to 2.16.1 Koa versions prior to 3.0.0-alpha.5 Description: The issue arises when passing untrusted user input to ctx.redirect, which can execute JavaScript code on the user's device, even after sanitizing the input...

CBL Mariner 2.0 Security Update: coredns / ig / keda (CVE-2025-29786)

The version of coredns / ig / keda installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...