PT-2025-26951

Name of the Vulnerable Software and Affected Versions: System Information Reporter versions 1.0.3 and prior Description: The issue allows a local user to manipulate the location of registry backup files by creating a junction symlink, potentially overwriting system files. This can be achieved by...

CVE-2025-52880

Komga (media server for comics/manga/eBooks) has a documented XSS vulnerability in EPUB handling affecting versions 1.8.0–1.21.3. The flaw lets an attacker perform actions on the victim via crafted EPUBs, and when an admin user is targeted, it can combine with server-side commands to achieve arbi...

CVE-2025-50054

Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash...

Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)

Titles: Microsoft Excel LTSC 2024 - Remote Code Execution RCE Author: nu11secur1ty Date: 06/16/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 CVE-2025-47957 Versions: Microsoft...

CVE-2025-3899

CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists in Certificates page on Webserver that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser...

CVE-2025-33112

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input...

CVE-2025-27754 Extension - rsjoomla.com - A stored XSS vulnerability RSBlog! component 1.11.6 - 1.14.4 for Joomla

A stored XSS vulnerability in RSBlog! component 1.11.6 - 1.14.4 for Joomla was discovered. The vulnerability allows authenticated users to inject malicious JavaScript into the plugin's resource. The injected payload is stored by the application and later executed when other users view the affecte...

CVE-2025-27445 Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

CVE-2025-0819

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue...

CVE-2025-36564

Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...

CVE-2025-48480 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an authorized user with the administrator role or with the privilege User::PERMEDITUSERS can create a user, specifying the path to the user's avatar ../.htaccess during creation, and then delete the user's...

CVE-2025-20086

Mattermost versions 10.2.x = 10.2.0, 9.11.x = 9.11.5, 10.0.x = 10.0.3, 10.1.x = 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...

CVE-2024-6723

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

CVE-2024-55653

PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...

CVE-2024-40614

EGroupware before 23.1.20240624 mishandles an ORDER BY clause. This leads to json.php?menuaction=EGroupware\Api\Etemplate\Widget\Nextmatch::ajaxgetrows sort.id SQL injection by authenticated users for Address Book or InfoLog sorting...

CVE-2024-47102

IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service...

CVE-2024-56087

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while querying Search Template Dashboard. These are executed, leading to Server-Side Template Injection...

CVE-2023-45169

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the pmsvcs kernel extension to cause a denial of service. IBM X-Force ID: 267967...

CVE-2023-28044

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...

CVE-2023-28528

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207...