| CVE |
CVSS |
Git URL |
Published |
Description |
| CVE-2025-47949 |
- |
https://github.com/tngan/samlify/commit/115679acd89f0a37ea3ebd8fff7db54fca3e8af3 |
2025-05-19T20:15:26.287 |
samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fixes the issue. |
| CVE-2025-47935 |
7.5 |
https://github.com/expressjs/multer/pull/1120 |
2025-05-19T20:15:25.863 |
Multer is a node.js middleware for handling `multipart/form-data`. Versions prior to 2.0.0 are vulnerable to a resource exhaustion and memory leak issue due to improper stream handling. When the HTTP request stream emits an error, the internal `busboy` stream is not closed, violating Node.js stream safety guidance. This leads to unclosed streams accumulating over time, consuming memory and file descriptors. Under sustained or repeated failure conditions, this can result in denial of service, requiring manual server restarts to recover. All users of Multer handling file uploads are potentially impacted. Users should upgrade to 2.0.0 to receive a patch. No known workarounds are available. |
| CVE-2025-4866 |
6.3 |
https://github.com/weibocom/rill-flow/issues/102 |
2025-05-18T08:15:18.440 |
A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical. Affected is an unknown function of the component Management Console. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-47945 |
9.1 |
https://github.com/donetick/donetick/commit/b9a6e177eefdc605dedbc5320f0d93d6573d1db6 |
2025-05-17T19:15:46.523 |
Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens (JWT) for authentication, but the signing secret has a weak default value. While the responsibility is left to the system administrator to change it, this approach is inadequate. The vulnerability is proven by existence of the issue in the live version as well. This issue can result in full account takeover of any user. Version 0.1.44 contains a patch. |
| CVE-2025-48014 |
7.5 |
authentication,bypass |
2025-05-20T16:15:35.007 |
Password guessing limits could be bypassed when using LDAP authentication. |
| CVE-2025-41225 |
8.8 |
execution,command |
2025-05-20T15:16:07.527 |
The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server. |
| CVE-2025-26086 |
7.5 |
remote,unauthenticated,authentication,sensitive |
2025-05-20T15:16:07.023 |
An unauthenticated blind SQL injection vulnerability exists in RSI Queue Management System v3.0 within the TaskID parameter of the get request handler. Attackers can remotely inject time-delayed SQL payloads to induce server response delays, enabling time-based inference and iterative extraction of sensitive database contents without authentication. |
| CVE-2025-47941 |
7.2 |
authentication,bypass |
2025-05-20T14:15:51.093 |
TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, the multifactor authentication (MFA) dialog presented during backend login can be bypassed due to insufficient enforcement of access restrictions on all backend routes. Successful exploitation requires valid backend user credentials, as MFA can only be bypassed after successful authentication. Users should update to TYPO3 version 12.4.31 LTS or 13.4.12 LTS to fix the problem. |
| CVE-2025-4978 |
9.8 |
remote,authentication |
2025-05-20T13:15:48.680 |
A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1.00.15NA. This affects an unknown part of the file /BRS_top.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure. |
| CVE-2025-30072 |
7.6 |
authentication,bypass |
2025-05-19T15:15:23.470 |
Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to physical Access to the protected facilities without triggering an alarm. |
| CVE-2025-41429 |
4.8 |
remote,unauthenticated |
2025-05-19T09:15:25.160 |
a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remote unauthenticated attacker may hijack a legitimate user's session. |
| CVE-2025-36560 |
8.6 |
remote,unauthenticated,sensitive |
2025-05-19T09:15:24.987 |
Server-side request forgery vulnerability exists in a-blog cms multiple versions. If this vulnerability is exploited, a remote unauthenticated attacker may gain access to sensitive information by sending a specially crafted request. |
| CVE-2025-47751 |
7.8 |
execution,command |
2025-05-19T08:15:22.310 |
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution. |
| CVE-2025-46801 |
9.8 |
authentication,bypass |
2025-05-19T08:15:21.840 |
Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by primary weakness vulnerability. if the vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/or disable the database. |
| CVE-2025-23123 |
10.0 |
remote,execution |
2025-05-19T02:15:17.147 |
A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and earlier) firmware. |
| CVE-2025-4872 |
7.3 |
remote,command |
2025-05-18T11:15:48.523 |
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component CCC Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4871 |
7.3 |
remote,command |
2025-05-18T11:15:47.560 |
A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component REST Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4859 |
2.4 |
remote,bypass |
2025-05-18T05:15:16.977 |
A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. It has been rated as problematic. This issue affects some unknown processing of the file /adv_macbypass.php of the component MAC Bypass Settings Page. The manipulation of the argument f_mac leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer. |
| CVE-2025-4852 |
2.4 |
remote,vpn |
2025-05-18T04:15:28.157 |
A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4851 |
6.3 |
remote,command |
2025-05-18T04:15:23.360 |
A vulnerability classified as critical was found in TOTOLINK N300RH 6.1c.1390_B20191101. This vulnerability affects the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4850 |
6.3 |
remote,command |
2025-05-18T03:15:23.280 |
A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390_B20191101. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4849 |
6.3 |
remote,command |
2025-05-18T03:15:23.087 |
A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been rated as critical. Affected by this issue is the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4848 |
7.3 |
remote,command |
2025-05-18T03:15:22.080 |
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RECV Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4847 |
7.3 |
remote,command |
2025-05-18T02:15:18.063 |
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component MLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4846 |
7.3 |
remote,command |
2025-05-18T01:15:18.657 |
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MPUT Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4845 |
7.3 |
remote,command |
2025-05-18T01:15:18.477 |
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component TRACE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-4844 |
7.3 |
remote,command |
2025-05-18T00:15:18.987 |
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |