CVE ID : CVE-2025-49080 Published : June 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago Description : There is a memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54. Attackers with network access to the server can cause a Denial of Service by sending a specially crafted sequence of packets to the…

CVE ID : CVE-2024-55567 Published : June 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago Description : Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to…

CVE ID : CVE-2023-45256 Published : June 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago Description : Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php. Severity: 0.0 |…

CVE ID : CVE-2025-49467 Published : June 12, 2025, 4:15 p.m. | 3 hours, 28 minutes ago Description : A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges. Severity: 0.0 | NA Visit the…

CVE ID : CVE-2025-46035 Published : June 12, 2025, 4:15 p.m. | 3 hours, 28 minutes ago Description : Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint Severity: 7.5 | HIGH…

CVE ID : CVE-2025-36573 Published : June 12, 2025, 4:15 p.m. | 3 hours, 28 minutes ago Description : Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure. Severity: 7.1 | HIGH Visit the…

CVE ID : CVE-2025-49199 Published : June 12, 2025, 3:15 p.m. | 3 hours, 28 minutes ago Description : The backup ZIPs are not signed by the application, leading to the possibility that an attacker can download a backup ZIP, modify and re-upload it. This allows the attacker to disrupt the application by configuring the services in…

CVE ID : CVE-2025-49181 Published : June 12, 2025, 2:15 p.m. | 4 hours, 28 minutes ago Description : Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to modify the log files’ root path as well as the…

CVE ID : CVE-2025-4278 Published : June 12, 2025, 10:16 a.m. | 8 hours, 27 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions starting with 18.0 before 18.0.2. Under certain conditions html injection in new search page could lead to account takeover. Severity: 8.7 | HIGH Visit the link for…

CVE ID : CVE-2025-2254 Published : June 12, 2025, 10:16 a.m. | 8 hours, 27 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks. Severity: 8.7 |…