CVE ID : CVE-2025-5012 Published : June 12, 2025, 6:15 a.m. | 12 hours, 29 minutes ago Description : The Workreap plugin for WordPress, used by the Workreap – Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the ‘workreap_temp_upload_to_media’ function in all versions up to, and including, 3.3.2.…

CVE ID : CVE-2025-4973 Published : June 12, 2025, 6:15 a.m. | 12 hours, 29 minutes ago Description : The Workreap plugin for WordPress, used by the Workreap – Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user’s…

CVE ID : CVE-2025-40912 Published : June 11, 2025, 6:15 p.m. | 1 day ago Description : CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode. CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362. Severity: 9.8 | CRITICAL…

CVE ID : CVE-2025-6001 Published : June 11, 2025, 5:15 p.m. | 1 day, 1 hour ago Description : A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into…

CVE ID : CVE-2025-49146 Published : June 11, 2025, 3:15 p.m. | 1 day, 3 hours ago Description : pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow connections to proceed…

CVE ID : CVE-2025-48446 Published : June 11, 2025, 3:15 p.m. | 1 day, 3 hours ago Description : Incorrect Authorization vulnerability in Drupal Commerce Alphabank Redirect allows Functionality Misuse.This issue affects Commerce Alphabank Redirect: from 0.0.0 before 1.0.3. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and…

CVE ID : CVE-2025-48445 Published : June 11, 2025, 3:15 p.m. | 1 day, 3 hours ago Description : Incorrect Authorization vulnerability in Drupal Commerce Eurobank (Redirect) allows Functionality Misuse.This issue affects Commerce Eurobank (Redirect): from 0.0.0 before 2.1.1. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and…

CVE ID : CVE-2025-4922 Published : June 11, 2025, 2:15 p.m. | 1 day, 4 hours ago Description : Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14. Severity:…

CVE ID : CVE-2025-40914 Published : June 11, 2025, 2:15 p.m. | 1 day, 4 hours ago Description : Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328. Severity: 9.8 | CRITICAL…

CVE ID : CVE-2025-32711 Published : June 11, 2025, 2:15 p.m. | 1 day, 4 hours ago Description : Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source