Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2025-9257

Uniong|WebITR – Arbitrary File Reading through Path Traversal_CVE-2025-9257

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path ...

Uniong WebITR CVE
HIGH 8.4 CVE-2025-57699

CVE-2025-57699_CVE-2025-57699

Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the...

Western Digital Corporation Western Digital Kitfox for Windows prior to 1.1.1.1 CVE
HIGH 8 E4CD534E-7679-

Exploit for CVE-2025-55287_E4CD534E-7679-5628-B0A3-3D99942E68D8

CVE-2025-55287-POC Authenticated Stored Cross-Site Scripting (XSS)...

N/A N/A GITHUBEXPLOIT
HIGH 7.5 DD9F0CB7-934B-

Exploit for CVE-2025-8671_DD9F0CB7-934B-52BE-8F58-8F5D5BD311C3

PoC-CVE-2025-8671-MadeYouReset-HTTP-2 PoC para validar vulnerabilidade...

N/A N/A GITHUBEXPLOIT
HIGH 8.7 CVE-2025-41451

Post-Authentication OS Command Injection RCE in Danfoss AK-SM8xxA Series_CVE-2025-41451

Improper neutralization of alarm-to-mail configuration fields used in an OS shell Command ('Command Injection') in Danfoss AK-SM8xxA Series prior t...

Danfoss AK-SM8xxA Series CVE
HIGH 7.5 CVE-2025-52194

CVE-2025-52194_CVE-2025-52194

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. Th...

n/a n/a n/a CVE
HIGH 7.5 CVE-2025-27721

INFINITT Healthcare INFINITT PACS Exposure of Sensitive System Information to an Unauthorized Control Sphere_CVE-2025-27721

Unauthorized users can access INFINITT PACS System Manager without proper authorization, which could lead to unauthorized access to system resources.

INFINITT Healthcare INFINITT PACS System Manager CVE
HIGH 7.8 MS:CVE-2025-55230

Windows MBT Transport Driver Elevation of Privilege Vulnerability_MS:CVE-2025-55230

Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

N/A N/A MSCVE
HIGH 7.5 MS:CVE-2025-55231

Windows Storage-based Management Service Remote Code Execution Vulnerability_MS:CVE-2025-55231

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to e...

N/A N/A MSCVE
HIGH 8.8 MS:CVE-2025-9132

Chromium: CVE-2025-9132 Out of bounds write in V8_MS:CVE-2025-9132

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE