Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.2 CVE-2025-33038

Qsync Central_CVE-2025-33038

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vuln...

QNAP Systems Inc. Qsync Central 4.5.x.x CVE
HIGH 7 CVE-2025-52861

VioStor_CVE-2025-52861

A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an administrator account, they can then exploit the ...

QNAP Systems Inc. VioStor 5.1.0 CVE
HIGH 8 CVE-2025-55177

CVE-2025-55177_CVE-2025-55177

Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78,...

Facebook WhatsApp Desktop for Mac 2.22.25.2 CVE
HIGH 7.3 CVE-2025-5808

Authentication Bypass vulnerability discovered in the OpenText™ Self-Service Password Reset_CVE-2025-5808

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Passwo...

OpenText Self Service Password Reset 4.8 CVE
HIGH 8 F56D245E-F907-

Exploit for Link Following in Git-Scm Git_F56D245E-F907-5073-A7A2-F4F2B7E65489

CVE-2025-48384: Breaking git with a carriage return and...

N/A N/A GITHUBEXPLOIT
HIGH 10 893307A6-B119-

Exploit for Deserialization of Untrusted Data in Pyyaml_893307A6-B119-5FE5-9ECB-81FB8694DC6B

Vulnerable Python Project ⚠️ WARNING: This...

N/A N/A GITHUBEXPLOIT
HIGH 7.5 THN:2846E849DA8...

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page_THN:2846E849DA8C43F7A4DEA51B6CBBA4F9

![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) Click Studios, the develop...

N/A N/A THN
HIGH 7.1 CVE-2025-53507

CVE-2025-53507_CVE-2025-53507

Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration informati...

iND Co.,Ltd HL330-DLS (for module MC7700) firmware version 1.03 and earlier CVE
HIGH 8.6 CVE-2025-53508

CVE-2025-53508_CVE-2025-53508

Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and ...

iND Co.,Ltd HL330-DLS (for module MC7700) firmware version 1.03 and earlier CVE
HIGH 8.7 CVE-2025-8858

Changing|Clinic Image System – SQL Injection_CVE-2025-8858

Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL comm...

Changing Clinic Image System CVE