Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2025-29745

CVE-2025-29745_CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 ha...

n/a n/a n/a CVE
HIGH 7.4 CVE-2025-43979

CVE-2025-43979_CVE-2025-43979

An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN that allows authenticated attackers to execute arbitrary OS system commands ...

n/a n/a n/a CVE
HIGH 7.1 CVE-2025-7674

navify Monitoring API input validation_CVE-2025-7674

Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker to manipulate input data, which may lead to a den...

Roche Diagnostics navify Monitoring CVE
HIGH 8.6 CVE-2025-54254

Adobe Experience Manager | Improper Restriction of XML External Entity Reference (‘XXE’) (CWE-611)_CVE-2025-54254

Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability...

Adobe Adobe Experience Manager CVE
HIGH 7.4 CVE-2025-43978

CVE-2025-43978_CVE-2025-43978

Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1.36 devices allow (blind) OS command injection. Multiple endpoints are vulnerable, including /ubus/?f...

n/a n/a n/a CVE
HIGH 7.7 CVE-2025-53534

RatPanel can perform remote command execution without authorization_CVE-2025-53534

RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path ...

tnb-labs panel >= 2.3.19, < 2.5.6 CVE
HIGH 8.7 CVE-2025-54125

XWiki Platform: Password and email exposure in xml.vm fields_CVE-2025-54125

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki P...

xwiki xwiki-platform >= 1.1, < 16.4.7 CVE
HIGH 7.1 CVE-2025-54124

XWiki Platform: Any user with editing rights can access password properties through Database List Properties_CVE-2025-54124

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki P...

xwiki xwiki-platform >= 9.8-rc-1, < 16.4.7 CVE
HIGH 8.7 CVE-2025-54884

Vision UI security-kit.js: Potential Uncontrolled Resource Allocation Vulnerability_CVE-2025-54884

Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId a...

DavidOsipov Vision-ui < 1.5.0 CVE
HIGH 8.7 CVE-2025-54801

Fiber Susceptible to Crash via `BodyParser` Due to Unvalidated Large Slice Index in Decoder_CVE-2025-54801

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data contai...

gofiber fiber < 2.52.9 CVE