| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Yealink RPS before 2025-06-27 allows unauthorized access to information, including AutoP URL addresses. This was fixed by deploying an enhanced authentication mechanism through a security update to all cloud instances. |
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack without checking its length. An authenticated attacker can get RCE as root by exploiting this vulnerability. |
| The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the dfxp file. This issue affects only Apache-based environments, where dfxp files are handled by default. |
| A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied. |
| Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted IPT file. |
| A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability. |
| A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SIMOCODE ES V19 (All versions < V19 Update 1), SIRIUS Safety ES V19 (TIA Portal) (All versions < V19 Update 1), SIRIUS Soft Starter ES V19 (TIA Portal) (All versions < V19 Update 1), TIA Administrator (All versions < V3.0.4). Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout. |
| The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'stars-testimonials-with-slider-and-masonry-grid' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included. |
| The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource. |
| Authorization Bypass Through User-Controlled Key vulnerability in Pik Online Yazılım Çözümleri A.Ş. Pik Online allows Exploitation of Trusted Identifiers.This issue affects Pik Online: before 3.1.5. |
| A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods. |
| Server-Side Request Forgery (SSRF) vulnerability in Pik Online Yazılım Çözümleri A.Ş. Pik Online allows Server Side Request Forgery.This issue affects Pik Online: before 3.1.5. |
| An code execution vulnerability exists in the Xiaomi smarthome application product. The vulnerability is caused by improper input validation and can be exploited by attackers to execute malicious code. |
| lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting (XSS) on the /tools/Password/add page in the input field password. |
| The WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin for WordPress is vulnerable arbitrary SQL Execution and privilege escalation due to a missing capability check on the renderImport() function in all versions up to, and including, 4.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary SQL statements that can leveraged to create a new administrative user account. |
| A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by improper input validation and can be exploited by attackers to execute malicious code. |
| A vulnerability classified as critical has been found in REVE Antivirus 1.0.0.0 on Linux. This affects an unknown part of the file /usr/local/reveantivirus/tmp/reveinstall. The manipulation leads to incorrect default permissions. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| The Xiaomi Security Center expresses heartfelt thanks to Ken Gannon and Ilyes Beghdadi of NCC Group working with Trend Micro Zero Day Initiative! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life. |
| The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. |
| Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file. |
