Total
400 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59957 | 1 Juniper | 1 Junos Os | 2025-10-10 | 6.8 Medium |
| An Origin Validation Error vulnerability in an insufficient protected file of Juniper Networks Junos OS on EX4600 Series and QFX5000 Series allows an unauthenticated attacker with physical access to the device to create a backdoor which allows complete control of the system. When a device isn't configured with a root password, an attacker can modify a specific file. It's contents will be added to the Junos configuration of the device without being visible. This allows for the addition of any configuration unknown to the actual operator, which includes users, IP addresses and other configuration which could allow unauthorized access to the device. This exploit is persistent across reboots and even zeroization. The indicator of compromise is a modified /etc/config/<platform>-defaults[-flex].conf file. Review that file for unexpected configuration statements, or compare it to an unmodified version which can be extracted from the original Juniper software image file. For details on the extraction procedure please contact Juniper Technical Assistance Center (JTAC). To restore the device to a trusted initial configuration the system needs to be reinstalled from physical media. This issue affects Junos OS on EX4600 Series and QFX5000 Series: * All versions before 21.4R3, * 22.2 versions before 22.2R3-S3. | ||||
| CVE-2025-42706 | 2 Crowdstrike, Microsoft | 2 Falcon, Windows | 2025-10-09 | 6.5 Medium |
| A logic error exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility (LTV) sensors. There is no indication of exploitation of these issues in the wild. Our threat hunting and intelligence teams are actively monitoring for exploitation and we maintain visibility into any such attempts. The Falcon sensor for Mac, the Falcon sensor for Linux and the Falcon sensor for Legacy Systems are not impacted by this. CrowdStrike was made aware of this issue through our HackerOne bug bounty program. It was discovered by Cong Cheng and responsibly disclosed. | ||||
| CVE-2025-59159 | 1 Sillytavern | 1 Sillytavern | 2025-10-08 | 9.7 Critical |
| SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing attackers to perform actions like install malicious extensions, read chats, inject arbitrary HTML for phishing attacks, etc. The vulnerability has been patched in the version 1.13.4 by introducing a server configuration setting that enables a validation of host names in inbound HTTP requests according to the provided list of allowed hosts: `hostWhitelist.enabled` in config.yaml file or `SILLYTAVERN_HOSTWHITELIST_ENABLED` environment variable. While the setting is disabled by default to honor a wide variety of existing user configurations and maintain backwards compatibility, existing and new users are encouraged to review their server configurations and apply necessary changes to their setup, especially if hosting over the local network while not using SSL. | ||||
| CVE-2025-11304 | 1 Codecanyon | 1 Mentor Lms | 2025-10-06 | 6.3 Medium |
| A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-30360 | 1 Webpack.js | 1 Webpack-dev-server | 2025-10-03 | 6.5 Medium |
| webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source code may be stolen when you access a malicious web site with non-Chromium based browser. The `Origin` header is checked to prevent Cross-site WebSocket hijacking from happening, which was reported by CVE-2018-14732. But webpack-dev-server always allows IP address `Origin` headers. This allows websites that are served on IP addresses to connect WebSocket. An attacker can obtain source code via a method similar to that used to exploit CVE-2018-14732. Version 5.2.1 contains a patch for the issue. | ||||
| CVE-2025-53600 | 2 Naver, Navercorp | 2 Whale Browser, Whale | 2025-10-01 | 7.5 High |
| Whale browser before 4.32.315.22 allow an attacker to bypass the Same-Origin Policy in a dual-tab environment. | ||||
| CVE-2023-40547 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-10-01 | 8.3 High |
| A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. | ||||
| CVE-2025-59845 | 1 Apollographql | 2 Apollo Explorer, Apollo Sandbox | 2025-09-29 | 8.2 High |
| Apollo Studio Embeddable Explorer & Embeddable Sandbox are website embeddable software solutions from Apollo GraphQL. Prior to Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3, a cross-site request forgery (CSRF) vulnerability was identified. The vulnerability arises from missing origin validation in the client-side code that handles window.postMessage events. A malicious website can send forged messages to the embedding page, causing the victim’s browser to execute arbitrary GraphQL queries or mutations against their GraphQL server while authenticated with the victim’s cookies. This issue has been patched in Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3. | ||||
| CVE-2025-56648 | 1 Parceljs | 1 Parcel | 2025-09-26 | 6.5 Medium |
| npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them. | ||||
| CVE-2024-2182 | 1 Redhat | 1 Enterprise Linux | 2025-09-26 | 6.5 Medium |
| A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. | ||||
| CVE-2025-20364 | 1 Cisco | 4 Aironet, Aironet Access Point, Aironet Access Point Software and 1 more | 2025-09-25 | 4.3 Medium |
| A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point (AP) Software could allow an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This vulnerability is due to insufficient verification checks of incoming 802.11 action frames. An attacker could exploit this vulnerability by sending 802.11 Device Analytics action frames with arbitrary parameters. A successful exploit could allow the attacker to inject Device Analytics action frames with arbitrary information, which could modify the Device Analytics data of valid wireless clients that are connected to the same wireless controller. | ||||
| CVE-2025-10201 | 2 Google, Linux | 5 Android, Chrome, Chrome Os and 2 more | 2025-09-22 | 8.8 High |
| Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-57965 | 1 Axios | 1 Axios | 2025-09-19 | 0 Low |
| In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability. | ||||
| CVE-2025-24010 | 1 Vitejs | 1 Vite | 2025-09-19 | 6.5 Medium |
| Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation on the Origin header for WebSocket connections. This vulnerability is fixed in 6.0.9, 5.4.12, and 4.5.6. | ||||
| CVE-2024-51037 | 2 Kalcaddle, Kodcloud | 2 Kodbox, Kodbox | 2025-09-16 | 5.3 Medium |
| An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function. | ||||
| CVE-2025-51605 | 1 Shopizer | 1 Shopizer | 2025-09-12 | 8.1 High |
| An issue was discovered in Shopizer 3.2.7. The server's CORS implementation reflects the client-supplied Origin header verbatim into Access-Control-Allow-Origin without any whitelist validation, while also enabling Access-Control-Allow-Credentials: true. This allows any malicious origin to make authenticated cross-origin requests and read sensitive responses. | ||||
| CVE-2025-10193 | 1 Neo4j | 2 Cypher Mcp Server, Neo4j | 2025-09-12 | N/A |
| DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend sufficient time there for DNS rebinding to succeed. | ||||
| CVE-2025-9636 | 1 Pgadmin | 2 Pgadmin, Pgadmin 4 | 2025-09-11 | 7.9 High |
| pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation. | ||||
| CVE-2025-5824 | 1 Autel | 18 Maxicharger Ac Elite Business C50, Maxicharger Ac Elite Business C50 Firmware, Maxicharger Ac Pro and 15 more | 2025-09-10 | 7.5 High |
| Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Wallbox Commercial. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the handling of bluetooth pairing requests. The issue results from insufficient validation of the origin of commands. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26353. | ||||
| CVE-2024-13068 | 1 Akinsoft | 1 Limondesk | 2025-09-04 | 7.3 High |
| Origin Validation Error vulnerability in Akinsoft LimonDesk allows Forceful Browsing.This issue affects LimonDesk: from s1.02.14 before v1.02.17. | ||||