[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.] [@CveFindCom](/creator/twitter/CveFindCom) "CVE-2025-12104: CRITICAL Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.#cveCVE-2025-12104#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981211769453384006) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T04:11Z XXX followers, XX engagements "CVE-2025-12100: HIGH Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege Escalation.This issue affects BI Connector ODBC driver: from 1.0.0 through 1.4.6.#cveCVE-2025-12100#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981468185279766580) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T21:10Z XXX followers, XX engagements "CVE-2025-61934: CRITICAL Vulnerability in Productivity Suite v4.4.1.19 allows remote attackers to interact with ProductivityService PLC simulator compromising file security.#cveCVE-2025-61934#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981483234329280758) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T22:09Z XXX followers, XX engagements "CVE-2025-43995: CRITICAL Vulnerability found in Dell Storage Manager 20.1.21 could allow unauthorized remote access resulting in potential Authentication Bypass and Protection mechanism bypass.#cveCVE-2025-43995#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981732280566456808) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T14:39Z XXX followers, XX engagements "CVE-2025-62714: HIGH Authentication bypass vulnerability discovered in Karmada Dashboard API 0.2.0 exposes sensitive cluster data. Unauthenticated users can access Secrets and Services directly.#cveCVE-2025-62714#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981754901127422220) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T16:09Z XXX followers, XX engagements "CVE-2025-59975: HIGH Vulnerability in Juniper Networks Junos Space HTTP daemon allows unauthenticated attacker to perform DoS attack by flooding system with inbound API calls affecting multiple versions.#cveCVE-2025-59975#cybersecurity" [X Link](https://x.com/CveFindCom/status/1976319175862726827) [@CveFindCom](/creator/x/CveFindCom) 2025-10-09T16:09Z XXX followers, XX engagements "CVE-2025-59964: HIGH Critical Use of Uninitialized Resource flaw in Juniper Networks Junos OS on SRX4700 devices could allow network-based attacks causing a Denial of Service (DoS). Update Junos OS from a.#cveCVE-2025-59964#cybersecurity" [X Link](https://x.com/CveFindCom/status/1976319254258495732) [@CveFindCom](/creator/x/CveFindCom) 2025-10-09T16:10Z XXX followers, XX engagements "CVE-2025-11198: HIGH Critical vulnerability in Juniper Networks Security Director Policy Enforcer allows attackers to replace vSRX images. Update to version 23.1R1 Hotpatch v3 to protect against this issue.#cveCVE-2025-11198#cybersecurity" [X Link](https://x.com/CveFindCom/status/1976319299967947257) [@CveFindCom](/creator/x/CveFindCom) 2025-10-09T16:10Z XXX followers, XX engagements "CVE-2025-60004: HIGH A vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated attackers to trigger a DoS attack by sending a specific BGP EVPN update message over a BGP sess.#cveCVE-2025-60004#cybersecurity" [X Link](https://x.com/CveFindCom/status/1976326801006665920) [@CveFindCom](/creator/x/CveFindCom) 2025-10-09T16:40Z XXX followers, XX engagements "CVE-2025-59978: CRITICAL Critical: Vulnerability in Juniper Networks Junos Space allows attackers to execute commands with admin permissions due to an XSS flaw. Update to v24.1R4 to stay secure. #cybersecu.#cveCVE-2025-59978#cybersecurity" [X Link](https://x.com/CveFindCom/status/1976326890991276285) [@CveFindCom](/creator/x/CveFindCom) 2025-10-09T16:40Z XXX followers, XX engagements "CVE-2018-25118: CRITICAL Vulnerability alert: GeoVision IP devices like GV-BX1500 & GV-MFD1501 are susceptible to remote command injection via PictureCatch.cgi giving attackers control. Exploits detected.#cveCVE-2018-25118#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980388570205413534) [@CveFindCom](/creator/x/CveFindCom) 2025-10-20T21:40Z XXX followers, XXX engagements "CVE-2025-12004: CRITICAL Critical vulnerability in Wikimedia Foundation Mediawiki Lockdown Extension fixed in Mediawiki Core Action API. Allows Privilege Abuse due to Incorrect Permission Assignment.#cveCVE-2025-12004#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980524319722569736) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T06:39Z XXX followers, XXX engagements "CVE-2025-11949: HIGH Digiwin's EasyFlow .NET and EasyFlow AiNet have a Missing Authentication vulnerability enabling unauthorized access to database admin credentials remotely. #cybersecurity#cveCVE-2025-11949#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980531890663641312) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T07:09Z XXX followers, XXX engagements "CVE-2025-10020: CRITICAL Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component.#cveCVE-2025-10020#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980614843875959174) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T12:39Z XXX followers, XX engagements "CVE-2025-11625: CRITICAL Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials.#cveCVE-2025-11625#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980629950601265500) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T13:39Z XXX followers, XX engagements "CVE-2025-11534: CRITICAL The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials.#cveCVE-2025-11534#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980682826547593681) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T17:09Z XXX followers, XX engagements "CVE-2025-11757: HIGH Vulnerability in CloudEdge Cloud's MQTT topic input allows attackers to steal credentials and camera information. Secure your devices now #cybersecurity#cveCVE-2025-11757#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980690384528314857) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T17:39Z XXX followers, XX engagements "CVE-2025-60507: HIGH Beware of Cross Site Scripting (XSS) vulnerability in Moodle GeniAI plugin. An authenticated user can upload malicious PDFs with embedded JavaScript affecting other users' browsers.#cveCVE-2025-60507#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980698002952957980) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T18:09Z XXX followers, XXX engagements "CVE-2025-62481: CRITICAL Critical vulnerability in Oracle Marketing of Oracle E-Business Suite (ver. 12.2.3-12.2.14) allows network access attack. Exploitation could lead to complete system compromise.#cveCVE-2025-62481#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980728278668247372) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T20:09Z XXX followers, XX engagements "CVE-2025-61757: CRITICAL Critical vulnerability in Oracle Fusion Middleware's Identity Manager product (REST WebServices) versions 12.2.1.4.0 & 14.1.2.1.0. Exploitable by unauthenticated attackers via HTTP.#cveCVE-2025-61757#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980728386239533110) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T20:10Z XXX followers, XX engagements "CVE-2025-53072: CRITICAL Critical vulnerability in Oracle Marketing within E-Business Suite versions 12.2.3-12.2.14 allows attackers to compromise the system via HTTP. CVSS score 9.8; high impact.#cveCVE-2025-53072#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980728454069862620) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T20:10Z XXX followers, XX engagements "CVE-2025-53037: CRITICAL Critical vulnerability found in Oracle Financial Services Analytical Applications Infrastructure product allowing unauthenticated attackers to compromise the system with a CVSS B.#cveCVE-2025-53037#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980728581656326154) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T20:11Z XXX followers, XX engagements "CVE-2025-53036: HIGH Critical vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows unauthenticated attackers to compromise data. Update affected versions to secure systems.#cveCVE-2025-53036#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980728606599811583) [@CveFindCom](/creator/x/CveFindCom) 2025-10-21T20:11Z XXX followers, XX engagements "CVE-2025-22167: HIGH Critical Path Traversal vulnerability found in Jira Software versions 9.12.0 10.3.0 and 11.0.0 allows attackers to write arbitrary files. Atlassian urges immediate software updates.#cveCVE-2025-22167#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980803788710494264) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T01:09Z XXX followers, XXX engagements "CVE-2025-41719: HIGH Remote attacker exploiting vulnerability in webserver config can delete users & create admin with default password exposing device to cyber threats.#cveCVE-2025-41719#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980894349303939465) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T07:09Z XXX followers, XX engagements "CVE-2025-41723: CRITICAL The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.#cveCVE-2025-41723#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980901815366369686) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T07:39Z XXX followers, XX engagements "CVE-2025-41109: HIGH The Ghost Robotics Vision XX v0.27.2 robot has a cyber security vulnerability due to the lack of authentication when establishing connections through its RJ45 connectors and USB Type-C.#cveCVE-2025-41109#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980916817020223891) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T08:39Z XXX followers, XX engagements "CVE-2025-41108: CRITICAL Vulnerable communication protocol in Ghost Robotics Vision XX v0.27.2 enables attackers to take control. Lack of encryption and authentication allows easy unauthorized access.#cveCVE-2025-41108#cybersecurity" [X Link](https://x.com/CveFindCom/status/1980916843016499544) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T08:39Z XXX followers, XX engagements "CVE-2016-15048: CRITICAL Unauthenticated command injection vulnerability found in AMTT Hotel Broadband Operation System (HiBOS) allows attackers to execute arbitrary system commands. It's recommended to se.#cveCVE-2016-15048#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981007506697543942) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T14:39Z XXX followers, XX engagements "CVE-2025-57870: CRITICAL SQL Injection vulnerability in Esri ArcGIS Server XXXX XXXX XXXX for Windows Linux Kubernetes allows remote attackers to execute arbitrary commands on Enterprise Geodatabases.#cveCVE-2025-57870#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981015544250712188) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T15:11Z XXX followers, XX engagements "CVE-2025-62606: HIGH Critical SQL injection vulnerability discovered in my little forum prior to version 2.5.12 could allow attackers to execute arbitrary commands. Update to secure your forum now#cveCVE-2025-62606#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981022927240736788) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T15:40Z XXX followers, XX engagements "CVE-2025-40780: HIGH Weakness in BIND's PRNG allows attackers to predict source port & query ID. Vulnerable versions: BIND 9.16.0-9.16.50 9.18.0-9.18.39 9.20.0-9.20.13 9.21.0-9.21.12 9.16.8-S1-9.16.50-.#cveCVE-2025-40780#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981030466720350580) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T16:10Z XXX followers, XX engagements "CVE-2025-40778: HIGH BIND vulnerability allows attackers to inject forged data into the cache in versions 9.11.0-9.16.50 9.18.0-9.18.39 9.20.0-9.20.13 and 9.21.0-9.21.12. #cybersecurity#cveCVE-2025-40778#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981030493312131245) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T16:10Z XXX followers, XX engagements "CVE-2025-11575: HIGH Vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows Privilege Escalation. Versions 1.0.0 to 2.0.0 affected. Ensure permissions are secure.#cveCVE-2025-11575#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981158687482794200) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T00:40Z XXX followers, XXX engagements "CVE-2025-47699: CRITICAL Vulnerability in Gallagher Morpho integration (CWE-497) allows critical unauthorized changes to Morpho devices. Affected Command Centre versions: XXXX to XXXX. Update recommended.#cveCVE-2025-47699#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981211730207183180) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T04:11Z XXX followers, XX engagements "CVE-2025-12028: HIGH WordPress IndieAuth plugin up to v4.5.4 vulnerable to CSRF. Missing nonce verification allows attackers to force unauthorized actions through injected requests compromising user accou.#cveCVE-2025-12028#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981641676075438558) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T08:39Z XXX followers, XX engagements "CVE-2025-12176: CRITICAL Undocumented administrative accounts were getting created to facilitate access for applications running on board.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.#cveCVE-2025-12176#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981754958824321192) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T16:09Z XXX followers, XX engagements "CVE-2025-9068: HIGH Security flaw in Rockwell Automation Driver Package x64 MSI repair allows attackers to hijack console window gaining SYSTEM-level access. #cybersecurity#cveCVE-2025-9068#cybersecurity" [X Link](https://x.com/CveFindCom/status/1978078181673300092) [@CveFindCom](/creator/x/CveFindCom) 2025-10-14T12:39Z XXX followers, XX engagements "CVE-2025-62614: HIGH Vulnerability alert BookLore 1.8.1 and earlier versions have an authentication bypass flaw in BookMediaController. Upgrade to the latest version with the fix to secure your book colle.#cveCVE-2025-62614#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981105720146706454) [@CveFindCom](/creator/x/CveFindCom) 2025-10-22T21:09Z XXX followers, XX engagements "CVE-2025-11023: CRITICAL ArkSigner Software and Hardware Inc. AcBakImzala software before v5.1.4 is vulnerable to PHP local file inclusion due to improper control of filename in PHP programs. #CyberSecurity#cveCVE-2025-11023#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981347414993707416) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T13:10Z XXX followers, XX engagements "CVE-2025-6979: HIGH Captive Portal can allow authentication bypass#cveCVE-2025-6979#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981437888404275317) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T19:09Z XXX followers, XX engagements "CVE-2025-58428: CRITICAL TLS4B ATG system's SOAP interface vulnerable through web services handler enabling remote attackers execute system-level commands on Linux risking full shell access & network mov.#cveCVE-2025-58428#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981453075005997456) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T20:10Z XXX followers, XX engagements "CVE-2025-59503: CRITICAL Server-side request forgery (ssrf) in Azure Compute Gallery allows an authorized attacker to elevate privileges over a network.#cveCVE-2025-59503#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981475694249988438) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T21:39Z XXX followers, XX engagements "CVE-2025-62498: HIGH Security alert: Productivity Suite 4.4.1.19 has a critical path traversal vulnerability (ZipSlip). Attackers can run malicious code by tampering with project files. #cybersecurity#cveCVE-2025-62498#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981483208546885643) [@CveFindCom](/creator/x/CveFindCom) 2025-10-23T22:09Z XXX followers, XX engagements "CVE-2025-6440: CRITICAL Critical vulnerability alert WooCommerce Designer Pro plugin for WordPress (up to version 1.9.26) allows unauthenticated attackers to upload arbitrary files risking remote code exec.#cveCVE-2025-6440#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981626483689787467) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T07:39Z XXX followers, XX engagements "CVE-2025-11253: CRITICAL A critical SQL Injection vulnerability in Aksis Technology Inc. Netty ERP (pre V.1.1000) leaves systems at risk. Secure your data with immediate action. #cybersecurity#cveCVE-2025-11253#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981649169212146004) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T09:09Z XXX followers, XX engagements "CVE-2025-8536: CRITICAL SQL injection flaw found in DobryCMS due to user input not properly sanitized for language processing. Older software versions susceptible to attacks. #cybersecurity#cveCVE-2025-8536#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981732240317899149) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T14:39Z XXX followers, XX engagements "CVE-2025-43994: HIGH Critical vulnerability in Dell Storage Manager (DSM 20.1.21) allows unauthenticated remote attackers to exploit Missing Authentication potentially leading to information disclosure.#cveCVE-2025-43994#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981732329463705990) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T14:39Z XXX followers, XX engagements "CVE-2025-4106: HIGH Vulnerability in Firebox devices running Fireware OS XXXX to 12.11.2 allows admins to exploit a debug shell compromising security. Patch recommended ASAP.#cveCVE-2025-4106#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981837997449400592) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T21:39Z XXX followers, XX engagements "CVE-2025-34293: HIGH Be cautious GN4 Publishing System versions pre-2.6 have an IDOR vulnerability via its API. Authenticated users can access sensitive account data including passwords and security Q&A.#cveCVE-2025-34293#cybersecurity" [X Link](https://x.com/CveFindCom/status/1981838035021894072) [@CveFindCom](/creator/x/CveFindCom) 2025-10-24T21:39Z XXX followers, XX engagements
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
@CveFindCom
"CVE-2025-12104: CRITICAL Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.#cveCVE-2025-12104#cybersecurity"
X Link @CveFindCom 2025-10-23T04:11Z XXX followers, XX engagements
"CVE-2025-12100: HIGH Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege Escalation.This issue affects BI Connector ODBC driver: from 1.0.0 through 1.4.6.#cveCVE-2025-12100#cybersecurity"
X Link @CveFindCom 2025-10-23T21:10Z XXX followers, XX engagements
"CVE-2025-61934: CRITICAL Vulnerability in Productivity Suite v4.4.1.19 allows remote attackers to interact with ProductivityService PLC simulator compromising file security.#cveCVE-2025-61934#cybersecurity"
X Link @CveFindCom 2025-10-23T22:09Z XXX followers, XX engagements
"CVE-2025-43995: CRITICAL Vulnerability found in Dell Storage Manager 20.1.21 could allow unauthorized remote access resulting in potential Authentication Bypass and Protection mechanism bypass.#cveCVE-2025-43995#cybersecurity"
X Link @CveFindCom 2025-10-24T14:39Z XXX followers, XX engagements
"CVE-2025-62714: HIGH Authentication bypass vulnerability discovered in Karmada Dashboard API 0.2.0 exposes sensitive cluster data. Unauthenticated users can access Secrets and Services directly.#cveCVE-2025-62714#cybersecurity"
X Link @CveFindCom 2025-10-24T16:09Z XXX followers, XX engagements
"CVE-2025-59975: HIGH Vulnerability in Juniper Networks Junos Space HTTP daemon allows unauthenticated attacker to perform DoS attack by flooding system with inbound API calls affecting multiple versions.#cveCVE-2025-59975#cybersecurity"
X Link @CveFindCom 2025-10-09T16:09Z XXX followers, XX engagements
"CVE-2025-59964: HIGH Critical Use of Uninitialized Resource flaw in Juniper Networks Junos OS on SRX4700 devices could allow network-based attacks causing a Denial of Service (DoS). Update Junos OS from a.#cveCVE-2025-59964#cybersecurity"
X Link @CveFindCom 2025-10-09T16:10Z XXX followers, XX engagements
"CVE-2025-11198: HIGH Critical vulnerability in Juniper Networks Security Director Policy Enforcer allows attackers to replace vSRX images. Update to version 23.1R1 Hotpatch v3 to protect against this issue.#cveCVE-2025-11198#cybersecurity"
X Link @CveFindCom 2025-10-09T16:10Z XXX followers, XX engagements
"CVE-2025-60004: HIGH A vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated attackers to trigger a DoS attack by sending a specific BGP EVPN update message over a BGP sess.#cveCVE-2025-60004#cybersecurity"
X Link @CveFindCom 2025-10-09T16:40Z XXX followers, XX engagements
"CVE-2025-59978: CRITICAL Critical: Vulnerability in Juniper Networks Junos Space allows attackers to execute commands with admin permissions due to an XSS flaw. Update to v24.1R4 to stay secure. #cybersecu.#cveCVE-2025-59978#cybersecurity"
X Link @CveFindCom 2025-10-09T16:40Z XXX followers, XX engagements
"CVE-2018-25118: CRITICAL Vulnerability alert: GeoVision IP devices like GV-BX1500 & GV-MFD1501 are susceptible to remote command injection via PictureCatch.cgi giving attackers control. Exploits detected.#cveCVE-2018-25118#cybersecurity"
X Link @CveFindCom 2025-10-20T21:40Z XXX followers, XXX engagements
"CVE-2025-12004: CRITICAL Critical vulnerability in Wikimedia Foundation Mediawiki Lockdown Extension fixed in Mediawiki Core Action API. Allows Privilege Abuse due to Incorrect Permission Assignment.#cveCVE-2025-12004#cybersecurity"
X Link @CveFindCom 2025-10-21T06:39Z XXX followers, XXX engagements
"CVE-2025-11949: HIGH Digiwin's EasyFlow .NET and EasyFlow AiNet have a Missing Authentication vulnerability enabling unauthorized access to database admin credentials remotely. #cybersecurity#cveCVE-2025-11949#cybersecurity"
X Link @CveFindCom 2025-10-21T07:09Z XXX followers, XXX engagements
"CVE-2025-10020: CRITICAL Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component.#cveCVE-2025-10020#cybersecurity"
X Link @CveFindCom 2025-10-21T12:39Z XXX followers, XX engagements
"CVE-2025-11625: CRITICAL Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials.#cveCVE-2025-11625#cybersecurity"
X Link @CveFindCom 2025-10-21T13:39Z XXX followers, XX engagements
"CVE-2025-11534: CRITICAL The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials.#cveCVE-2025-11534#cybersecurity"
X Link @CveFindCom 2025-10-21T17:09Z XXX followers, XX engagements
"CVE-2025-11757: HIGH Vulnerability in CloudEdge Cloud's MQTT topic input allows attackers to steal credentials and camera information. Secure your devices now #cybersecurity#cveCVE-2025-11757#cybersecurity"
X Link @CveFindCom 2025-10-21T17:39Z XXX followers, XX engagements
"CVE-2025-60507: HIGH Beware of Cross Site Scripting (XSS) vulnerability in Moodle GeniAI plugin. An authenticated user can upload malicious PDFs with embedded JavaScript affecting other users' browsers.#cveCVE-2025-60507#cybersecurity"
X Link @CveFindCom 2025-10-21T18:09Z XXX followers, XXX engagements
"CVE-2025-62481: CRITICAL Critical vulnerability in Oracle Marketing of Oracle E-Business Suite (ver. 12.2.3-12.2.14) allows network access attack. Exploitation could lead to complete system compromise.#cveCVE-2025-62481#cybersecurity"
X Link @CveFindCom 2025-10-21T20:09Z XXX followers, XX engagements
"CVE-2025-61757: CRITICAL Critical vulnerability in Oracle Fusion Middleware's Identity Manager product (REST WebServices) versions 12.2.1.4.0 & 14.1.2.1.0. Exploitable by unauthenticated attackers via HTTP.#cveCVE-2025-61757#cybersecurity"
X Link @CveFindCom 2025-10-21T20:10Z XXX followers, XX engagements
"CVE-2025-53072: CRITICAL Critical vulnerability in Oracle Marketing within E-Business Suite versions 12.2.3-12.2.14 allows attackers to compromise the system via HTTP. CVSS score 9.8; high impact.#cveCVE-2025-53072#cybersecurity"
X Link @CveFindCom 2025-10-21T20:10Z XXX followers, XX engagements
"CVE-2025-53037: CRITICAL Critical vulnerability found in Oracle Financial Services Analytical Applications Infrastructure product allowing unauthenticated attackers to compromise the system with a CVSS B.#cveCVE-2025-53037#cybersecurity"
X Link @CveFindCom 2025-10-21T20:11Z XXX followers, XX engagements
"CVE-2025-53036: HIGH Critical vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows unauthenticated attackers to compromise data. Update affected versions to secure systems.#cveCVE-2025-53036#cybersecurity"
X Link @CveFindCom 2025-10-21T20:11Z XXX followers, XX engagements
"CVE-2025-22167: HIGH Critical Path Traversal vulnerability found in Jira Software versions 9.12.0 10.3.0 and 11.0.0 allows attackers to write arbitrary files. Atlassian urges immediate software updates.#cveCVE-2025-22167#cybersecurity"
X Link @CveFindCom 2025-10-22T01:09Z XXX followers, XXX engagements
"CVE-2025-41719: HIGH Remote attacker exploiting vulnerability in webserver config can delete users & create admin with default password exposing device to cyber threats.#cveCVE-2025-41719#cybersecurity"
X Link @CveFindCom 2025-10-22T07:09Z XXX followers, XX engagements
"CVE-2025-41723: CRITICAL The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.#cveCVE-2025-41723#cybersecurity"
X Link @CveFindCom 2025-10-22T07:39Z XXX followers, XX engagements
"CVE-2025-41109: HIGH The Ghost Robotics Vision XX v0.27.2 robot has a cyber security vulnerability due to the lack of authentication when establishing connections through its RJ45 connectors and USB Type-C.#cveCVE-2025-41109#cybersecurity"
X Link @CveFindCom 2025-10-22T08:39Z XXX followers, XX engagements
"CVE-2025-41108: CRITICAL Vulnerable communication protocol in Ghost Robotics Vision XX v0.27.2 enables attackers to take control. Lack of encryption and authentication allows easy unauthorized access.#cveCVE-2025-41108#cybersecurity"
X Link @CveFindCom 2025-10-22T08:39Z XXX followers, XX engagements
"CVE-2016-15048: CRITICAL Unauthenticated command injection vulnerability found in AMTT Hotel Broadband Operation System (HiBOS) allows attackers to execute arbitrary system commands. It's recommended to se.#cveCVE-2016-15048#cybersecurity"
X Link @CveFindCom 2025-10-22T14:39Z XXX followers, XX engagements
"CVE-2025-57870: CRITICAL SQL Injection vulnerability in Esri ArcGIS Server XXXX XXXX XXXX for Windows Linux Kubernetes allows remote attackers to execute arbitrary commands on Enterprise Geodatabases.#cveCVE-2025-57870#cybersecurity"
X Link @CveFindCom 2025-10-22T15:11Z XXX followers, XX engagements
"CVE-2025-62606: HIGH Critical SQL injection vulnerability discovered in my little forum prior to version 2.5.12 could allow attackers to execute arbitrary commands. Update to secure your forum now#cveCVE-2025-62606#cybersecurity"
X Link @CveFindCom 2025-10-22T15:40Z XXX followers, XX engagements
"CVE-2025-40780: HIGH Weakness in BIND's PRNG allows attackers to predict source port & query ID. Vulnerable versions: BIND 9.16.0-9.16.50 9.18.0-9.18.39 9.20.0-9.20.13 9.21.0-9.21.12 9.16.8-S1-9.16.50-.#cveCVE-2025-40780#cybersecurity"
X Link @CveFindCom 2025-10-22T16:10Z XXX followers, XX engagements
"CVE-2025-40778: HIGH BIND vulnerability allows attackers to inject forged data into the cache in versions 9.11.0-9.16.50 9.18.0-9.18.39 9.20.0-9.20.13 and 9.21.0-9.21.12. #cybersecurity#cveCVE-2025-40778#cybersecurity"
X Link @CveFindCom 2025-10-22T16:10Z XXX followers, XX engagements
"CVE-2025-11575: HIGH Vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows Privilege Escalation. Versions 1.0.0 to 2.0.0 affected. Ensure permissions are secure.#cveCVE-2025-11575#cybersecurity"
X Link @CveFindCom 2025-10-23T00:40Z XXX followers, XXX engagements
"CVE-2025-47699: CRITICAL Vulnerability in Gallagher Morpho integration (CWE-497) allows critical unauthorized changes to Morpho devices. Affected Command Centre versions: XXXX to XXXX. Update recommended.#cveCVE-2025-47699#cybersecurity"
X Link @CveFindCom 2025-10-23T04:11Z XXX followers, XX engagements
"CVE-2025-12028: HIGH WordPress IndieAuth plugin up to v4.5.4 vulnerable to CSRF. Missing nonce verification allows attackers to force unauthorized actions through injected requests compromising user accou.#cveCVE-2025-12028#cybersecurity"
X Link @CveFindCom 2025-10-24T08:39Z XXX followers, XX engagements
"CVE-2025-12176: CRITICAL Undocumented administrative accounts were getting created to facilitate access for applications running on board.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.#cveCVE-2025-12176#cybersecurity"
X Link @CveFindCom 2025-10-24T16:09Z XXX followers, XX engagements
"CVE-2025-9068: HIGH Security flaw in Rockwell Automation Driver Package x64 MSI repair allows attackers to hijack console window gaining SYSTEM-level access. #cybersecurity#cveCVE-2025-9068#cybersecurity"
X Link @CveFindCom 2025-10-14T12:39Z XXX followers, XX engagements
"CVE-2025-62614: HIGH Vulnerability alert BookLore 1.8.1 and earlier versions have an authentication bypass flaw in BookMediaController. Upgrade to the latest version with the fix to secure your book colle.#cveCVE-2025-62614#cybersecurity"
X Link @CveFindCom 2025-10-22T21:09Z XXX followers, XX engagements
"CVE-2025-11023: CRITICAL ArkSigner Software and Hardware Inc. AcBakImzala software before v5.1.4 is vulnerable to PHP local file inclusion due to improper control of filename in PHP programs. #CyberSecurity#cveCVE-2025-11023#cybersecurity"
X Link @CveFindCom 2025-10-23T13:10Z XXX followers, XX engagements
"CVE-2025-6979: HIGH Captive Portal can allow authentication bypass#cveCVE-2025-6979#cybersecurity"
X Link @CveFindCom 2025-10-23T19:09Z XXX followers, XX engagements
"CVE-2025-58428: CRITICAL TLS4B ATG system's SOAP interface vulnerable through web services handler enabling remote attackers execute system-level commands on Linux risking full shell access & network mov.#cveCVE-2025-58428#cybersecurity"
X Link @CveFindCom 2025-10-23T20:10Z XXX followers, XX engagements
"CVE-2025-59503: CRITICAL Server-side request forgery (ssrf) in Azure Compute Gallery allows an authorized attacker to elevate privileges over a network.#cveCVE-2025-59503#cybersecurity"
X Link @CveFindCom 2025-10-23T21:39Z XXX followers, XX engagements
"CVE-2025-62498: HIGH Security alert: Productivity Suite 4.4.1.19 has a critical path traversal vulnerability (ZipSlip). Attackers can run malicious code by tampering with project files. #cybersecurity#cveCVE-2025-62498#cybersecurity"
X Link @CveFindCom 2025-10-23T22:09Z XXX followers, XX engagements
"CVE-2025-6440: CRITICAL Critical vulnerability alert WooCommerce Designer Pro plugin for WordPress (up to version 1.9.26) allows unauthenticated attackers to upload arbitrary files risking remote code exec.#cveCVE-2025-6440#cybersecurity"
X Link @CveFindCom 2025-10-24T07:39Z XXX followers, XX engagements
"CVE-2025-11253: CRITICAL A critical SQL Injection vulnerability in Aksis Technology Inc. Netty ERP (pre V.1.1000) leaves systems at risk. Secure your data with immediate action. #cybersecurity#cveCVE-2025-11253#cybersecurity"
X Link @CveFindCom 2025-10-24T09:09Z XXX followers, XX engagements
"CVE-2025-8536: CRITICAL SQL injection flaw found in DobryCMS due to user input not properly sanitized for language processing. Older software versions susceptible to attacks. #cybersecurity#cveCVE-2025-8536#cybersecurity"
X Link @CveFindCom 2025-10-24T14:39Z XXX followers, XX engagements
"CVE-2025-43994: HIGH Critical vulnerability in Dell Storage Manager (DSM 20.1.21) allows unauthenticated remote attackers to exploit Missing Authentication potentially leading to information disclosure.#cveCVE-2025-43994#cybersecurity"
X Link @CveFindCom 2025-10-24T14:39Z XXX followers, XX engagements
"CVE-2025-4106: HIGH Vulnerability in Firebox devices running Fireware OS XXXX to 12.11.2 allows admins to exploit a debug shell compromising security. Patch recommended ASAP.#cveCVE-2025-4106#cybersecurity"
X Link @CveFindCom 2025-10-24T21:39Z XXX followers, XX engagements
"CVE-2025-34293: HIGH Be cautious GN4 Publishing System versions pre-2.6 have an IDOR vulnerability via its API. Authenticated users can access sensitive account data including passwords and security Q&A.#cveCVE-2025-34293#cybersecurity"
X Link @CveFindCom 2025-10-24T21:39Z XXX followers, XX engagements
/creator/twitter::1787531073204670464/posts