NA - CVE-2025-23048 - In some mod_ssl configurations on Apache HTTP...
In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected...
NA - CVE-2025-27889 - Wing FTP Server before 7.4.4 does not properly...
Wing FTP Server before 7.4.4 does not properly validate and sanitize the url parameter of the downloadpass.html endpoint, allowing injection of an arbitrary link. If a user clicks a crafted link,...
NA - CVE-2025-47811 - In Wing FTP Server through 7.4.4, the...
In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs as root or SYSTEM by default. The web application itself offers several legitimate ways...
NA - CVE-2025-47812 - In Wing FTP Server before 7.4.4. the user and...
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to...
NA - CVE-2025-49462 - Cross-site scripting in certain Zoom Clients...
Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated user to conduct a disclosure of information via network access.
NA - CVE-2025-49463 - Insufficient control flow management in certain...
Insufficient control flow management in certain Zoom Clients for iOS before version 6.4.5 may allow an unauthenticated user to conduct a disclosure of information via network access.
NA - CVE-2025-49630 - In certain proxy configurations, a denial of...
In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in...
NA - CVE-2025-49812 - In some mod_ssl configurations on Apache HTTP...
In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade....