Riasztások | HunCERT csoport

2025. július 8.

Medium - CVE-2025-49543 - ColdFusion versions 2025.2, 2023.14, 2021.20...

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious...

security-database.com

Tovább

2025. július 8.

Medium - CVE-2025-49544 - ColdFusion versions 2025.2, 2023.14, 2021.20...

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a Security...

security-database.com

Tovább

2025. július 8.

Medium - CVE-2025-49545 - ColdFusion versions 2025.2, 2023.14, 2021.20...

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privilege...

security-database.com

Tovább

2025. július 8.

Low - CVE-2025-49546 - ColdFusion versions 2025.2, 2023.14, 2021.20...

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access Control vulnerability that could lead to application denial-of-service. A high-privileged attacker could...

security-database.com

Tovább

2025. július 8.

High - CVE-2025-49551 - ColdFusion versions 2025.2, 2023.14, 2021.20...

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this...

security-database.com

Tovább

2025. július 8.

NA - CVE-2025-7030 - Privilege Defined With Unsafe Actions...

Privilege Defined With Unsafe Actions vulnerability in Drupal Two-factor Authentication (TFA) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Two-factor...

security-database.com

Tovább

2025. július 8.

NA - CVE-2025-7031 - Missing Authentication for Critical Function...

Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Config Pages...

security-database.com

Tovább

2025. július 8.

High - CVE-2025-7194 - A vulnerability was found in D-Link DI-500WF...

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component...

security-database.com

Tovább

2025. július 8.

High - CVE-2025-7196 - A vulnerability was found in code-projects...

A vulnerability was found in code-projects Jonnys Liquor 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /browse.php. The manipulation of the...

security-database.com

Tovább

2025. július 8.

NA - VU#613753 - Ruckus Virtual SmartZone (vSZ) and Ruckus Network Director (RND) contain multiple vulnerabilities

OverviewMultiple vulnerabilities have been identified in Ruckus Wireless management products, specifically Virtual SmartZone (vSZ) and Network Director (RND), including authentication bypass,...

security-database.com

Tovább

Telefon:	+36 1 279 6222 (09:00-16:00)
Email:	@email
Cím:	1111 Budapest, Kende u. 13-17.