6.3
CVE-2025-68161 - Apache Log4j Core: Missing TLS hostname verification in Socket appender
The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName configuration attribuโฆ
5.3
CVE-2025-67653 - Advantech WebAccess/SCADA Path Traversal
Advantech WebAccess/SCADAย is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files.
7.5
CVE-2025-62004 - BullWall Server Intrusion Protection initialization race condition
BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0, 4.6.โฆ
7.5
CVE-2025-62003 - BullWall Server Intrusion Protection connection delay
BullWall Server Intrusion Protection has a noticeable delay before the MFA check when connecting via RDP. A remote authenticated attacker with administrative privileges can potentially bypass detection during this window. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affectedโฆ
5.3
CVE-2025-46268 - Advantech WebAccess/SCADA SQL Injection
Advantech WebAccess/SCADAย is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands.
5.3
CVE-2025-14848 - Advantech WebAccess/SCADA Absolute Path Traversal
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files.
5.3
CVE-2025-62002 - BullWall Ransomware Containment large file encryption
BullWall Ransomware Containment relies on the number of file modifications to trigger detection. An authenticated attacker could encrypt a single large file without triggering a detection alert. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before andโฆ
8.7
CVE-2025-14849 - Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type
Advantech WebAccess/SCADAย is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code.
8.7
CVE-2025-62001 - BullWall Ransomware Containment hard-coded folder exclusions
BullWall Ransomware Containment contains excluded file paths, such as '$recycle.bin' that are not monitored. An attacker with file write permissions could bypass detection by renaming a directory. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before aโฆ
6.9
CVE-2025-62000 - BullWall Ransomware Containment incomplete file inspection
BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other vโฆ