7.5
CVE-2025-53710 - Network boundaries not respected in certain Foundry namespaces.
Due to a product misconfiguration in certain deployment types, it was possible from different pods in the same namespace to communicate with each other. This issue resulted in bypass of access control due to the presence of a vulnerable endpoint in Foundry Container Service that executed user-contrβ¦
6.3
CVE-2025-68161 - Apache Log4j Core: Missing TLS hostname verification in Socket appender
The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName configuration attribuβ¦
5.3
CVE-2025-67653 - Advantech WebAccess/SCADA Path Traversal
Advantech WebAccess/SCADAΒ is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files.
7.7
CVE-2025-62004 - BullWall Server Intrusion Protection (SIP) initialization race condition
BullWall Server Intrusion Protection (SIP) services are initialized after login services during system startup. A local, authenticated attacker can log in after boot and before SIP MFA is running. The SIP services do not retroactively enforce MFA or disconnect sessions that were not subject to SIP β¦
7.7
CVE-2025-62003 - BullWall Server Intrusion Protection RDP MFA connection delay
BullWall Server Intrusion Protection has a noticeable configuration-dependent delay before the MFA check for RDP connections. A remote, authenticated attacker can potentially bypass detection during this delay. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also beβ¦
5.3
CVE-2025-46268 - Advantech WebAccess/SCADA SQL Injection
Advantech WebAccess/SCADAΒ is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands.
5.3
CVE-2025-14848 - Advantech WebAccess/SCADA Absolute Path Traversal
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files.
5.3
CVE-2025-62002 - BullWall Ransomware Containment file count detection bypass
BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection caβ¦
8.7
CVE-2025-14849 - Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type
Advantech WebAccess/SCADAΒ is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code.
8.7
CVE-2025-62001 - BullWall Ransomware Containment hard-coded folder exclusions
BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and 5.0.0β¦