7.3

CVSS3.1

CVE-2025-7633 - Stored XSS

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report.

📅 Published: Nov. 11, 2025, 10:32 a.m. 🔄 Last Modified: Feb. 26, 2026, 4:57 p.m.

7.3

CVSS3.1

CVE-2025-7632 - Stored XSS

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report.

📅 Published: Nov. 11, 2025, 10:29 a.m. 🔄 Last Modified: Feb. 26, 2026, 4:57 p.m.

7.3

CVSS3.1

CVE-2025-7430 - Stored XSS

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report.

📅 Published: Nov. 11, 2025, 10:24 a.m. 🔄 Last Modified: Feb. 26, 2026, 4:57 p.m.

9.8

CVSS3.1

CVE-2017-20210 - Photo Station

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.

📅 Published: Nov. 11, 2025, 9:45 a.m. 🔄 Last Modified: Nov. 14, 2025, 5:45 p.m.

6.8

CVSS4.0

CVE-2025-5317 - Improper access restriction to critical folder in Bitdefender Endpoint Security Tools for Mac

An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac (BEST) before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the applicat…

📅 Published: Nov. 11, 2025, 8:02 a.m. 🔄 Last Modified: Dec. 8, 2025, 6:10 p.m.

7.3

CVSS3.1

CVE-2025-7429 - Stored XSS

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Mails Deleted or Moved report.

📅 Published: Nov. 11, 2025, 7:40 a.m. 🔄 Last Modified: Feb. 26, 2026, 4:58 p.m.

6.4

CVSS3.1

CVE-2025-9055 -

The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account.

📅 Published: Nov. 11, 2025, 7:31 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

3.1

CVSS3.1

CVE-2025-8998 -

It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account.

📅 Published: Nov. 11, 2025, 7:28 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

4.3

CVSS3.1

CVE-2025-9524 -

The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.

📅 Published: Nov. 11, 2025, 7:25 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

8.4

CVSS3.1

CVE-2025-10714 -

AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights (admi…

📅 Published: Nov. 11, 2025, 7:16 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 3075 of 34,919
« previous page » next page
Filters