9.6

CVSS3.1

CVE-2025-62712 - JumpServer Connection Token Leak Vulnerability

JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection API endpoint (/api/…

πŸ“… Published: Oct. 30, 2025, 4:08 p.m. πŸ”„ Last Modified: Nov. 12, 2025, 3:26 p.m.

6.8

CVSS4.0

CVE-2025-11998 - HP Card Readers (B Models) – Potential Information Disclosure

The following HP Card Readers B ModelsΒ (X3D03B & Y7C05B) are potentially vulnerable to information disclosure, allowing prior user identity to be inherited under certain conditions β€”e.g., when an NFC device (such as a smartphone/smartwatches) is in proximity during a card swipe event.

πŸ“… Published: Oct. 30, 2025, 4 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

2.1

CVSS4.0

CVE-2025-12517 - Credits Page not Matching Versions in Use in the Firmware

Credits Page not Matching Versions in Use in the FirmwareThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .

πŸ“… Published: Oct. 30, 2025, 3:47 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:51 p.m.

10

CVSS4.0

CVE-2025-12516 - Lack of Graceful Error Handling - HTTP 5xx Error

Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .

πŸ“… Published: Oct. 30, 2025, 3:42 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:53 p.m.

10

CVSS4.0

CVE-2025-12515 - Systemic Internal Server Errors - HTTP 500 Response

Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .

πŸ“… Published: Oct. 30, 2025, 3:38 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:53 p.m.

5.4

CVSS3.1

CVE-2025-36592 -

Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, l…

πŸ“… Published: Oct. 30, 2025, 3:26 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 4:30 p.m.

4.3

CVSS3.1

CVE-2025-46363 -

Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API (if this REST API is enabled by Admin user from UI). A low privileged attacker with rem…

πŸ“… Published: Oct. 30, 2025, 3:22 p.m. πŸ”„ Last Modified: Jan. 21, 2026, 8:20 p.m.

6.3

CVSS3.1

CVE-2025-5347 - Stored XSS

Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross Site Scripting in the reports module.

πŸ“… Published: Oct. 30, 2025, 2:31 p.m. πŸ”„ Last Modified: Nov. 7, 2025, 1:46 a.m.

6.3

CVSS3.1

CVE-2025-5343 - Stored XSS

Zohocorp ManageEngine Exchange Reporter Plus versions through 5721 are vulnerable to Stored Cross Site Scripting in the Instant Search option.

πŸ“… Published: Oct. 30, 2025, 2:28 p.m. πŸ”„ Last Modified: Nov. 7, 2025, 1:43 a.m.

7.8

CVSS3.1

CVE-2025-43942 -

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privi…

πŸ“… Published: Oct. 30, 2025, 2:23 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 4:56 p.m.
Total resulsts: 349182
Page 3210 of 34,919
Β« previous page Β» next page
Filters