4.4
CVE-2025-9195 -
Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service
9.1
CVE-2025-58059 - Valtimo scripting engine can be used to gain access to sensitive data or resources
Valtimo is a platform for Business Process Automation. In versions before 12.16.0.RELEASE, and from 13.0.0.RELEASE to before 13.1.2.RELEASE, any admin that can create or modify and execute process-definitions could gain access to sensitive data or resources. This includes but is not limited to: runβ¦
0.0
CVE-2000-5001 -
This CVE has the been REJECTED and will not be published by the CNA.
5.8
CVE-2025-58049 - XWiki PDF export jobs store sensitive cookies unencrypted in job statuses
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions from 14.4.2 to before 16.4.8, 16.5.0-rc-1 to before 16.10.7, and 17.0.0-rc-1 to before 17.4.0-rc-1, the PDF export jobs store sensitive cookies unencrypted in job statuses. XWiki shoβ¦
10
CVE-2025-58048 - Paymenter Vulnerable to Remote Code Execution via Public File Uploads
Paymenter is a free and open-source webshop solution for hostings. Prior to version 1.2.11, the ticket attachments functionality in Paymenter allows a malicious authenticated user to upload arbitrary files. This could result in sensitive data extraction from the database, credentials being read froβ¦
7.5
CVE-2025-58047 - Volto affected by possible DoS by invoking specific URL by anonymous user
Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visitβ¦
5.4
CVE-2025-31979 - A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix Service Managemβ¦
A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix SM, where the application fails to properly enforce file type restrictions during the upload process. An attacker may exploit this flaw to upload malicious or unauthorized files, such as scripts, executables, or webβ¦
5.3
CVE-2025-31977 - A cryptographic weakness has been identified in the HCL BigFix Service Management (SM)
HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms.Β An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.
0.0
CVE-2008-20002 -
This CVE has the been REJECTED and will not be published by the CNA.
6.5
CVE-2025-31972 - HCL BigFix Service Management (SM) is affected by a Sensitive Information Exposure vulnerability
HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components.