9
CVE-2025-47158 - Azure DevOps Server Elevation of Privilege Vulnerability
Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
6.5
CVE-2025-47995 - Azure Machine Learning Elevation of Privilege Vulnerability
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
9.9
CVE-2025-49746 - Azure Machine Learning Elevation of Privilege Vulnerability
Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
9.9
CVE-2025-49747 - Azure Machine Learning Elevation of Privilege Vulnerability
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
8.7
CVE-2025-7794 - Tenda FH451 NatStaticSetting fromNatStaticSetting stack-based overflow
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The expβ¦
9.4
CVE-2025-7783 - Usage of unsafe random function in form-data for choosing boundary
Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.
8.7
CVE-2025-7793 - Tenda FH451 webtypelibrary formWebTypeLibrary stack-based overflow
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit haβ¦
8.7
CVE-2025-7792 - Tenda FH451 SafeEmailFilter formSafeEmailFilter stack-based overflow
A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit hasβ¦
9.4
CVE-2025-54079 - WeGIA vulnerable to SQL Injection (Blind Time-Based) in endpoint 'Profile_Atendido.php' parameter 'β¦
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the endpoint `/html/atendido/Profile_Atendido.php`, in the `idatendido` parameter. This vulnerability allow an authorizβ¦
6.5
CVE-2025-54078 - WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'personalizacao_imagem.php' paβ¦
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in versions prior to 3.4.6 in the `personalizacao_imagem.php` endpoint of the WeGIA application. This vulnerability allows attβ¦