8.8
CVE-2025-6558 - chromium-browser: Chromium insufficient validation
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
7.7
CVE-2025-53826 - FileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after Logout
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browserβs authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of publβ¦
7.7
CVE-2025-53893 - File Browser Vulnerable to Uncontrolled Memory Consumption Due to Oversized File Processing
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service (DoS) vulnerability exists in the file processing logic when reading a file on endpoint `Filebrowser-Server-IP:β¦
7.7
CVE-2025-53895 - ZITADEL has broken authN and authZ in session API and resulting session tokens
ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session management API allows any authenticated user to update a session if they know its ID, due to a missing permission check.β¦
7.6
CVE-2025-53959 -
In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible
7.8
CVE-2025-7042 - Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Reβ¦
Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted IPT file.
7.8
CVE-2025-6974 - Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eβ¦
Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file.
7.8
CVE-2025-6973 - Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Relβ¦
Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file.
7.8
CVE-2025-6972 - Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawingβ¦
Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file.
7.8
CVE-2025-6971 - Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawingβ¦
Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file.