8.5
CVE-2025-53547 - Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execuβ¦
Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependβ¦
9.8
CVE-2025-49533 - Adobe Experience Manager (MS) | Deserialization of Untrusted Data (CWE-502)
Adobe Experience Manager (MS) versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction. Scope is unchanged.
6.9
CVE-2025-7197 - code-projects Jonnys Liquor delete-row.php sql injection
A vulnerability classified as critical has been found in code-projects Jonnys Liquor 1.0. This affects an unknown part of the file /admin/delete-row.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to theβ¦
9.6
CVE-2025-27203 - Adobe Connect | Deserialization of Untrusted Data (CWE-502)
Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed.
5.5
CVE-2025-27165 - Substance3D - Stager | Out-of-bounds Read (CWE-125)
Substance3D - Stager versions 3.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2025-43584 - Substance3D - Viewer | Out-of-bounds Read (CWE-125)
Substance3D - Viewer versions 0.22 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2025-43583 - Substance3D - Viewer | NULL Pointer Dereference (CWE-476)
Substance3D - Viewer versions 0.22 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user inβ¦
7.8
CVE-2025-43582 - Substance3D - Viewer | Heap-based Buffer Overflow (CWE-122)
Substance3D - Viewer versions 0.22 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user, scope unchanged. Exploitation of this issue requires user interaction in that a victim must open a malicious fiβ¦
6.9
CVE-2025-7196 - code-projects Jonnys Liquor browse.php sql injection
A vulnerability was found in code-projects Jonnys Liquor 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /browse.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been discloβ¦
5.3
CVE-2025-7031 - Config Pages Viewer - Critical - Access bypass - SA-CONTRIB-2025-086
Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Config Pages Viewer: from 0.0.0 before 1.0.4.