5.1
CVE-2025-5695 - Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to laβ¦
9.8
CVE-2025-47966 - Power Automate Elevation of Privilege Vulnerability
Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.
6.5
CVE-2025-48133 - WordPress Uncanny Automator plugin <= 6.4.0.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator: from n/a through <= 6.4.0.2.
5.3
CVE-2025-5694 - PHPGurukul Human Metapneumovirus Testing Management System search-report-result.php sql injection
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. The attack may β¦
5.3
CVE-2025-5693 - PHPGurukul Human Metapneumovirus Testing Management System bwdates-report-result.php sql injection
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. β¦
8.7
CVE-2025-5685 - Tenda CH22 Natlimit formNatlimit stack-based overflow
A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been dβ¦
7.1
CVE-2025-43026 - HP Support Assistant β Potential Escalation of Privilege
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
5.3
CVE-2025-5680 - Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script SysScriptController.java execβ¦
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script Handlβ¦
5.6
CVE-2025-5745 - glibc: Vector register overwrite bug in glibc
The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its coβ¦
5.3
CVE-2025-5679 - Shenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarkeβ¦
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads to β¦