9.3

CVSS4.0

CVE-2025-12108 - Missing Authentication for Critical Function Survision License Plate Recognition Camera

The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check.

๐Ÿ“… Published: Nov. 4, 2025, 6:43 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

5.3

CVSS3.1

CVE-2025-64322 -

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.2.0.

๐Ÿ“… Published: Nov. 4, 2025, 6:33 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

5.3

CVSS3.1

CVE-2025-64321 -

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.2.0.

๐Ÿ“… Published: Nov. 4, 2025, 6:30 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

6.5

CVSS3.1

CVE-2025-64320 -

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0.

๐Ÿ“… Published: Nov. 4, 2025, 6:27 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

5.3

CVSS3.1

CVE-2025-64319 -

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.11.6.

๐Ÿ“… Published: Nov. 4, 2025, 6:22 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

5.3

CVSS3.1

CVE-2025-64318 -

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.11.6.

๐Ÿ“… Published: Nov. 4, 2025, 6:19 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

6.5

CVSS3.1

CVE-2025-10875 -

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Code Injection.This issue affects Mulesoft Anypoint Code Builder: before 1.11.6.

๐Ÿ“… Published: Nov. 4, 2025, 6:14 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

10

CVSS4.0

CVE-2025-61956 - Missing Authentication for Critical Function in Radiometrics VizAir

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control (ATC) and pilots. Adโ€ฆ

๐Ÿ“… Published: Nov. 4, 2025, 4:15 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

10

CVSS4.0

CVE-2025-54863 - Insufficiently Protected Credentials in Radiometrics VizAir

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could pโ€ฆ

๐Ÿ“… Published: Nov. 4, 2025, 4:13 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.

10

CVSS4.0

CVE-2025-61945 - Missing Authentication for Critical Function in Radiometrics VizAir

Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weather โ€ฆ

๐Ÿ“… Published: Nov. 4, 2025, 4:10 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:45 p.m.
Total resulsts: 317436
Page 55 of 31,744
ยซ previous page ยป next page
Filters