6.3
CVE-2025-2129 - Mage AI insecure default initialization of resource
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is β¦
5.3
CVE-2025-2127 - JoomlaUX JUX Real Estate realties cross site scripting
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jp_yearbuilt leads to cross β¦
5.3
CVE-2025-2126 - JoomlaUX JUX Real Estate GET Parameter realties sql injection
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. This issue affects some unknown processing of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties of the component GET Parameter Handler. The manipulation of the argumeβ¦
5.3
CVE-2025-2125 - Control iD RH iD PDF Document companyId resource injection
A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovante_marcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of rβ¦
5.1
CVE-2025-2124 - Control iD RH iD API change_password cross site scripting
A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/change_password of the component API Handler. The manipulation of the argument message leads to cross site scripting. It is possible to iβ¦
5.1
CVE-2025-2123 - GeSHi CSS cssgen.php get_var cross site scripting
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function get_var of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument default-styles/keywords-1/keywords-2/keywords-3/keywords-4/commeβ¦
2.3
CVE-2025-2122 - Thinkware Car Dashcam F800 Pro Connection denial of service
A vulnerability classified as problematic was found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected by this vulnerability is an unknown functionality of the component Connection Handler. The manipulation leads to denial of service. The attack can only be initiated within the local networβ¦
5.6
CVE-2025-27636 - Apache Camel: Camel Message Header Injection via Improper Filtering
Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.10.0 through <= 4.10.1, from 4.8.0 through <= 4.8.4, from 3.10.0 through <= 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTSβ¦
5.3
CVE-2025-2121 - Thinkware Car Dashcam F800 Pro File Storage access control
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclβ¦
2.4
CVE-2025-2120 - Thinkware Car Dashcam F800 Pro Configuration File hostapd.conf cleartext storage in a file or on diβ¦
A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as problematic. This issue affects some unknown processing of the file /tmp/hostapd.conf of the component Configuration File Handler. The manipulation leads to cleartext storage in a file or on disk. It isβ¦