8.5
CVE-2025-2632 - Out of Bounds Write Vulnerability in NI LabVIEW reading CPU info from cache
Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects β¦
8.5
CVE-2025-2631 - Out of Bounds Write Vulnerability in NI LabVIEW in InitCPUInformation()
Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation() that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI Lβ¦
7
CVE-2025-2630 - DLL Hijacking Vulnerability in NI LabVIEW
There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI β¦
7
CVE-2025-2629 - DLL Hijacking Vulnerability in NI LabVIEW When Loading NI Error Reporting
There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path.β¦
9.4
CVE-2025-3115 - Spotfire Data Function Vulnerability
Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions. Additionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to arbitrary code executiβ¦
6.5
CVE-2025-3474 - Panels - Critical - Access bypass - SA-CONTRIB-2025-033
Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0.
5.4
CVE-2025-3131 - ECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031
Cross-Site Request Forgery (CSRF) vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2.*.
6.5
CVE-2025-3475 - WEB-T - Moderately critical - Access bypass, Denial of service - SA-CONTRIB-2025-030
Allocation of Resources Without Limits or Throttling, Incorrect Authorization vulnerability in Drupal WEB-T allows Excessive Allocation, Content Spoofing.This issue affects WEB-T: from 0.0.0 before 1.1.0.
9.4
CVE-2025-3114 - Spotfire Code Execution Vulnerability
Code Execution via Malicious Files:Β Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading to system compromise. Sandbox Bypass Vulnerability:Β A flaw in the TERR security mechanism allows attackers to bypass sandboβ¦
9.8
CVE-2025-32695 - WordPress Checkout Mestres WP plugin <= 8.7.5 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through <= 8.7.5.