Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48881 |
Description: Valtimo is a platform for Business Process Automation. In versions starting from 11.0.0.RELEASE to 11.3.3.RELEASE and 12.0.0.RELEASE to 12.12.0.RELEASE, all objects for which an object-management configuration exists can be listed, viewed, edited, created or deleted by unauthorised users. If object-urls are exposed via other channels, the contents of these objects can be viewed independent of object-management configurations. At time of publication, no known patches exist. A workaround for this issue involves overriding the endpoint security as defined in ObjectenApiHttpSecurityConfigurer and ObjectManagementHttpSecurityConfigurer. Depending on the implementation, this could result in loss of functionality.
CVSS: HIGH (8.3) EPSS Score: 0.04%
May 30th, 2025 (10 days ago)
|
|
CVE-2025-41235 |
Description: Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies.
CVSS: HIGH (8.6) EPSS Score: 0.05%
May 30th, 2025 (10 days ago)
|
|
CVE-2025-48480 |
Description: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an authorized user with the administrator role or with the privilege User::PERM_EDIT_USERS can create a user, specifying the path to the user's avatar ../.htaccess during creation, and then delete the user's avatar, resulting in the deletion of the file .htaccess in the folder /storage/app/public. This issue has been patched in version 1.8.180.
CVSS: HIGH (7.0) EPSS Score: 0.03%
May 30th, 2025 (10 days ago)
|
|
CVE-2025-48477 |
Description: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions to implement a functional capability, but the application allows access to the functional capability without correctly completing one or more actions in the sequence. The leaves the attributes of Mailbox object able to be changed by the fill method. This issue has been patched in version 1.8.180.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 30th, 2025 (10 days ago)
|
|
CVE-2025-48476 |
Description: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when adding and editing user records using the fill() method, there is no check for the absence of the password field in the data coming from the user, which leads to a mass-assignment vulnerability. As a result, a user with the right to edit other users of the system can change their password, and then log in to the system using the set password. This issue has been patched in version 1.8.180.
CVSS: HIGH (7.1) EPSS Score: 0.05%
May 30th, 2025 (10 days ago)
|
|
CVE-2025-5307 |
Description: Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro.
CVSS: HIGH (8.4) EPSS Score: 0.02%
May 29th, 2025 (10 days ago)
|
|
CVE-2025-31189 |
Description: A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.
CVSS: HIGH (8.2) EPSS Score: 0.01%
May 29th, 2025 (10 days ago)
|
|
CVE-2025-46823 |
Description: openmrs-module-fhir2 provides the FHIR REST API and related services for OpenMRS, an open medical records system. In versions of the FHIR2 module prior to 2.5.0, privileges were not always correctly checked, which means that unauthorized users may have been able to add or edit data they were not supposed to be able to. All implementers should update to FHIR2 2.5.0 or newer as soon as is feasible to receive a patch.
CVSS: HIGH (8.0) EPSS Score: 0.05%
May 29th, 2025 (10 days ago)
|
|
Description: All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to issue requests and read the responses to attacker-controlled URLs, potentially leaking sensitive information.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-5276
https://github.com/zcaceres/markdownify-mcp/commit/0284aa8f34d32c65e20d8cda2d429b7943c9af03
https://security.snyk.io/vuln/SNYK-JS-MCPMARKDOWNIFYSERVER-10249387
https://github.com/zcaceres/markdownify-mcp/blob/224cf89f0d58616d2a5522f60f184e8391d1c9e3/src/server.ts#L20C17-L20C29
https://github.com/advisories/GHSA-frq9-3hp2-xvxg
CVSS: HIGH (7.4) EPSS Score: 0.03%
May 29th, 2025 (10 days ago)
|
|
CVE-2025-48471 |
Description: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, the application does not check or performs insufficient checking of files uploaded to the application. This allows files to be uploaded with the phtml and phar extensions, which can lead to remote code execution if the Apache web server is used. This issue has been patched in version 1.8.179.
CVSS: HIGH (7.0) EPSS Score: 0.36% SSVC Exploitation: poc
May 29th, 2025 (10 days ago)
|