Latest CVE Feed
-
6.0
MEDIUMCVE-2025-49643
An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.... Read more
Affected Products : zabbix- Published: Dec. 01, 2025
- Modified: Dec. 01, 2025
- Vuln Type: Denial of Service
-
6.9
MEDIUMCVE-2025-12143
Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.... Read more
Affected Products :- Published: Nov. 28, 2025
- Modified: Dec. 01, 2025
- Vuln Type: Memory Corruption
-
5.8
MEDIUMCVE-2025-49642
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory.... Read more
Affected Products : zabbix- Published: Dec. 01, 2025
- Modified: Dec. 01, 2025
- Vuln Type: Misconfiguration
-
5.9
MEDIUMCVE-2025-11156
Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This tri... Read more
Affected Products : netskope- Published: Nov. 28, 2025
- Modified: Dec. 01, 2025
- Vuln Type: Denial of Service
-
6.1
MEDIUMCVE-2025-66036
Retro is an online platform providing items of vintage collections. Prior to version 2.4.7, Retro is vulnerable to a cross-site scripting (XSS) in the input handling component. This issue has been patched in version 2.4.7.... Read more
Affected Products :- Published: Nov. 29, 2025
- Modified: Dec. 01, 2025
- Vuln Type: Cross-Site Scripting
-
6.8
MEDIUMCVE-2025-27232
An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.... Read more
Affected Products : zabbix- Published: Dec. 01, 2025
- Modified: Dec. 01, 2025
- Vuln Type: Path Traversal