Vulnerabilities

  

CVE-2025-36222 | IBM Fusion/Fusion HCI/Fusion HCI for Watsonx up to 2.10.1 insecure default initialization of resource

A vulnerability identified as problematic has been detected in IBM Fusion, Fusion HCI and Fusion HCI for Watsonx up to

  

CVE-2025-10094 | GitLab Community Edition/Enterprise Edition up to 18.1.5/18.2.5/18.3.1 Token improper validation of specified quantity in input (Patch 528469 / EUVD-2025-29016)

A vulnerability labeled as critical has been found in GitLab Community Edition and Enterprise Edition up to 18.1.5/18.2.5/18.3.1. Affected is

  

CVE-2025-43788 | Liferay Portal/DXP Organization Selector authorization

A vulnerability marked as problematic has been reported in Liferay Portal and DXP. Affected by this vulnerability is an unknown

  

CVE-2025-8557 | Lenovo XClarity Orchestrator up to 2.1.x LXCO API Service unprotected alternate channel

A vulnerability described as very critical has been identified in Lenovo XClarity Orchestrator up to 2.1.x. Affected by this issue

  

CVE-2025-10127 | Daikin Security Gateway password recovery (icsa-25-254-10)

A vulnerability classified as critical has been found in Daikin Security Gateway. This affects an unknown part. Performing manipulation results

  

CVE-2025-43789 | Liferay Portal/DXP JSON Web Service authorization

A vulnerability classified as problematic was found in Liferay Portal and DXP. This vulnerability affects unknown code of the component

  

CVE-2025-58754 | Axios up to 1.11.x allocation of resources (GHSA-4hjh-wcwx-xvwj)

A vulnerability, which was classified as problematic, has been found in Axios up to 1.11.x. This issue affects some unknown

  

CVE-2025-56556 | Subrion CMS 4.2.1 SQL Query Feature authorization bypass through user-controlled sql primary key (Issue 913)

A vulnerability, which was classified as critical, was found in Subrion CMS 4.2.1. Impacted is an unknown function of the

  

CVE-2025-8061 | Lenovo Dispatcher Driver 3.0/3.1 exposed ioctl with insufficient access control

A vulnerability has been found in Lenovo Dispatcher Driver 3.0/3.1 and classified as critical. The affected element is an unknown

  

CVE-2025-9214 | Lenovo LJ2206W Printer prior 1.05 CUPS Service missing authentication

A vulnerability was found in Lenovo LJ2206W Printer, M7206W Printer, M7216NWA Printer, M7256WHF Printer, LJ2655DN Printer, M7615DNA, M7626DNA Printer, M7628DNA

  

CVE-2025-9319 | Lenovo Wallpaper Client up to 3.0.70.3301 code download

A vulnerability was found in Lenovo Wallpaper Client up to 3.0.70.3301. It has been classified as problematic. This affects an

  

CVE-2025-59055 | instantsoft icms2 up to 2.17.3 HTTPS Request package server-side request forgery (GHSA-79hh-mhvg-whrw)

A vulnerability was found in instantsoft icms2 up to 2.17.3. It has been declared as critical. This impacts an unknown

  

CVE-2025-55319 | Microsoft Visual Studio Code 1.99.1 Agentic AI command injection

A vulnerability was found in Microsoft Visual Studio Code 1.99.1. It has been rated as critical. Affected is an unknown

  

CVE-2025-9201 | Lenovo Browser 5.1.110.5082 uncontrolled search path

A vulnerability categorized as problematic has been discovered in Lenovo Browser 5.1.110.5082. Affected by this vulnerability is an unknown functionality.

  

CVE-2025-59053 | moeru-ai airi 0.7.2-beta.2 MarkdownRenderer.vue highlightTagToHtml cross site scripting (GHSA-9832-f8jx-hw6f)

A vulnerability identified as problematic has been detected in moeru-ai airi 0.7.2-beta.2. Affected by this issue is the function highlightTagToHtml

  

CVE-2025-59047 | matrix-org matrix-rust-sdk up to 0.14.0 normalized_power_level calculation (GHSA-qhj8-q5r6-8q6j)

A vulnerability labeled as problematic has been found in matrix-org matrix-rust-sdk up to 0.14.0. This affects the function RoomMember::normalized_power_level. Such

  

CVE-2025-43790 | Liferay Portal/DXP authorization

A vulnerability was found in Liferay Portal and DXP. It has been declared as critical. The affected element is an

  

CVE-2025-58065 | dpgaspar Flask-AppBuilder up to 4.8.0 improper authentication (GHSA-765j-9r45-w2q2)

A vulnerability was found in dpgaspar Flask-AppBuilder up to 4.8.0. It has been rated as critical. The impacted element is

  

CVE-2025-10291 | linlinjava litemall up to 1.8.0 /wx/aftersale/cancel WxAftersaleController ID improper authorization

A vulnerability categorized as critical has been discovered in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of

  

CVE-2025-39748 | Linux Kernel up to 6.12.42/6.15.10/6.16.1 bpf is_branch_taken memory corruption

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.42/6.15.10/6.16.1. Affected by this vulnerability is the

  

CVE-2025-39750 | Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1 wifi ath12k_dp_rx_peer_tid_setup tid out-of-bounds

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1. Affected by this issue is the

  

CVE-2025-39752 | Linux Kernel up to 6.16.1 ARM rockchip_smp_prepare_cpus initialization

A vulnerability classified as critical was found in Linux Kernel up to 6.16.1. This affects the function rockchip_smp_prepare_cpus of the

  

CVE-2025-39753 | Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1 mm/migrate.c migrate_folio privilege escalation

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1. This vulnerability affects the

  

CVE-2025-39754 | Linux Kernel up to 6.12.42/6.15.10/6.16.1/6.17-rc1 mm smaps_hugetlb_range race condition

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.42/6.15.10/6.16.1/6.17-rc1. This issue affects the function

  

CVE-2025-39745 | Linux Kernel up to 6.15.10/6.16.1 rcu kernel/rcu/rcutorture.c rcutorture_one_extend_check privilege escalation

A vulnerability has been found in Linux Kernel up to 6.15.10/6.16.1 and classified as problematic. Impacted is the function rcutorture_one_extend_check

  

CVE-2025-39772 | Linux Kernel up to 6.17-rc2 hibnc_hw_init null pointer dereference

A vulnerability was found in Linux Kernel up to 6.17-rc2 and classified as critical. The affected element is the function

  

CVE-2025-39776 | Linux Kernel up to 6.17-rc2 destroy_args allocation of resources

A vulnerability was found in Linux Kernel up to 6.17-rc2. It has been classified as critical. The impacted element is

  

CVE-2025-39775 | Linux Kernel up to 6.16.3/6.17-rc2 mremap allocation of resources

A vulnerability was found in Linux Kernel up to 6.16.3/6.17-rc2. It has been declared as critical. This affects the function

  

CVE-2025-39785 | Linux Kernel up to 6.16.3/6.17-rc2 irq_request use after free

A vulnerability was found in Linux Kernel up to 6.16.3/6.17-rc2. It has been rated as critical. This impacts the function

  

CVE-2025-39766 | Linux Kernel up to 6.17-rc2 return value

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17-rc2. Affected is an unknown function. Executing

  

CVE-2025-39784 | Linux Kernel up to 6.16.3 PCI pcie_failed_link_retrain privilege escalation

A vulnerability identified as critical has been detected in Linux Kernel up to 6.16.3. Affected by this vulnerability is the

  

CVE-2025-39791 | Linux Kernel up to 6.12.43/6.16.3 blk_queue_enter deadlock

A vulnerability labeled as critical has been found in Linux Kernel up to 6.12.43/6.16.3. Affected by this issue is the

  

CVE-2025-39758 | Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1 do_tcp_sendpages allocation of resources

A vulnerability marked as critical has been reported in Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1. This affects the function do_tcp_sendpages. This

  

CVE-2025-39788 | Linux Kernel up to 6.16.3 ufs-exynos.c out-of-bounds

A vulnerability described as critical has been identified in Linux Kernel up to 6.16.3. This vulnerability affects unknown code of

  

CVE-2025-39770 | Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.16.3/6.17-rc2 IPV6_CSUM state issue

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.16.3/6.17-rc2. This issue affects the function IPV6_CSUM.

  

CVE-2025-39761 | Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1 wifi ath12k_dp_rx_peer_frag_setup rx_tid[] out-of-bounds

A vulnerability classified as critical was found in Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1. Impacted is the function ath12k_dp_rx_peer_frag_setup of the

  

CVE-2025-39763 | Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1 GUID Section memory_failure denial of service

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.102/6.12.42/6.15.10/6.16.1. The affected element is

  

CVE-2025-39767 | Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2 module_frob_arch_sections deadlock

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2. The impacted element is the

  

CVE-2025-39769 | Linux Kernel up to 6.16.3/6.17-rc2 netdev_lock.h netdev_assert_locked assertion

A vulnerability has been found in Linux Kernel up to 6.16.3/6.17-rc2 and classified as critical. This affects the function netdev_assert_locked

  

CVE-2025-39771 | Linux Kernel up to 6.16.3/6.17-rc2 kernel/notifier.c devm_register_sys_off_handler denial of service

A vulnerability was found in Linux Kernel up to 6.16.3/6.17-rc2 and classified as critical. This impacts the function devm_register_sys_off_handler of

  

CVE-2025-40300 | Linux Kernel up to 6.16.6 prctl information disclosure

A vulnerability was found in Linux Kernel up to 6.16.6. It has been classified as critical. Affected is the function

  

CVE-2025-39759 | Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.15.10/6.16.1 btrfs_ioctl_quota_rescan use after free

A vulnerability was found in Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.15.10/6.16.1. It has been declared as critical. Affected by this vulnerability

  

CVE-2025-39762 | Linux Kernel up to 6.15.10/6.16.1 null pointer dereference

A vulnerability was found in Linux Kernel up to 6.15.10/6.16.1. It has been rated as critical. Affected by this issue

  

CVE-2025-39787 | Linux Kernel up to 6.16.3 soc mdt_loader buffer overflow

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.16.3. This affects the function mdt_loader of

  

CVE-2025-39768 | Linux Kernel up to 6.16.3/6.17-rc2 privilege escalation

A vulnerability identified as critical has been detected in Linux Kernel up to 6.16.3/6.17-rc2. This vulnerability affects unknown code. This

  

CVE-2025-39779 | Linux Kernel up to 6.12.43/6.16.3/6.17-rc2 btrfs_subpage_set_writeback assertion

A vulnerability labeled as critical has been found in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2. This issue affects the function btrfs_subpage_set_writeback.

  

CVE-2025-39757 | Linux Kernel up to 6.17-rc1 ALSA allocation of resources

A vulnerability marked as critical has been reported in Linux Kernel up to 6.17-rc1. Impacted is an unknown function of

  

CVE-2025-39780 | Linux Kernel up to 6.12.43/6.16.3/6.17-rc2 initialization

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2. The affected element is an unknown

  

CVE-2025-39765 | Linux Kernel up to 6.12.43/6.16.3/6.17-rc2 lib/idr.c snd_utimer_create allocation of resources

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2. The impacted element is the function

  

CVE-2025-39782 | Linux Kernel up to 6.17-rc2 jbd2_log_do_checkpoint buffer overflow

A vulnerability classified as critical was found in Linux Kernel up to 6.17-rc2. This affects the function jbd2_log_do_checkpoint. The manipulation

  

CVE-2025-39760 | Linux Kernel up to 6.16.1 SS Endpoint usb_parse_ss_endpoint_companion buffer overflow

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.16.1. This impacts the function

  

CVE-2025-39774 | Linux Kernel up to 6.16.3/6.17-rc2 PM Call rzg2l_adc allocation of resources

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.16.3/6.17-rc2. Affected is the function rzg2l_adc

  

CVE-2025-39777 | Linux Kernel up to 6.16.3 crypto control flow

A vulnerability has been found in Linux Kernel up to 6.16.3 and classified as critical. Affected by this vulnerability is

  

CVE-2025-39764 | Linux Kernel up to 6.16.1/6.17-rc1 netfilter refcount_inc_not_zero memory leak

A vulnerability was found in Linux Kernel up to 6.16.1/6.17-rc1 and classified as critical. Affected by this issue is the

  

CVE-2025-39786 | Linux Kernel up to 6.16.3 iio syscalib_mode out-of-bounds

A vulnerability was found in Linux Kernel up to 6.16.3. It has been classified as critical. This affects the function

  

CVE-2025-39783 | Linux Kernel up to 6.16.3 PCI list_del epf_group use after free

A vulnerability was found in Linux Kernel up to 6.16.3. It has been declared as critical. This vulnerability affects the

  

CVE-2025-39789 | Linux Kernel up to 6.16.3 crypto skcipher_walk allocation of resources

A vulnerability was found in Linux Kernel up to 6.16.3. It has been rated as critical. This issue affects the

  

CVE-2025-39773 | Linux Kernel up to 6.17-rc2 br_multicast_query_expired denial of service

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17-rc2. Impacted is the function br_multicast_query_expired. Such

  

CVE-2025-39790 | Linux Kernel up to 5.15.189/6.1.148/6.6.102/6.12.43/6.16.3 xfer_cb double free

A vulnerability identified as critical has been detected in Linux Kernel up to 5.15.189/6.1.148/6.6.102/6.12.43/6.16.3. The affected element is the function

  

CVE-2025-58060 | OpenPrinting CUPS up to 2.4.12 improper authentication

A vulnerability labeled as critical has been found in OpenPrinting CUPS up to 2.4.12. The impacted element is an unknown

  

CVE-2025-39781 | Linux Kernel up to 6.6.102/6.12.43/6.16.3 parisc flush_cache_vmap privilege escalation

A vulnerability marked as critical has been reported in Linux Kernel up to 6.6.102/6.12.43/6.16.3. This affects the function flush_cache_vmap of

  

CVE-2025-26499 | Wind River Studio Developer prior 24.11 privilege context switching error

A vulnerability described as problematic has been identified in Wind River Studio Developer. This impacts an unknown function. The manipulation

  

CVE-2025-9877 | Embed Google Datastudio Plugin up to 1.0.0 on WordPress Shortcode egds cross site scripting

A vulnerability classified as problematic has been found in Embed Google Datastudio Plugin up to 1.0.0 on WordPress. Affected is

  

CVE-2025-9881 | Ultimate Blogroll Plugin up to 2.5.2 on WordPress Setting cross-site request forgery

A vulnerability classified as problematic was found in Ultimate Blogroll Plugin up to 2.5.2 on WordPress. Affected by this vulnerability

  

CVE-2025-58364 | OpenPrinting CUPS up to 2.4.12 denial of service

A vulnerability, which was classified as problematic, has been found in OpenPrinting CUPS up to 2.4.12. Affected by this issue

  

CVE-2025-43782 | Liferay Portal/DXP authorization

A vulnerability, which was classified as problematic, was found in Liferay Portal and DXP. This affects an unknown part. Executing

  

CVE-2025-8575 | LWS Cleaner Plugin up to 2.4.1.3 on WordPress wp-config.php lws_cl_delete_file denial of service

A vulnerability has been found in LWS Cleaner Plugin up to 2.4.1.3 on WordPress and classified as problematic. This vulnerability

  

CVE-2025-9880 | Side Slide Responsive Menu Plugin up to 1.0 on WordPress Setting cross-site request forgery

A vulnerability was found in Side Slide Responsive Menu Plugin up to 1.0 on WordPress and classified as problematic. This

  

CVE-2025-9879 | Spotify Embed Creator Plugin up to 1.0.5 on WordPress Shortcode spotify cross site scripting

A vulnerability was found in Spotify Embed Creator Plugin up to 1.0.5 on WordPress. It has been classified as problematic.

  

VDB-323640 | Amazon AWS CloudShell privileges management

A vulnerability, which was classified as critical, has been found in Amazon AWS CloudShell. This affects an unknown function. The

  

CVE-2025-10271 | erjinzhi 10OA 1.0 /trial/mvc/finder Name cross site scripting

A vulnerability, which was classified as problematic, was found in erjinzhi 10OA 1.0. This impacts an unknown function of the

  

CVE-2025-10272 | erjinzhi 10OA 1.0 /trial/mvc/catalogue Name cross site scripting

A vulnerability has been found in erjinzhi 10OA 1.0 and classified as problematic. Affected is an unknown function of the

  

CVE-2025-10273 | erjinzhi 10OA 1.0 /view/file.aspx File path traversal

A vulnerability was found in erjinzhi 10OA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality

  

CVE-2025-10274 | erjinzhi 10OA 1.0 /trial/mvc/item Name cross site scripting

A vulnerability was found in erjinzhi 10OA 1.0. It has been classified as problematic. Affected by this issue is some

  

CVE-2025-10275 | YunaiV yudao-cloud up to 2025.09 /crm/business/transfer ids/newOwnerUserId improper authorization

A vulnerability was found in YunaiV yudao-cloud up to 2025.09. It has been declared as critical. This affects an unknown

  

CVE-2025-10276 | YunaiV ruoyi-vue-pro up to 2025.09 /crm/contract/transfer id/newOwnerUserId improper authorization

A vulnerability was found in YunaiV ruoyi-vue-pro up to 2025.09. It has been rated as critical. This vulnerability affects unknown

  

CVE-2025-10277 | YunaiV yudao-cloud up to 2025.09 /crm/receivable/submit ID improper authorization

A vulnerability categorized as critical has been discovered in YunaiV yudao-cloud up to 2025.09. This issue affects some unknown processing

  

CVE-2025-10278 | YunaiV ruoyi-vue-pro up to 2025.09 /crm/contact/transfer ids/newOwnerUserId improper authorization

A vulnerability identified as critical has been detected in YunaiV ruoyi-vue-pro up to 2025.09. Impacted is an unknown function of

  

CVE-2025-8716 | OpenText Content Management up to 25.3 unusual condition (KB0847046)

A vulnerability labeled as problematic has been found in OpenText Content Management up to 25.3. This vulnerability affects unknown code.

  

CVE-2025-10193 | neo4j neo4j-cypher MCP server up to 0.3.1 DNS origin validation (GHSA-vcqx-v2mg-7chx)

A vulnerability marked as problematic has been reported in neo4j neo4j-cypher MCP server up to 0.3.1. This issue affects some

  

CVE-2025-10269 | Spirit Framework Plugin up to 1.2.13 on WordPress file inclusion

A vulnerability described as critical has been identified in Spirit Framework Plugin up to 1.2.13 on WordPress. Impacted is an

  

CVE-2025-9807 | Events Calendar Plugin up to 6.15.1 on WordPress sql injection

A vulnerability classified as critical has been found in Events Calendar Plugin up to 6.15.1 on WordPress. The affected element

  

VDB-323639 | Amazon AWS Bucket Monopoly code injection

A vulnerability classified as critical was found in Amazon AWS. The impacted element is an unknown function. Executing manipulation can

  

CVE-2025-40691 | PHPGurukul Online Fire Reporting System 1.2 bwdates-report-result.php todate sql injection

A vulnerability identified as critical has been detected in PHPGurukul Online Fire Reporting System 1.2. Affected is an unknown function

  

CVE-2025-40687 | PHPGurukul Online Fire Reporting System 1.2 /admin/add-team.php mobilenumber/teamleadname/teammember sql injection

A vulnerability labeled as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is

  

CVE-2025-40692 | PHPGurukul Online Fire Reporting System 1.2 /ofrs/details.php requestid sql injection

A vulnerability marked as critical has been reported in PHPGurukul Online Fire Reporting System 1.2. Affected by this issue is

  

CVE-2025-40689 | PHPGurukul Online Fire Reporting System 1.2 request-details.php remark/status/requestid sql injection

A vulnerability described as critical has been identified in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part

  

CVE-2025-40690 | PHPGurukul Online Fire Reporting System 1.2 edit-team.php teamid sql injection

A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This vulnerability affects unknown code

  

CVE-2025-40696 | PHPGurukul Online Fire Reporting System 1.2 /ofrs/reporting.php fullname/location/message cross site scripting

A vulnerability classified as problematic was found in PHPGurukul Online Fire Reporting System 1.2. This issue affects some unknown processing

  

CVE-2025-40695 | PHPGurukul Online Fire Reporting System 1.2 request-details.php remark/status/takeaction cross site scripting

A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Fire Reporting System 1.2. Impacted is an

  

CVE-2025-40693 | PHPGurukul Online Fire Reporting System 1.2 edit-team.php tname/teamleadname/teammember/teamname cross site scripting

A vulnerability, which was classified as problematic, was found in PHPGurukul Online Fire Reporting System 1.2. The affected element is

  

CVE-2025-40694 | PHPGurukul Online Fire Reporting System 1.2 Query bwdates-report-result.php fromdate/todate cross site scripting

A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as problematic. The impacted element is

  

CVE-2025-48038 | Erlang OTP 26.2.5.15/27.3.4.3/28.0.3 ssh_sftpd.erl allocation of resources (GHSA-pvj7-9652-7h9r)

A vulnerability was found in Erlang OTP 26.2.5.15/27.3.4.3/28.0.3 and classified as problematic. This affects an unknown function in the library

  

CVE-2025-48039 | Erlang OTP up to 17.0/26.2.5.15/27.3.4.3/28.0.3 ssh_sftpd.erl allocation of resources (GHSA-rr5p-6856-j7h8)

A vulnerability was found in Erlang OTP up to 17.0/26.2.5.15/27.3.4.3/28.0.3. It has been classified as problematic. This impacts an unknown

  

CVE-2025-48041 | Erlang OTP up to 17.0/26.2.5.15/27.3.4.3/28.0.3 ssh_sftpd.erl allocation of resources (GHSA-79c4-cvv7-4qm3)

A vulnerability was found in Erlang OTP up to 17.0/26.2.5.15/27.3.4.3/28.0.3. It has been declared as problematic. Affected is an unknown

  

CVE-2025-48040 | Erlang OTP up to 17.0/26.2.5.15/27.3.4.3/28.0.3 ssh_sftpd.erl resource consumption (GHSA-h7rg-6rjg-4cph)

A vulnerability was found in Erlang OTP up to 17.0/26.2.5.15/27.3.4.3/28.0.3. It has been rated as problematic. Affected by this vulnerability

  

CVE-2025-58320 | Delta Electronics DIALink up to 1.6.0.0 path traversal (PCSA-2025-00016)

A vulnerability categorized as critical has been discovered in Delta Electronics DIALink up to 1.6.0.0. Affected by this issue is

  

CVE-2025-58321 | Delta Electronics DIALink up to 1.6.0.0 path traversal (PCSA-2025-00016)

A vulnerability identified as critical has been detected in Delta Electronics DIALink up to 1.6.0.0. This affects an unknown part.

  

CVE-2025-9918 | Google SecOps SOAR prior 6.3.53.2/6.3.54.0 ZIP Archive path traversal (gcp-2025-049)

A vulnerability categorized as critical has been discovered in Google SecOps SOAR. This impacts an unknown function of the component

  

CVE-2025-9059 | Broadcom IT Management Suite 8.6.x/8.7.x/8.8 Altiris Core Agent Updater AeXNSC.exe uncontrolled search path

A vulnerability was found in Broadcom IT Management Suite 8.6.x/8.7.x/8.8. It has been classified as problematic. The affected element is