CVE | THREATINT

Welcome

This is a free service provided by THREATINT. It is hosted in Europe

It contains information on publicly disclosed cyber security vulnerabilities based on data from the CVE® Program, please see the official CVE website and CVE List V5 on GitHub. Whenever applicable we also show information from the Known Exploited Vulnerabilities Catalog provided by US CISA as the authoritative source of vulnerabilities that have been exploited in the wild.

New

CVE-2025-14013: JIZHICMS Comment addcomment.html cross site scripting: A vulnerability was identified in JIZHICMS up to 2.5.5. The impacted element is an unknown function of the file /index.php/admins/Comment/addcomment.html of the component Comment Handler. The manipulation of the argument body leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and might be ...

CVE-2025-9127: PX Enterprise Improper Sanitization Vulnerability: A vulnerability exists in PX Enterprise whereby sensitive information may be logged under specific conditions.

CVE-2025-14012: JIZHICMS Batch Delete Comments deleteAll.html delete sql injection: A vulnerability was determined in JIZHICMS up to 2.5.5. The affected element is the function deleteAll/findAll/delete of the file /index.php/admins/Comment/deleteAll.html of the component Batch Delete Comments. Executing manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been publicly d...

CVE-2025-14011: JIZHICMS Add Display Name Field addcomment.html commentlist sql injection: A vulnerability was found in JIZHICMS up to 2.5.5. Impacted is the function commentlist of the file /index.php/admins/Comment/addcomment.html of the component Add Display Name Field. Performing manipulation of the argument aid/tid results in sql injection. The attack can be initiated remotely. The exploit has been made p...

CVE-2025-66287: Webkitgtk: processing maliciously crafted web content may lead to an unexpected process crash: A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.

Updated

CVE-2025-7195: Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd: Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.1...

CVE-2025-63362: Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows attackers to set the Administrator password and username as blank values, allowing attackers to bypass authentication.

CVE-2024-3884: Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded: A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParse(StreamSourceChannel) method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows una...

CVE-2025-63361: Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to render the Administrator password in plaintext.

CVE-2025-59695: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.

CISA Known Exploited Vulnerabilities

CVE-2021-26828 OpenPLC ScadaBR: OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.

CVE-2025-48633 Android Framework: Android Framework contains an unspecified vulnerability that allows for information disclosure.

CVE-2025-48572 Android Framework: Android Framework contains an unspecified vulnerability that allows for privilege escalation.

CVE-2021-26829 OpenPLC ScadaBR: OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.

CVE-2025-61757 Oracle Fusion Middleware: Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.

Additional information

EUVD (European Union Vulnerability Database) is maintained by ENISA (European Union Agency for Cybersecurity), under the European Union’s regulatory umbrella, serving as a centralized platform for vulnerability reporting specifically aligned with the EU’s legal frameworks such as NIS2 and the Cyber Resilience Act (CRA)

EUVD complements the CVE system by aggregating CVE data, but also assigns its own EUVD IDs to vulnerabilities, offers enriched metadata tailored for EU policies and compliance, and may highlight vulnerabilities particularly relevant to the European market.

Most vulnerabilities catalogued in EUVD will have both a CVE-ID and an EUVD-ID, acting as cross-references.

euvd.enisa.europa.eu

Source: media.ccc.de/v/eh22-138-panic-at-the-cve-o-theque.

A big "thank you" goes to @pennylane.

help @ threatint.eu