Total
673 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4374 | 1 Redhat | 1 Quay | 2025-12-19 | 6.5 Medium |
| A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository. | ||||
| CVE-2025-5417 | 1 Redhat | 1 Rhdh | 2025-12-19 | 6.1 Medium |
| An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the rhdh/rhdh-hub-rhel9 container image and modify the image's content. This issue affects the confidentiality and integrity of the data, and any changes made are not permanent, as they reset after the pod restarts. | ||||
| CVE-2025-13116 | 1 Macrozheng | 2 Mall, Mall-swarm | 2025-12-19 | 5.4 Medium |
| A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-2843 | 1 Redhat | 1 Cluster Observability Operator | 2025-12-19 | 8.8 High |
| A flaw was found in the Observability Operator. The Operator creates a ServiceAccount with *ClusterRole* upon deployment of the *Namespace-Scoped* Custom Resource MonitorStack. This issue allows an adversarial Kubernetes Account with only namespaced-level roles, for example, a tenant controlling a namespace, to create a MonitorStack in the authorized namespace and then elevate permission to the cluster level by impersonating the ServiceAccount created by the Operator, resulting in privilege escalation and other issues. | ||||
| CVE-2025-14889 | 1 Campcodes | 1 Advanced Online Voting System | 2025-12-19 | 5.4 Medium |
| A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-58710 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.6 High |
| Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through <= 1.4.0. | ||||
| CVE-2025-55707 | 2 Wordpress, Wpxpo | 2 Wordpress, Postx | 2025-12-19 | 7.2 High |
| Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through <= 4.1.35. | ||||
| CVE-2025-64188 | 2 Pencidesign, Wordpress | 2 Soledad, Wordpress | 2025-12-19 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through <= 8.6.9. | ||||
| CVE-2025-59134 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through <= 1.5.8. | ||||
| CVE-2025-14749 | 2 Ningyuanda, Shenzhenningyuandatechnology | 3 Tc155, Tc155, Tc155 Firmware | 2025-12-18 | 6.3 Medium |
| A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/device_service of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-14748 | 2 Ningyuanda, Shenzhenningyuandatechnology | 3 Tc155, Tc155, Tc155 Firmware | 2025-12-18 | 5.4 Medium |
| A vulnerability was determined in Ningyuanda TC155 57.0.2.0. This affects an unknown function of the file /onvif/device_service of the component ONVIF Device Management Service. Executing manipulation of the argument FactoryDefault with the input Hard can lead to improper access controls. The attack requires access to the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-65842 | 3 Acustica-audio, Acusticaudio, Apple | 3 Aquarius Helpertool, Aquarius Helpertool, Macos | 2025-12-18 | 5.1 Medium |
| The Aquarius HelperTool (1.0.003) privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights with a NULL reference, causing all authorization checks to succeed. The executeCommand:authorization:withReply: method then interpolates attacker-controlled input into NSTask and executes it with root privileges. A local attacker can exploit these weaknesses to run arbitrary commands as root, create persistent backdoors, or obtain a fully interactive root shell. | ||||
| CVE-2025-49379 | 2025-12-18 | 7.2 High | ||
| Incorrect Privilege Assignment vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Privilege Escalation.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through <= 1.2. | ||||
| CVE-2025-65807 | 2 Chmln, Sd Project | 2 Sd, Sd | 2025-12-17 | 8.4 High |
| An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command. | ||||
| CVE-2025-14503 | 1 Amazon | 1 Aws Harmonix | 2025-12-17 | 7.2 High |
| An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM principal in the same AWS account with sts:AssumeRole permissions to assume the role with administrative privileges. We recommend customers upgrade to Harmonix on AWS v0.4.2 or later if you have deployed the framework using versions v0.3.0 through v0.4.1. | ||||
| CVE-2025-13888 | 1 Redhat | 1 Openshift Gitops | 2025-12-16 | 9.1 Critical |
| A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged workloads that run on master nodes, effectively giving them root access to the entire cluster. | ||||
| CVE-2025-14660 | 1 Decocms | 1 Mesh | 2025-12-15 | 5.6 Medium |
| A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been published and may be used. Upgrading to version 1.0.0-alpha.32 addresses this issue. Patch name: 5f7315e05852faf3a9c177c0a34f9ea9b0371d3d. It is recommended to upgrade the affected component. | ||||
| CVE-2025-23260 | 1 Nvidia | 1 Aistore | 2025-12-15 | 5 Medium |
| NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2025-14016 | 1 Macrozheng | 1 Mall-swarm | 2025-12-15 | 5.4 Medium |
| A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-65094 | 1 Wbce | 1 Wbce Cms | 2025-12-15 | 8.8 High |
| WBCE CMS is a content management system. Prior to version 1.6.4, a low-privileged user in WBCE CMS can escalate their privileges to the Administrators group by manipulating the groups[] parameter in the /admin/users/save.php request. The UI restricts users to assigning only their existing group, but server-side validation is missing, allowing attackers to overwrite their group membership and obtain full administrative access. This results in a complete compromise of the CMS. This issue has been patched in version 1.6.4. | ||||