Latest CVE Feed
-
6.7
MEDIUMCVE-2025-23299
NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code.... Read more
Affected Products :- Published: Oct. 22, 2025
- Modified: Oct. 22, 2025
- Vuln Type: Misconfiguration
-
4.8
MEDIUMCVE-2025-62248
A reflected cross-site scripting (XSS) vulnerability, resulting from a regression, has been identified in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024... Read more
- Published: Oct. 22, 2025
- Modified: Oct. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.2
MEDIUMCVE-2025-58712
A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an... Read more
Affected Products :- Published: Oct. 22, 2025
- Modified: Oct. 22, 2025
- Vuln Type: Misconfiguration
-
2.0
LOWCVE-2025-62247
Missing Authorization in Collection Provider component in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2... Read more
- Published: Oct. 22, 2025
- Modified: Oct. 22, 2025
- Vuln Type: Authorization