CVE-2025-62775
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password. More information : https://blog.nullvoid.me/posts/mercku-exploits/
Tagged: Cybersecurity Alert
CVE-2025-62772
On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases. More information : https://blog.nullvoid.me/posts/mercku-exploits/
CVE-2025-62773
Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator. More information : https://blog.nullvoid.me/posts/mercku-exploits/
CVE-2025-62771
Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks. More information : https://blog.nullvoid.me/posts/mercku-exploits/
CVE-2025-22167
This High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data Center and Server. This Path Traversal (Arbitrary Write) vulnerability, with a...
CVE-2025-61756
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: System Configuration). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker...
CVE-2025-62588
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...
CVE-2025-62589
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...
CVE-2025-62590
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...
CVE-2025-62591
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...
CVE-2025-62592
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...
CVE-2025-62641
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...
CVE-2025-62661
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki – Thanks Extension, Mediawiki – Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki – Thanks Extension, Mediawiki – Growth...
CVE-2025-62479
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Block Storage). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via...