CVE-2025-12423
Protocol manipulation might lead to denial of service.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . More information : https://azure-access.com/security-advisories
Tagged: Cybersecurity Alert
CVE-2025-12424
Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . More information : https://azure-access.com/security-advisories
CVE-2025-12425
Local Privilege Escalation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . More information : https://azure-access.com/security-advisories
CVE-2025-60800
Incorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive information via a crafted GET request. More information : https://github.com/jishenghua/jshERP/issues/130
CVE-2025-60805
An issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized attackers to gain sensitive information via the “pre-resource” option in bes-web.xml. More information : http://bes.com
CVE-2025-61080
A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Clear2Pay Bank Visibility Application – Payment Execution 1.10.0.104 via the ID parameter in the URL. More information : https://gist.github.com/willyc0de/f05b44696d66b4bc3276234171952bf2
CVE-2025-60354
Unauthorized modification of arbitrary articles vulnerability exists in blog-vue-springboot. More information : https://github.com/line2222/vuln/issues/3
CVE-2025-60355
zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates. More information : https://github.com/line2222/vuln/issues/4
CVE-2025-12422
Vulnerable Upgrade Feature (Arbitrary File Write) may lead to obtaining super user permissions on board.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. More information : https://azure-access.com/security-advisories
CVE-2025-54604
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2). More information : https://bitcoincore.org/en/2025/10/24/disclose-cve-2025-54604/
CVE-2025-54605
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 2 of 2). More information : https://bitcoincore.org/en/2025/10/24/disclose-cve-2025-54605/
CVE-2025-60349
An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via sending IOCTL code 0x22E044 to the pxscan.sys driver. Any processes listed under registry key HKEY_LOCAL_MACHINESystemCurrentControlSetServicespxscanFiles will be terminated....
CVE-2025-60858
Reolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext within its configuration and update scripts, allowing attackers to intercept or extract sensitive information. More information : https://cybermaya.in/posts/Post-47/
CVE-2025-61155
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local attackers to cause a denial of service by crashing arbitrary processes via sending crafted IOCTL requests. More information : http://gamedriverx64sys.com