Trending now

CVE-2025-49704 is a code injection vulnerability in Microsoft Office SharePoint. An authorized attacker could exploit this vulnerability to execute code over a network. To exploit this vulnerability, the attacker needs to be authenticated with at least Site Owner privileges. Successful exploitation of CVE-2025-49704 allows an attacker to write arbitrary code into a vulnerable SharePoint server to gain remote code execution. The attack complexity is low and can be exploited remotely from the internet, potentially leading to complete compromise of affected SharePoint servers.

CVE-2025-49706 is a vulnerability affecting Microsoft Office SharePoint. It stems from improper authentication within the software. This vulnerability could allow an authorized attacker to perform spoofing attacks over a network, potentially compromising the integrity of SharePoint services. Microsoft has released a security update (KB5002751) to address this vulnerability.

CVE-2025-53833 is a Server-Side Template Injection (SSTI) vulnerability affecting LaRecipe, a documentation generator tool for Laravel applications. Versions prior to 2.8.1 are vulnerable. The vulnerability stems from improper input validation in LaRecipe's template processing system, which allows attackers to inject malicious code into server-side templates. Successful exploitation of this vulnerability could lead to Remote Code Execution (RCE). An attacker could execute arbitrary commands on the server, access sensitive environment variables, and potentially escalate privileges. It is recommended that users upgrade to version 2.8.1 or later to patch this flaw.

CVE-2025-4941 is a vulnerability found in PHPGurukul Credit Card Application Management System 1.0. It involves an SQL injection flaw within the file `/admin/index.php`. Specifically, the `username` argument can be manipulated to inject SQL commands. This vulnerability can be exploited remotely and does not require authentication. Public exploits and technical details are available. The attack technique is classified as T1505 by the MITRE ATT&CK project.

CVE-2024-50379 is a Time-of-check Time-of-use (TOCTOU) race condition vulnerability found in Apache Tomcat. It affects versions 11.0.0-M1 through 11.0.1, 10.1.0-M1 through 10.1.33, and 9.0.0.M1 through 9.0.97. The vulnerability can lead to Remote Code Execution (RCE) on case-insensitive file systems when the default servlet is enabled for write access, a configuration that is not enabled by default. An attacker could exploit this flaw to upload malicious code and trigger its execution, potentially compromising the server.

CVE-2025-47812 is a remote code execution vulnerability in Wing FTP Server. The vulnerability arises because the application doesn't properly handle NULL bytes in usernames. By appending a NULL byte to the username, an attacker can bypass authentication and inject Lua code into session files. Specifically, when a user authenticates with a NULL-byte injected username, the server creates a new session ID and stores the NULL byte in the session variable. This allows an attacker to inject arbitrary Lua code, leading to remote code execution with root privileges on Linux systems and SYSTEM rights on Windows systems because the wftpserver runs with elevated privileges by default.

CVE-2025-6218 is a directory traversal remote code execution vulnerability that affects RARLAB WinRAR. It allows remote attackers to execute arbitrary code on affected installations. Exploitation of this vulnerability requires user interaction, as the target must visit a malicious page or open a malicious file. The vulnerability lies in how WinRAR handles file paths within archive files, where a specially crafted file path can cause the process to traverse to unintended directories. By leveraging this vulnerability, an attacker can execute code within the security context of the current user.

CVE-2025-25257 is a critical SQL injection vulnerability found in Fortinet's FortiWeb web application firewall. This vulnerability, classified as CWE-89, stems from improper neutralization of special elements used in SQL commands. The vulnerability allows unauthenticated attackers to execute unauthorized SQL code or commands by sending crafted HTTP or HTTPS requests to the FortiWeb management interface. Successful exploitation could lead to attackers accessing sensitive data, altering database contents, or compromising backend systems.

CVE-2025-7503 affects an OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD. The camera exposes a Telnet service on port 23 with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device's web interface or user manual. An attacker with network access can authenticate using default credentials and gain root-level shell access to the device. The affected firmware version is AppFHE1_V1.0.6.0 (Kernel: KerFHE1_PTZ_WIFI_V3.1.1, Hardware: HwFHE1_WF6_PTZ_WIFI_20201218). As of July 11, 2025, no official fix or firmware update is available, and the vendor could not be contacted.

CVE-2025-22224 is a critical vulnerability affecting VMware ESXi and Workstation products. It's a time-of-check to time-of-use (TOCTOU) race condition flaw that can lead to an out-of-bounds write within the VMCI (Virtual Machine Communication Interface). An attacker with local administrator privileges on a virtual machine can exploit this vulnerability to execute code as the virtual machine's VMX process running on the host. This vulnerability allows attackers to escalate privileges from a compromised virtual machine to the underlying host system. Successful exploitation could grant the attacker control over the entire ESXi host, potentially impacting other virtual machines running on the same server. This vulnerability is known to be actively exploited in the wild.