CVE Trends

CVE-2025-30406 is a vulnerability affecting Gladinet CentreStack, a cloud-based enterprise file-sharing platform. It stems from the use of a hard-coded cryptographic key within the application's web configuration files (web.config). This key is used for ViewState integrity verification. Successful exploitation of this flaw allows an attacker to forge ViewState payloads. This enables server-side deserialization, ultimately leading to remote code execution. The vulnerability is classified as CWE-321, which highlights the risks associated with using hard-coded cryptographic keys.

CVE-2024-7971 is a type confusion vulnerability found in the V8 JavaScript and WebAssembly engine within Google Chrome versions prior to 128.0.6613.84. This flaw allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. The vulnerability stems from the Liftoff compiler's handling of loop structures during WebAssembly (WASM) JIT compilation, where it doesn't enforce strict type checks, potentially leading to memory corruption. It has been reported that this vulnerability has been exploited in the wild.

CVE-2022-42475 is a heap-based buffer overflow vulnerability that affects the SSL-VPN component of FortiOS and FortiProxy. It exists in FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier, and FortiProxy SSL-VPN versions 7.2.0 through 7.2.1, and 7.0.7 and earlier. This vulnerability allows a remote, unauthenticated attacker to potentially execute arbitrary code or commands on the system by sending specifically crafted requests. Fortinet is aware of instances where this vulnerability has been exploited in the field.

CVE-2024-21762 is an out-of-bounds write vulnerability found in the SSL VPN component of Fortinet's FortiOS and FortiProxy. It resides in the SSL VPN functionality, potentially allowing unauthenticated, remote attackers to execute arbitrary code or commands on affected systems. This is achieved by sending specially crafted HTTP requests to a vulnerable device that has SSL VPN enabled, which can trigger a buffer overflow. Specifically, the vulnerability relates to the handling of HTTP requests using chunked transfer encoding. Analysis of the patch revealed that it introduces validation to ensure a certain value is less than 0x10, and if this condition isn't met, an "invalid chunk length string" is logged. Exploitation could lead to unauthorized access and control of the targeted systems.

CVE-2023-27997 is a heap-based buffer overflow vulnerability found in the SSL-VPN component of Fortinet's FortiOS and FortiProxy. It arises from the SSL-VPN pre-authentication module, where an overflow of data from an allocated memory block into adjacent memory blocks in the heap can occur. Successful exploitation of this vulnerability allows a remote attacker to execute arbitrary code or commands via specifically crafted requests. This can be achieved without authentication, potentially bypassing multi-factor authentication, and allowing attackers to access networks and products protected by the secure channel.

CVE-2023-4966 is a vulnerability that allows unauthorized disclosure of sensitive information in Citrix NetScaler ADC and NetScaler Gateway appliances. When these appliances are configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server, a buffer overflow flaw can be exploited to leak sensitive data. This vulnerability allows attackers to read sections of memory beyond the intended buffer, potentially exposing session tokens and enabling impersonation of legitimate users. Exploitation has been observed in the wild, with some attackers using it to bypass multi-factor authentication and hijack user sessions. This vulnerability affects specific versions of NetScaler ADC and NetScaler Gateway, including versions 14.1 before 14.1-8.50, 13.1 before 13.1-49.15, and 13.0 before 13.0-92.19. Citrix-managed cloud services and Citrix-managed Adaptive Authentication are not affected. The vulnerability was publicly disclosed by Citrix on October 10, 2023, and has since been added to CISA's Known Exploited Vulnerabilities Catalog due to observed exploitation.

CVE-2025-3248 is a code injection vulnerability that affects Langflow versions prior to 1.3.0. It exists in the `/api/v1/validate/code` endpoint, where a remote, unauthenticated attacker can send crafted HTTP requests to execute arbitrary code on the server. This vulnerability allows attackers to gain control of vulnerable Langflow servers without needing authentication. To remediate this vulnerability, users are advised to upgrade to Langflow version 1.3.0 or restrict network access to the application.

CVE-2025-24813 is a vulnerability affecting Apache Tomcat versions 9.0.0.M1 through 9.0.98, 10.1.0.M1 through 10.1.34, and 11.0.0.M1 through 11.0.2. It stems from an issue in how Tomcat handles partial PUT requests. Specifically, the vulnerability arises from the use of a temporary file based on user-supplied filenames and paths, where the path separator is replaced by a dot. This can potentially allow unauthorized access to sensitive files, injection of malicious content, or even remote code execution under certain conditions. Exploitation of this vulnerability requires a specific set of circumstances. For information disclosure or content injection, the default servlet must have write access enabled (it's disabled by default), partial PUT support must be enabled (which it is by default), and the target URL for sensitive uploads must be a subdirectory of a public upload URL. The attacker also needs to know the names of the sensitive files being uploaded via partial PUT. For remote code execution, the same conditions apply, with the addition of the application using Tomcat's file-based session persistence in the default location and including a library vulnerable to deserialization attacks.

CVE-2025-22457 is a stack-based buffer overflow vulnerability affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti ZTA Gateways. It allows a remote, unauthenticated attacker to execute arbitrary code on the target device. The vulnerability is triggered by network access to the impacted appliances. Exploitation of CVE-2025-22457 has been observed in the wild, with attackers using a shell script dropper to inject the BRUSHFIRE passive backdoor into a running web process.

CVE-2025-3102 is an authentication bypass vulnerability affecting the SureTriggers: All-in-One Automation Platform plugin for WordPress. Specifically, it resides in versions up to and including 1.0.78. The vulnerability stems from a missing empty value check on the 'secret_key' value within the 'autheticate_user' function. This flaw allows unauthenticated attackers to create administrator accounts on a target website if the plugin is installed and activated but hasn't been configured with an API key. The vulnerability was discovered by Michael Mazzolini on March 13, 2025, and a fix was implemented in version 1.0.79 of the plugin, released on April 3, 2025.