In SQLite version 3.49.0 a critical severity vulnerability CVE-2025-29087 was detected. This vulnerability allows attackers to trigger an integer overflow using the concat function. Currently, there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2025/cve-2025-29087.
Read more Database
In MongoDB versions prior to 5.0.31, 6.0.20 and 7.0.16 a high severity vulnerability CVE-2025-3083 was detected. This vulnerability allows unauthenticated attackers to crash the `mongos` process by sending specifically crafted MongoDB wire protocol messages. To address this issue, users should upgrade MongoDB to versions 5.0.31, 6.0.20 or 7.0.16. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-3083.
Read more Database
In MongoDB Server versions prior to 5.0.31, 6.0.20, 7.0.16 and 8.0.4 a medium severity vulnerability CVE-2025-3084 was detected. This vulnerability allows malformed arguments passed to the `explain` command to bypass validation, potentially causing crashes in router (`mongos`) servers. To address this issue, users should upgrade MongoDB Server to versions 5.0.31, 6.0.20, or 7.0.16. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-3084.
Read more Database
In MongoDB Server versions prior to 5.0.31, 6.0.20, 7.0.16 and 8.0.4 a high severity vulnerability CVE-2025-3085 was detected. When running on Linux with TLS and CRL checks enabled, MongoDB may skip verifying intermediate certificate revocation, potentially allowing improper or unauthenticated access, especially with MONGODB-X509 or intra-cluster authentication. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-3085.
Read more Database
In Zabbix Server versions 6.0.0 up to 6.0.38, 7.0.0 up to 7.0.9, 7.2.0 up to 7.2.3 a medium severity vulnerability CVE-2024-45700 was detected. This vulnerability allows attackers to send specially crafted requests that cause excessive memory allocation and CPU-intensive decompression, ultimately leading to a service crash. To address this issue, users should upgrade Zabbix Server to versions 6.0.39rc1, 7.0.10rc1, 7.2.4rc1 or 7.4.0alpha1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-45700.
Read more Monitoring
In Zabbix Server versions 6.0.0 up to 6.0.36, 6.4.0 up to 6.4.20 and 7.0.0 up to 7.0.6 a high severity vulnerability CVE-2024-45699 was detected. This vulnerability allows attackers to inject a JavaScript payload through the backurl parameter in the /zabbix.php?action=export.valuemaps endpoint, leading to a Cross-Site Scripting (XSS) attack. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-45699.
Read more Monitoring
In Jenkins versions 2.503 and prior, LTS 2.492.2 and prior a medium severity vulnerability CVE-2025-31721 was detected. This vulnerability allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent and gain access to encrypted secrets in its configuration. To address this issue, users should upgrade Jenkins to versions 2.504 or later, or LTS versions 2.492.3 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-31721.
Read more Developer Tools
In Jenkins versions 2.503 and earlier, LTS 2.492.2 and earlier a medium severity vulnerability CVE-2025-31720 was detected. This vulnerability allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration. To address this issue, users should upgrade Jenkins to versions 2.504 or later, or LTS versions 2.492.3 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-31720.
Read more Developer Tools
In OpenVPN versions 2.6.1 through 2.6.13 a high severity vulnerability CVE-2025-2704 was detected. This vulnerability allows remote attackers to trigger a denial of service by corrupting and replaying network packets during the early TLS-crypt-v2 handshake phase when OpenVPN is operating in server mode. To address this issue, users should upgrade OpenVPN to versions 2.6.14 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-2704.
Read more Security