Geraldino2

#8797of 53,630
31.1Total CVSS
Vulnerabilities · 5
Medium
3
High
2
PT-2025-31710
7.5
2025-08-01
Copyparty · Copyparty · CVE-2025-54796
**Name of the Vulnerable Software and Affected Versions** Copyparty versions prior to 1.18.9 **Description** Copyparty is a portable file server. The `filter` parameter for the "Recent Uploads" page allows arbitrary Regular Expressions (RegExes). If this feature is enabled by default, an attacker can craft a filter that deadlocks the server. **Recommendations** Update to version 1.18.9 or later.
PT-2025-31384
5.0
2025-07-29
Glpi · Glpi · CVE-2025-52567
**Name of the Vulnerable Software and Affected Versions** GLPI versions 0.84 through 10.0.18 **Description** GLPI is an Asset and IT Management Software package. Versions 0.84 through 10.0.18 are susceptible to a Server-Side Request Forgery (SSRF) exploit when using RSS feeds or external calendars for planning purposes. Previous security patches implemented since GLPI 10.0.4 were insufficient in certain scenarios. **Recommendations** Update to version 10.0.19 or later.
PT-2025-31385
7.8
2025-07-29
Glpi · Glpi · CVE-2025-52897
**Name of the Vulnerable Software and Affected Versions** GLPI versions 9.1.0 through 10.0.18 **Description** GLPI is an Asset and IT Management Software package. An unauthenticated user can send a malicious link to attempt a phishing attack from the planning feature. **Recommendations** Update to version 10.0.19 or later.
PT-2025-31386
6.8
2025-07-29
Glpi · Glpi · CVE-2025-53008
**Name of the Vulnerable Software and Affected Versions** GLPI versions 9.3.1 through 10.0.19 **Description** GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking, and software auditing. A connected user can utilize a malicious payload to obtain mail receiver credentials. **Recommendations** Update to version 10.0.19 or later.
PT-2025-31389
4.0
2025-07-29
Glpi · Glpi · CVE-2025-53113
**Name of the Vulnerable Software and Affected Versions** GLPI versions 0.65 through 10.0.18 **Description** GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can use the external links feature to access information on items they are not authorized to view. **Recommendations** Update to version 10.0.19 or later.