Overview CVE-2025-65955 is a medium severity vulnerability affecting ImageMagick, a popular open-source software suite used for displaying, converting, and editing raster image files. This vulnerability resides in the Magick++ layer and occurs when handling font families. Specifically, invoking Options::fontFamily with an empty string can lead to a double-free or use-after-free condition, potentially causing crashes or heap corruption. This issue has been addressed in ImageMagick versions 7.1.2-9 and 6.9.13-34. Technical Details The vulnerability stems from improper memory management within ImageMagick’s font handling routines. When Options::fontFamily is called with an empty string, it clears the font family, which in turn calls RelinquishMagickMemory…

Overview A high-severity vulnerability, identified as CVE-2025-66476, affects Vim, a popular open-source command-line text editor, on Windows platforms. This uncontrolled search path vulnerability allows an attacker to execute arbitrary code by placing a malicious executable in the same directory as the file being edited. It’s crucial to update Vim to version 9.1.1947 or later to mitigate this risk. Technical Details Vim versions prior to 9.1.1947 on Windows, when using cmd.exe, resolve external commands by searching the current working directory before system paths. This means that when Vim invokes external tools such as findstr (used for :grep), executes external commands or…

Overview CVE-2025-55181 is a medium severity vulnerability affecting Facebook’s Proxygen HTTP/3 library. This vulnerability allows a malicious actor to cause a denial-of-service (DoS) by triggering an infinite loop, leading to unbounded memory growth and eventual process termination due to out-of-memory conditions. Technical Details The vulnerability resides within the proxygen::coro::HTTPQuicCoroSession component. Specifically, sending an HTTP request or response body exceeding 2^31 bytes triggers an infinite loop. During this loop, the backing event loop is blocked, preventing other tasks from being processed. Crucially, with each iteration of the loop, data is unconditionally appended to a std::vector. This constant appending without proper size…

Overview A critical vulnerability, identified as CVE-2025-65657, has been discovered in FeehiCMS version 2.1.1. This vulnerability allows an authenticated remote attacker to execute arbitrary code on the server through unrestricted file uploads within the ad management feature. By uploading a malicious PHP file, an attacker can gain complete control of the affected system. It’s crucial to understand the technical details, potential impact, and implement the recommended mitigation steps to protect your FeehiCMS installation. Technical Details The vulnerability stems from insufficient validation and sanitization of uploaded files within the ad management module of FeehiCMS 2.1.1. An authenticated user with the necessary…

Overview CVE-2025-65380 details a significant SQL Injection vulnerability discovered in PHPGurukul Billing System version 1.0. This vulnerability exists in the admin/index.php endpoint, allowing attackers to potentially execute arbitrary SQL queries on the backend database by manipulating the username parameter. This can lead to unauthorized access to sensitive data, modification of data, or even complete compromise of the application and its underlying database server. Technical Details The vulnerability stems from the lack of proper sanitization and validation of user input within the admin/index.php script. Specifically, the username parameter is directly concatenated into an SQL query without any form of escaping or…

Overview CVE-2025-64778 is a high-severity vulnerability affecting NMIS/BioDose software, version 22.02 and previous versions. This vulnerability stems from the presence of plain text, hard-coded passwords within executable binaries. An attacker exploiting this flaw could gain unauthorized access to both the application and its underlying database, potentially leading to sensitive data exposure and system compromise. Technical Details The vulnerability lies in the inclusion of easily discoverable, hard-coded passwords within the application’s executable files. By reverse-engineering or inspecting the binaries, attackers can extract these credentials. These passwords grant privileged access to the NMIS/BioDose application and the connected database, allowing attackers to manipulate…

Overview A high-severity vulnerability, identified as CVE-2025-64642, has been discovered in NMIS/BioDose versions V22.02 and earlier. This vulnerability stems from insecure default file permissions on the software’s installation directory paths. In specific deployment scenarios, this flaw could allow users on client workstations to modify the program’s executables and libraries, potentially leading to significant security breaches. Technical Details The vulnerability arises from overly permissive file permissions granted to the installation directories of NMIS/BioDose software. Specifically, client workstation users might inadvertently or maliciously gain write access to critical system files. This access can be exploited to replace legitimate program components with malicious…

Overview CVE-2025-64298 is a high-severity vulnerability affecting NMIS/BioDose V22.02 and all prior versions when using the embedded Microsoft SQL Server Express in networked installations. The vulnerability stems from insecure default directory paths in the Windows share used by clients, leading to unauthorized access to sensitive SQL Server database and configuration files. Technical Details NMIS/BioDose, when deployed with the embedded SQL Server Express, utilizes a Windows share for client access. The default configuration of this share contains overly permissive directory paths. Specifically, these paths grant access to the SQL Server’s database files (.mdf, .ldf) and configuration files. An attacker with access…

Overview A critical security vulnerability, identified as CVE-2025-62575, has been discovered in NMIS/BioDose V22.02 and all previous versions. This vulnerability stems from the software’s reliance on a Microsoft SQL Server database and the default configuration that grants the ‘nmdbuser’ account, along with other created accounts, the sysadmin role. This excessive privilege allows for potential remote code execution (RCE) through the exploitation of built-in stored procedures. Technical Details The core of the vulnerability lies in the overly permissive database permissions granted to the default ‘nmdbuser’ account and other created accounts. The sysadmin role in Microsoft SQL Server provides virtually unrestricted access…

Overview CVE-2025-61940 is a high-severity vulnerability affecting NMIS/BioDose versions 22.02 and earlier. This vulnerability stems from the software’s reliance on a single, common SQL Server user account for database access. While the client application implements password authentication, the underlying database connection remains consistently accessible, potentially allowing unauthorized data access and manipulation. Technical Details The vulnerability lies in the fact that all users, regardless of their client-side credentials, ultimately connect to the SQL Server database using the same shared account. This bypasses the intended access controls enforced by the client application. An attacker who gains access to this shared database credential,…