Pulse Connect Secure is a virtual private network (VPN) solution that allows businesses to secure their data communications. It provides secure, streamlined access to corporate resources and applications from any device.

Ivanti Connect Secure

Ivanti Policy Secure is a cloud-based security solution that offers reliable access control for networks and applications. It ensures consistent enforcement of compliance by automating authentication and compliance checks across enterprise networks. The software combines user profiling, device assessment, and network access policy implementation for comprehensive security control.

Ivanti Policy Secure

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

CVE-2025-22457

Linux

Linux Kernel

NGINX Ingress Controller for Kubernetes (community-driven) is an Ingress Controller that manages the routing of external traffic to services inside a Kubernetes cluster, acting as a reverse proxy and load balancer. Developed and maintained by the Kubernetes community, this controller offers a wide range of features for traffic routing, SSL termination, and load balancing.

Ingress NGINX Controller (community-driven)

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

CVE-2025-1974

GoLang

GitHub Advisory Database

Windows

Windows Cumulative Update

FortiOS is Fortinet's operating system. It is the foundation of the Fortinet Security Fabric, consolidating many technologies and use cases into a single policy and management framework. FortiOS provides the ability to control all the security and networking capabilities in all FortiGate devices across the entire network with one operating system.

FortiOS

FortiProxy is a secure web proxy that protects employees against internet-borne attacks by incorporating multiple detection techniques such as web and video filtering, DNS filtering, data loss prevention, antivirus, intrusion prevention, browser isolation, and advanced threat protection.

Fortinet FortiProxy

FortiGate Next Generation Firewall is a network security appliance by Fortinet.

FortiGate Next Generation Firewall (Virtual Appliance)

A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

CVE-2023-25610

JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

Next.js is a popular React-based framework for building server-side rendered and statically generated web applications. It provides a powerful set of features including automatic code splitting, optimized performance, and built-in routing.

Next.js

Next.js is a React framework for building full-stack web applications. Prior to 14.2.25 and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 14.2.25 and 15.2.3.

CVE-2025-29927

Anaconda

GitHub is a web-based Git repository hosting service, which offers all of the distributed revision control and source code management (SCM) functionality of Git, as well as adding its own features. Unlike Git, which is strictly a command-line tool, GitHub provides a web-based graphical interface and desktop as well as mobile integration.

GitHub

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos.

CVE-2025-30154

VLLM is a fast and easy-to-use library for LLM inference and serving.

vLLM

## Description
https://github.com/vllm-project/vllm/security/advisories/GHSA-rh4j-5rhw-hr54 reported a vulnerability where loading a malicious model could result in code execution on the vllm host. The fix applied to specify `weights_only=True` to calls to `torch.load()` did not solve the problem prior to PyTorch 2.6.0.
PyTorch has issued a new CVE about this problem: https://github.com/advisories/GHSA-53q9-r3pm-6pq6
This means that versions of vLLM using PyTorch before 2.6.0 are vulnerable to this problem.
## Background Knowledge
When users install VLLM according to the official manual
![image](https://github.com/user-attachments/assets/d17e0bdb-26f2-46d6-adf6-0b17e5ddf5c7)
But the version of PyTorch is specified in the requirements. txt file
![image](https://github.com/user-attachments/assets/94aad622-ad6d-4741-b772-c342727c58c7)
So by default when the user install VLLM, it will install the PyTorch with version 2.5.1
![image](https://github.com/user-attachments/assets/04ff31b0-aad1-490a-963d-00fda91da47b)
In CVE-2025-24357, weights_only=True was used for patching, but we know this is not secure.
Because we found that using Weights_only=True in pyTorch before 2.5.1 was unsafe
Here, we use this interface to prove that it is not safe.
![image](https://github.com/user-attachments/assets/0d86efcd-2aad-42a2-8ac6-cc96b054c925)
## Fix
update PyTorch version to 2.6.0
## Credit
This vulnerability was found By Ji'an Zhou and Li'shuo Song

GHSA-ggpf-24jw-3fcw

xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and contained malicious code designed to exfiltrate private keys. Version 2.14.2 is also malicious, though it is less likely to lead to exploitation as it is not compatible with other 2.x versions. Anyone who used one of these versions should stop immediately and rotate any private keys or secrets used with affected systems. Users of xrpl.js should pgrade to version 4.2.5 or 2.14.3 to receive a patch. To secure funds, think carefully about whether any keys may have been compromised by this supply chain attack, and mitigate by sending funds to secure wallets, and/or rotating keys. If any account's master key is potentially compromised, disable the key.

CVE-2025-32965

PHP is a general-purpose scripting language that is especially suited for web development.

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting (XSS) in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field.

CVE-2025-26159

Composer

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the `spec.audiences` field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it. This issue has been patched in version 7.1.0.

CVE-2025-32963

Class based , object oriented programming language. Designed to have less dependencies as possible. The syntex of Java is smilier to C and C++. Commonly used for client-server applications. Java files are compiled by JVM (Java Virtual Machine)

Java

The Cuba JPA web API enables loading and saving any entities defined in the application data model by sending simple HTTP requests. Prior to version 1.1.1, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code to be executed in the browser. For a successful attack, a malicious file needs to be uploaded beforehand. This issue has been patched in version 1.1.1. A workaround is provided on the Jmix documentation website.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-22457	CRITICAL	9.8	Ivanti Connect Secure	cpe:2.3:a:ivanti:connect_secure	Yes	Yes	Apr 03, 2025
CVE-2025-1974	CRITICAL	9.8	Ingress NGINX Controller (community-driven)	ingress-nginx-controller-1.12	No	Yes	Mar 25, 2025
CVE-2023-25610	CRITICAL	9.3	FortiOS	cpe:2.3:o:fortinet:fortios	No	Yes	Mar 24, 2025
CVE-2025-29927	CRITICAL	9.1	JavaScript	next	No	Yes	Mar 21, 2025
CVE-2025-30154	HIGH	8.6	GitHub	N/A	Yes	No	Mar 19, 2025

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
GHSA-ggpf-24jw-3fcw	CRITICAL	9.8	vLLM	vllm	No	Yes	Apr 23, 2025
CVE-2025-32965	CRITICAL	N/A	JavaScript	xrpl	No	Yes	Apr 22, 2025
CVE-2025-26159	MEDIUM	N/A	PHP	nasirkhan/laravel-starter	No	Yes	Apr 22, 2025
CVE-2025-32963	MEDIUM	N/A	N/A	github.com/minio/operator	No	Yes	Apr 22, 2025
CVE-2025-32961	MEDIUM	N/A	Java	com.haulmont.addon.jpawebapi:jpawebapi-jpawebapi	No	Yes	Apr 22, 2025

Wiz Vulnerability Database

Explore by technology

Popular filters

High Profile

Most Recent

Vulnerabilities by the numbers

The good, the bad, and the vulnerable

Additional Wiz resources

Cloud Vulnerability DB

Cloud threat landscape

PEACH

Ready to see Wiz in action?