Security Vulnerabilities - CVEs Published In June 2025
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user
CVSS Score
4.3
EPSS Score
0.0
Published
2025-06-27
An issue in NetEase (Hangzhou) Network Co., Ltd NeacSafe64 Driver before v1.0.0.8 allows attackers to escalate privileges via sending crafted IOCTL commands to the NeacSafe64.sys component.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-06-27
Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for a system.
CVSS Score
2.2
EPSS Score
0.0
Published
2025-06-27
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have an on-chip debug interface with improper access control.
CVSS Score
6.4
EPSS Score
0.0
Published
2025-06-27
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a hardcoded password for a system.
CVSS Score
2.2
EPSS Score
0.0
Published
2025-06-27
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage of code.
CVSS Score
2.0
EPSS Score
0.0
Published
2025-06-27
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-27
Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection.
CVSS Score
2.2
EPSS Score
0.0
Published
2025-06-27
Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control.
CVSS Score
6.4
EPSS Score
0.0
Published
2025-06-27
Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code.
CVSS Score
2.0
EPSS Score
0.0
Published
2025-06-27