CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-54785 – SuiteCRM is Vulnerable to PHP Object Injection in Reports
https://notcve.org/view.php?id=CVE-2025-54785
06 Aug 2025 — In versions 7.14.6 and 8.8.0, user-supplied input is not validated/sanitized before it is passed to the unserialize function, which could lead to penetration, privilege escalation, sensitive data exposure, Denial of Service, cryptomining and ransomware. • https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-53cp-mpfw-qj67 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47908 – Denial of service via malicious preflight requests in github.com/rs/cors
https://notcve.org/view.php?id=CVE-2025-47908
06 Aug 2025 — Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service. • https://github.com/rs/cors/pull/171 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23335
https://notcve.org/view.php?id=CVE-2025-23335
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23335 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23331
https://notcve.org/view.php?id=CVE-2025-23331
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23331 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23327
https://notcve.org/view.php?id=CVE-2025-23327
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23327 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23326
https://notcve.org/view.php?id=CVE-2025-23326
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23326 • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23325
https://notcve.org/view.php?id=CVE-2025-23325
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23325 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23324
https://notcve.org/view.php?id=CVE-2025-23324
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23324 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23323
https://notcve.org/view.php?id=CVE-2025-23323
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23323 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23322
https://notcve.org/view.php?id=CVE-2025-23322
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23322 • CWE-415: Double Free •