[CVE]2025-06-16 ~ 2025-06-23 NVD CVE 요약

내용 요약

다수의 소프트웨어 및 하드웨어 제품에서 심각한 보안 취약점들이 발견되었습니다. 이러한 취약점은 SQL Injection, OS Command Injection, Buffer Overflow, Path Traversal, CSRF, XSS 등 다양한 유형으로, 원격 코드 실행, 권한 상승, 정보 유출, 서비스 거부(DoS) 등의 공격으로 이어질 수 있습니다. 취약점이 발견된 제품들은 Jasmin Ransomware, UTT 진취 750W, gin-vue-blog, open-video-cms, letta, UniBox Controller, jfinalcms, WukongCRM, comfyui, Spring-Boot-In-Action, whatsmars, Tenda FH1201, FH1205, FH1203, D-Link DIR-619L, DIR-632, DIR-665, Das Parking Management System, Assimp, OTRS, Armoury Crate, Nosto, Phoenix Site CMS, Customer Support System, HAMASTAR WIMP, Project Portfolio Manager, M-Files, gin-vue-blog, Rail Pass Management System, Nipah Virus Testing Management System, Food Ordering System, Restaurant Order System, open-video-cms, Liferay Portal, DXP, Mojolicious::Plugin::CaptchaPNG, Apache NuttX, Erlang OTP, Wifi-soft UniBox Controller, Tenda routers, D-Link routers, Conda, Conda-build, OpenSSL, Weblate, Steel Browser, Chanjet CRM, Projectworlds Life Insurance Management System, PHPGurukul systems, TOTOLINK routers, TP-Link TL-WR940N, Wordpress plugins (Wise Chat, Infinite Scroll, Blog2Social, Drag and Drop Multiple File Upload for Contact Form 7, Poll, Survey & Quiz Maker, Master Slider, Simple Logo Carousel, Ivory Search, Recover WooCommerce Cart Abandonment, AI Engine, Gutenverse News, CSV Me, Ultra Addons for Contact Form 7, Pixabay Images, Pixel Manager for WooCommerce, Download Manager, ElementsKit, Beaver Builder, 3D FlipBook, Euro FxRef Currency Converter, Custom Post Carousels with Owl, GiveWP, WPBakery Page Builder, WP-file-download), Apache Commons FileUpload, Apache Tomcat, Protobuf Pure-Python, libxml2, FlashArray, Citrix Secure Access Client, Citrix Workspace app, Python, OSV-SCALIBR, Group-Office, ZendTo, Phoenix, HAMASTAR, Miliaris Amigdala, Trend Micro products (Apex Central, Apex One, Worry-Free Business Security, Password Manager, Security), Sitecore Experience Manager (XM), Sitecore Experience Platform (XP), Sitecore Experience Commerce (XC), Sitecore PowerShell Extensions, Portainer Community Edition, Teleport, Dify, NVIDIA NVDebug, Lychee, KCM3100, FreeIPA, Conda-forge-webservices, Mojolicious, SugarCRM, Aquatronica Controller System, MiniDVBLinux, Selea Targa IP OCR-ANPR camera, Karel IP1211 IP Phone, SeaCMS, CloudClassroom-PHP-Project, miniTCG, Real Estate Management, pbootCMS, Profisee, IBM Sterling B2B Integrator, IBM Sterling File Gateway, IBM webMethods Integration Server, open5gs, Grafana, Breeze, linux kernel, llama.cpp, Fortra Core Privileged Access Manager (BoKS), Fuji Electric Smart Editor, OpenVPN ovpn-dco-win, FLIR AX8, Hydra, jq, Luna Imaging, Meshtastic, HDF5, Brilliance Golden Link Secondary System, Upsonic, TransformerOptimus SuperAGI, OpenBMB XAgent, xlang-ai OpenAgents, xataio Xata Agent, PHPGurukul systems, Webkul QloApps, osCommerce, Cloudways Breeze, snstheme DSK, mojoomla WPCRM, Suhas Surse WP Employee Attendance System, snstheme Evon, snstheme Simen, wpdistillery Navigation Tree Elementor, Rapyd Payment Extension for WooCommerce, Elite Video Player, themeton Spare, ovatheme Events Manager, mojoomla WPGYM, ovatheme Events Manager, ValvePress Rankie, NasaTheme Nasa Core, RexTheme WP VR, RomanCode MapSVG, YITHEMES YITH PayPal Express Checkout for WooCommerce, WpExperts Hub Woocommerce Partial Shipment, Michal Jaworski Track, Analyze & Optimize by WP Tao, wpjobportal WP Job Portal, WPQuark eForm, NasaTheme Flozen, X.org server, Deepak anand WP Dummy Content Generator, thembay themes, Rustaurius Ultimate Reviews, CodeRevolution Echo RSS Feed Post Generator Plugin, Saleswonder Team Tobias WP2LEADS, CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin, impleCode eCommerce Product Catalog, Fastw3b LLC FW Gallery, merkulove Reformer for Elementor, Fastw3b LLC FW Food Menu, yannisraft Aeroscroll Gallery, Adrian Ladó PostaPanduri, LoftOcean CozyStay, Anh Tran Slim SEO, Meks Meks Flexible Shortcodes, CyberChimps Responsive Plus, WPExperts.io myCred, tychesoftwares Arconix Shortcodes, etruel WP Views Counter, Timur Kamaev Kama Click Counter, motov.net Ebook Store, WP Codeus Advanced Sermons, AFS Analytics, Helmut Wandl Advanced Settings, FunnelKit Automation By Autonami, Brian Mutende Noptin, tychesoftwares Arconix FAQ, IfSo Dynamic Content If-So Dynamic Content Personalization, Metagauss ProfileGrid, Greg Winiarski WPAdverts, themezaa Litho, Emraan Cheema CubeWP Forms, CyberChimps Responsive Blocks, Emraan Cheema CubeWP Framework, ash-project ashauthentication_phoenix, libgepub, GdkPixbuf, IBM Advanced Job Scheduler for i, Citrix products, pycares, rfc3161-client, Mail-0 Zero, Yealink YMCS RPS, Sangfor aTrust, spytrap-adb, PEAK-System Driver, Allegra, CrafterCMS, code-projects Client Details System, code-projects Automated Voting System, IBM products (Spectrum Protect Server, Process Mining, InfoSphere Information Server), BrijePal Smart Security

 

출처: https://rebugui.tistory.com