SAP Visual Composer is a graphical modeling tool for creating web-based applications without coding. It allows users to design user interfaces, define data flows, and create business logic using drag-and-drop functionality. This tool is part of the SAP NetWeaver platform and is primarily used for rapid application development within SAP environments.

SAP Visual Composer

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the ity, integrity, and availability of the targeted system.

CVE-2025-31324

Linux

Linux Kernel

Windows

Windows Cumulative Update

Commvault ContentStore is the main installation directory and runtime environment where all Commvault software components (like CommServe, MediaAgents, agents, and Command Center) are installed. It acts as the platform foundation for Commvault data protection and management services across the system.

Commvault

The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP.





This issue affects Command Center Innovation Release: 11.38.

CVE-2025-34028

CBL Marine is an open source distro, created by Microsoft. Mainly used in Azure cloud and Microsoft Internally.

CBL Mariner

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Ubuntu is a Linux distribution based on Debian, mostly composed of free and open-source software. Ubuntu is officially released in three editions: Desktop, Server, and Core for internet of things devices and robots. All the editions can run on the computer alone or in a virtual machine.

Linux Ubuntu

Linux openSUSE

Alpine Linux is a Linux distribution based on musl and BusyBox, designed for security, simplicity, and resource efficiency.

Linux Alpine

Project Photon OS is an open-source, minimal Linux container host that is optimized for cloud-native applications, cloud platforms, and VMware infrastructure.

Linux Photon

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is ed in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

CVE-2025-32433

Alpine

Alpine Security Tracker

CBL-Mariner

Debian

Debian Security Tracker

Photon

Photon Security Advisory

Ubuntu

Ubuntu Security Tracker

Yii is a high-performance, open-source PHP framework designed for rapid web application development. It utilizes the Model-View-Controller (MVC) design pattern and offers robust security features. Yii excels in handling large-scale data and reusable code components.

Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.

CVE-2024-58136

Composer

 Advisory Database

CrushFTP is a proprietary multi-protocol, multi-platform file transfer server.

CrushFTP

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A race condition exists in the AWS4-HMAC (compatible with S3) authorization method of the HTTP component of the FTP server. The server first verifies the existence of the user by performing a call to login_user_pass() with no password requirement. This will authenticate the session through the HMAC verification process and up until the server checks for user verification once more. The vulnerability can be further stabilized, eliminating the need for successfully triggering a race condition, by sending a mangled AWS4-HMAC header. By providing only the username and a following slash (/), the server will successfully find a username, which triggers the successful anypass authentication process, but the server will fail to find the expected SignedHeaders entry, resulting in an index-out-of-bounds error that stops the code from reaching the session cleanup. Together, these issues make it trivial to authenticate as any known or guessable user (e.g., crushadmin), and can lead to a full compromise of the system by obtaining an administrative account.

CVE-2025-31161

JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's session, potentially leading to unauthorized actions being performed or sensitive information being disclosed. This issue has been ed in version 2.1.15.

CVE-2025-46812

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been ed in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).

CVE-2025-46712

Ruby is a scripting language designed for simplified object-oriented programming.

Ruby

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. This issue has been ed in version 2.1.1.

CVE-2025-46336

RubyGems

Red Hat

Red Hat Errata

Class based , object oriented programming language. Designed to have less dependencies as possible. The syntex of Java is smilier to C and C++. Commonly used for client-server applications. Java files are compiled by JVM (Java Virtual Machine)

Java

In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.
The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.

CVE-2025-1948

Maven

In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request
body. This can result in corrupted and/or inadvertent sharing of data between requests.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-31324	CRITICAL	9.8	SAP Visual Composer		Yes	Yes	Apr 24, 2025
CVE-2025-34028	CRITICAL	10	Commvault	cpe:2.3:a:commvault:commvault	Yes	Yes	Apr 22, 2025
CVE-2025-32433	CRITICAL	N/A	CBL Mariner	N/A	No	Yes	Apr 16, 2025
CVE-2024-58136	CRITICAL	9.8	Yii	yiisoft/yii2	Yes	Yes	Apr 10, 2025
CVE-2025-31161	CRITICAL	9.8	CrushFTP	cpe:2.3:a:crushftp:crushftp	Yes	Yes	Apr 03, 2025

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-46812	LOW	N/A	JavaScript	trix	No	Yes	May 08, 2025
CVE-2025-46712	LOW	N/A	Linux Debian	erlang	No	No	May 08, 2025
CVE-2025-46336	MEDIUM	4.2	Ruby	ruby-rack-session	No	Yes	May 08, 2025
CVE-2025-1948	HIGH	7.5	Java	org.eclipse.jetty.http2:jetty-http2-common	No	Yes	May 08, 2025
CVE-2024-13009	HIGH	7.2	Java	org.eclipse.jetty:jetty-server	No	Yes	May 08, 2025

Wiz Vulnerability Database

Explore by technology

Popular filters

High Profile

Most Recent

Vulnerabilities by the numbers

The good, the bad, and the vulnerable

Additional Wiz resources

Cloud Vulnerability DB

Cloud threat landscape

PEACH

Ready to see Wiz in action?