CVE-2025-1030
published 2025-12-18CVE-2025-1030: Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc. SoliClub allows Query System for…
PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.26%
17.3th percentile
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc. SoliClub allows Query System for Information.
This issue affects SoliClub: from 5.2.4 before 5.3.7.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| utarit | soliclub | >= 5.2.4 < 5.3.7 | 5.3.7 |
| utarit_informatics_services_inc | soliclub | >= 5.2.4 < 5.3.7 | 5.3.7 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cisa9.8CRITICAL
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ppgf-6v2c-6ggr: Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc
ghsa_unreviewed·2025-12-18
CVE-2025-1030 [HIGH] CWE-359 GHSA-ppgf-6v2c-6ggr: Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc. SoliClub allows Query System for Information.This issue affects SoliClub: from 5.2.4 before 5.3.7.
CISA
Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability
cisa·2025-04-28·CVSS 9.8
CVE-2025-42599 [CRITICAL] CWE-121 Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability
Vulnerability: Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability
Affected: Qualitia Active! Mail
Qualitia Active! Mail contains a stack-based buffer overflow vulnerability that allows a remote, unauthenticated attacker to execute arbitrary or trigger a denial-of-service via a specially crafted request.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes: https://www.qualitia.com/jp/news/2025/04/18_1030.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-42599
Remediation Due Date: 2025-05-19
No detection rules found.
No public exploits indexed.
2025-12-18
Published