CVE List for November 2025 (2783 vulnerabilities)

The Document Library and the Adaptive Media modules in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4...

The Document Library Lite plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 1.1.6. This is due to the...

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modifi...

The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.14 via the action parameter in o...

The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ina_redirect_page_individual_user' parameter in all ver...

Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023....

The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to unauthorized access of data d...

The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including...

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.3.1. This is due to the p...

The List category posts plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 0.92.0 via the 'catlist' shor...

The Flying Images: Optimize and Lazy Load Images for Faster Page Speed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin set...

The Community Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via event details parameter in all versions up to, and includin...

The Schema Scalpel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.6.1 du...

The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0....

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saswp_tiny_multiple_faq'...

The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to ...

The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5.9. This is due to the plugin unc...

The Folderly plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the /wp-json/folderly/...

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social URLs...

The Qi Blocks plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.4.3. This is due to the plugin stori...

The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.12 via t...

The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPress is vulnerable to arbitrary file uploads due to ...

The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file uploads when impo...

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and ...

The RESTful Content Syndication plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ingest_image()...

The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and excluding, 6.1....

The kallyas theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and includi...

The kallyas theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.0 via the `TH_PhpCode` pagebuilder ...

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 is vulnerable to privilege escalation caused by an invalid IBM i SQL services authorization check. A malicious actor...

Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

/etc/avahi/services/z9.service can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

/etc/timezone can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /a...

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/a...

A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCfg. This ma...

A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentCon...

A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function save_category o...

A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function save_tenant of the file /admin...

A vulnerability has been found in itsourcecode Online Loan Management System 1.0. This affects an unknown part of the file /load_fields.php. The manip...

A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability affects unknown code of the file /manage_loan.php. The...

A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue affects some unknown processing of the file /manage_borro...

A vulnerability was identified in itsourcecode Online Loan Management System 1.0. Impacted is an unknown function of the file /manage_payment.php. Suc...

A security flaw has been discovered in itsourcecode Online Loan Management System 1.0. The affected element is an unknown function of the file /manage...

A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progr...

A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Execu...

A vulnerability was identified in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerC...

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. This issue affects some unknown processing of the file /aj...

A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function delete_payment of the file /admin_c...

A security vulnerability has been detected in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /onps/settings.py. S...

A vulnerability was detected in PHPGurukul News Portal 1.0. The impacted element is an unknown function of the file /onps/settings.py. Performing mani...

A flaw has been found in itsourcecode Billing System 1.0. This affects an unknown function of the file /admin/app/login_crud.php. Executing manipulati...

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary S...

A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the ...

A vulnerability was found in Tenda A15 15.13.07.13. Affected is the function fromSetWirelessRepeat of the file /goform/openNetworkGateway. The manipul...

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. ...

A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionali...

Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has been fixed in ...

The privileged user could log in without sufficient credentials after enabling an application protocol. This security issue has been fixed in the late...

Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection.This issue affects CVLand: fro...

A security flaw has been discovered in jeecgboot jeewx-boot up to 641ab52c3e1845fec39996d7794c33fb40dad1dd. This affects the function getImgUrl of the...

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interfa...

Missing Authorization vulnerability in d3wp WP Snow Effect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Snow ...

An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function

NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.

An issue in Raspberry Pi Imager version 1.9.6 for Windows, affecting its OS customization feature. The imager's 'public-key authentication' setting un...

Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sa...

School Management System PHP v1.0 is vulnerable to Cross Site Scripting (XSS) in /login.php via the password parameter.

The Doccure Core plugin for WordPress is vulnerable to privilege escalation in versions up to, and excluding, 1.5.4. This is due to the plugin allowin...

A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege ...

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legit...

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper va...

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access unauthorized content or perform unauthorized action...

A cross-site scripting (XSS) vulnerability exists in the administrative interface of ultimatefosters UltimatePOS 4.8 where input submitted in the purc...

A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code...

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_vendor.php.

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_customer.php.

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1.

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php.

Car-Booking-System-PHP v.1.0 is vulnerable to Cross Site Scripting (XSS) in /carlux/booking.php.

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php.

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php.

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php.

IdentityIQ 8.5, IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p4, IdentityIQ 8.3 and all 8.3 patch levels including 8.3p5, and all prior version...

The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoi...

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the `Group` parameter in the `/uapi-cgi/viewer/Pa...

Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in /maid-hiring.php va the name field.

Open Source Social Network (OSSN) 8.6 is vulnerable to Cross Site Scripting (XSS) via the parameter param` at endpoint u/administrator/friends.

Insider Threat Management (ITM) Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an...

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A...

lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggl...

Directory traversal vulnerability in NextChat thru 2.16.0 due to the WebDAV proxy failing to canonicalize or reject dot path segments in its catch-all...

Grav CMS1.7.49.5 is vulnerable to Cross Site Scripting (XSS).

The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later rea...

FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload ...

Nagios XI versions prior to 5.4.0 are vulnerable to cross-site scripting (XSS) via the jQuery Migrate library. Insufficient validation or escaping of ...

Nagios XI versions prior to 5.8.7 using embedded Nagios Core are vulnerable to cross-site scripting (XSS) via the Core UI’s Views URL handling (escape...

Nagios XI versions prior to 2024R1.1.3 contain a privilege escalation vulnerability in which an authenticated administrator could leverage the Migrate...

Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose sensitive user account information (including API keys and hashed passwo...

A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive d...

Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user interface, while multiple management services (SSH, HTT...

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 001, 24.0.1 through 24.0.1 Interim Fix 004, 24.0.0 through 24.0.0 Interim Fix ...

By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt...

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.27.1 and below allow attackers to permanently corrupt issue activity logs by...

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7. An app may be able to bypass Privacy prefere...

A logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS device may b...

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-...

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An app may...

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to a...

The issue was addressed by adding additional logic. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access use...

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app with root pri...

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.8.2, iOS 26 and iPadOS 26. Processin...

A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Seq...

A logic issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may bypass Gatekeeper c...

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker may be able to view restr...

The issue was addressed with improved UI. This issue is fixed in iOS 26 and iPadOS 26. Password fields may be unintentionally revealed.

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 26, watchOS 26, iOS 26 and iPadOS 26, macOS Sonoma 14.8...

A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to break o...

A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An unprivileged process m...

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to cause u...

A logic issue was addressed with improved state management. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. ...

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to cause a ...

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to access sensitive us...

This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, watchO...

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. Parsing a...

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequ...

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing a malicious...

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing a malicious...

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing a malicious...

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing a malicious...

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2. A malicious app may be able to gain root ...

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to access sensi...

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15...

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sonoma 14.8.2, macOS S...

The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. A website may exfiltrate image data cro...

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to a...

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to a...

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. A sandboxed app may be able to acc...

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be abl...

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to cause unexpected sys...

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to ...

A denial-of-service issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. A remote attacker ...

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may b...

This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPa...

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An attac...

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to access sens...

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to a...

A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to...

An access issue was addressed with additional sandbox restrictions. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, w...

A permissions issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. A shortcut may be able t...

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. Proce...

A race condition was addressed with improved state handling. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to a...

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Pro...

The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may ...

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An attacker with physical access to a...

The issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious HID device may cause an unexpected p...

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS...

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.1 and iPadOS 26.1. An app may be able to access sensitive us...

This issue was addressed through improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1, tvOS 26.1, Safari 26.1, visionOS 26.1. Pr...

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web...

This issue was addressed through improved state management. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1,...

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web content...

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iP...

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web content...

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously craf...

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web content...

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1, visionOS 26....

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously craf...

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to fingerprint the u...

This issue was addressed with improved checks This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. Pr...

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web content...

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to identify wh...

This issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web content may lea...

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to fingerprint...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing a maliciously craf...

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to...

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1. An app may be abl...

This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to break out of...

The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able to track users ...

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to learn information about t...

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 26.1 and iPadOS 26.1. Keyboard suggestions may ...

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. A device may persistently fail to loc...

A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1. A malicious app may ...

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visi...

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web co...

An authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access to a locke...

A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device...

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1, visionOS 26.1. An app...

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14....

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able t...

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be abl...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be ab...

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able t...

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. ...

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be ...

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able t...

The issue was addressed with improved checks. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. A ...

This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to break out of its sandbox.

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Visiting a malicious website may lead to address ba...

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to monitor keystrokes without us...

The issue was addressed by adding additional logic. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Remote content may be loaded even when the 'L...

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sono...

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to access sensiti...

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1...

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. An app may be a...

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Visiting a mal...

A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged network position may be able ...

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing a maliciously crafted file ma...

A privacy issue was addressed by moving sensitive data. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to fingerprint the use...

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Chart Data attributes in ...

The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `table` shortcode at...

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wp_ajax_nopriv_ce21_...

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This...

The WP Global Screen Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due t...

The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. This is due to missing nonce ...

The Label Plugins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5. This is due to missing o...

Information disclosure while registering commands from clients with diag through diagHal.

Memory corruption while performing encryption and decryption commands.

Memory corruption while processing a GP command response.

Memory corruption while processing audio streaming operations.

Memory corruption while processing request sent from GVM.

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.

Memory corruption while processing client message during device management.

Memory corruption when triggering a subsystem crash with an out-of-range identifier.

Information disclosure while processing message from client with invalid payload.

Memory corruption while processing large input data from a remote source via a communication interface.

Memory corruption while accessing a buffer during IOCTL processing.

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.

Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.

Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to Unrestricted Upload of File with Dangerous Type via ...

The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the 'elegance-menu' attribu...

The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote code execution in all versions up to, and including,...

The Footnotes Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 3....

The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions...

The All in One Time Clock Lite plugin for WordPress is vulnerable to unauthorized access due to a missing authorization check in all versions up to, a...

The Reuse Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'reuse_builder_single_post_title' shortcode in all version...

The Crypto Payment Gateway with Payeer for WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 1.0....

The WP Carticon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'carticon_js_script' parameter in all versions up to, and in...

The Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin for WordPress is vulnerable to unauthorized modification of dat...

The Simple User Capabilities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax...

The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the suc_submit_capabiliti...

The Posts Navigation Links for Sections and Headings – Free by WP Masters plugin for WordPress is vulnerable to Cross-Site Request Forgery in all vers...

The DominoKit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wp_ajax_nopriv_dominokit_option_admin...

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `geojsonmarker` shortcode in all versions up ...

The Nari Accountant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via account settings in all versions up to, and including, 1.0.1...

The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the upd...

The Free Quotation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.1.6 du...

The clubmember plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.2 due to i...

The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2. This is due to missing...

The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.00. This is due to missin...

The Associados Amazon Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.8. This is due t...

The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to mi...

The Top Bar Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to m...

The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.3. This i...

The MapMap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incor...

The Pagerank Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Cross-Site Request Forgery in all versions up to, and includi...

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validatio...

The Centangle-Team plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missin...

The service employed by Everything, running as SYSTEM, communicates with the lower privileged Everything GUI via a named pipe. The named pipe has a NU...

In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has ...

In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has con...

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connec...

In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with Us...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege if a mali...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with Use...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with Use...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with Use...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In wlan STA driver, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with User executio...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation ...

In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor ha...

In pda, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has a...

In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has alre...

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malic...

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malic...

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a mal...

In charger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious act...

An Insecure Direct Object Reference (IDOR) vulnerability exists in the vehicleId parameter, allowing unauthorized access to sensitive information of o...

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scr...

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerab...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing file type validation in t...

The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes use...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information...

The MeetingList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.11 due to...

WorkDo HRM SaaS HR and Payroll Tool 8.1 is affected vulnerable to Insecure Permissions. An authenticated user can create leave or resignation records ...

An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and 1580. Impr...

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 24...

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Out-of-bounds Read of q->bufs[] in the __is_done...

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the ...

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the ...

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to ...

codeshare v1.0.0 was discovered to contain an information leakage vulnerability.

Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the a...

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can ...

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1080, 1280, 2200, 1380, 1480, 2400, 1580, 2500, W920, W930, W...

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the get_v...

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Code Injection.This issue af...

The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a ...

An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in out-of-bounds memory access...

An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, lea...

An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Derefer...

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Confi...

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configu...

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affect...

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configura...

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configurati...

NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit...

NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent net...

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishan...

An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validatio...

A reflected cross-site scripted (XSS) vulnerability in the /jsp/gsfr_feditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchett...

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920,...

An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, ...

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are...

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Due to incorrect use of loose (==) instead of strict (===) comparison in the authentica...

Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user to edit a group name and inse...

Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette's Document Type is vulnerable ...

An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free lead...

An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driv...

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, when a user edits their profile to change their e-mail ad...

A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monitouch V-SFT-6, which may allow the attacker to execut...

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an...

Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component.

Xibo is an open source digital signage platform with a web content management system (CMS). Versions 4.3.0 and below contain a Remote Code Execution v...

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's ...

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, due to insufficient access-level checks, any non-admin us...

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-#147 and below contain a stored Cross-Site Scripting (XSS) vulnerability in Cli...

LinkAce is a self-hosted archive to collect website links. In versions 2.3.0 and below, the htmlKeywordsFromUrl function in the FetchController class ...

LinkAce is a self-hosted archive to collect website links. Versions 2.3.1 and below allow any authenticated user to export the entire database of link...

LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, authenticated RSS feed endpoints in the FeedController class f...

CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure Access prior to 14.12. An attacker can send a speci...

CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addressed in version 14.12. If a ...

LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, the social media sharing functionality contains a Stored Cross...

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enab...

Cursor is a code editor built for programming with AI. In versions 1.7.52 and below, manipulating internal settings may lead to RCE. Cursor detects pa...

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to cir...

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve re...

Cursor is a code editor built for programming with AI. In versions 1.7.23 and below, a logic bug allows a malicious agent to read sensitive files that...

The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables...

The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'features_revert_option ...

The Everest Forms (Pro) plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.7 via deserialization of ...

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to unauthorize...

The SMS for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter in all versions up to, and includ...

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom C...

The The Events Calendar plugin for WordPress is vulnerable to blind SQL Injection via the 's' parameter in versions 6.15.1.1 to 6.15.9 due to insuffic...

The FunnelKit WordPress plugin before 3.12.0.1 does not sanitize user input before echoing it back in some of its checkout-related AJAX actions, allo...

The ElementInvader Addons for Elementor WordPress plugin before 1.4.1 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses due...

The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path of files to be downloaded, which could allow unauthe...

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST A...

Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bound...

Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User i...

Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.

Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.

Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Sa...

Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to launch arbitrary activity with Samsung Email privilege.

Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applica...

Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity ...

The Ace User Management WordPress plugin through 2.0.3 does not properly validate that a password reset token is associated with the user who requeste...

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel ...

The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.11 via the ...

The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is vulnerable to sensitive information exposure in all ...

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to unauthorized access/modification/loss of data i...

The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and ...

Optical Disc Archive Software provided by Sony Corporation registers a Windows service with an unquoted file path. A user with the write permission on...

Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with unquoted file paths. A user with the write permission...

A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve a...

The KiotViet Sync plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the create_media() function in a...

The KiotViet Sync plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveConfig() functi...

The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to, and including, 1.8.5. This is due to the plugin us...

The KiotViet Sync plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.5 via the register_ap...

The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read and write and similar unauthorized actions when mutual...

The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widgets in all version...

The Visual Link Preview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's visual-link-preview shortcode in versions u...

The Events Calendar plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 6.15.9. The sysinfo REST endpoint c...

The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin for WordPress is vulnerable to Sensitive Information...

The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin for WordPress is vulnerable to Missing Authorization...

An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control, allowing modifications that sh...

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field through the plugin's 'ad...

The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.10...

An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoi...

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted...

A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML ...

A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functionality of Entr'ouvert Lasso 2.5.1. A specially cra...

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted...

HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application.  An HTTP GET endpoint request returns discoverable ...

MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets (<>) in the From: header of SMTP DATA. An attacke...

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequen...

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `Que...

An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6.07 allows a remote, authenticated attacker to escala...

An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substi...

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address.

Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file c...

Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct...

Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct...

Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct...

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from ...

A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine (ISE) could allow a...

A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbi...

A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass ...

A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to perform a directory traversal and access arbitrary...

A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulner...

A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulner...

A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive informatio...

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control o...

Dell Command Monitor (DCM), versions prior to 10.12.3.28, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker w...

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command sh...

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to g...

Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain ...

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command I...

Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access ...

Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker ...

OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting (XSS) in the user account creation interface. The Name field accepts scri...

ownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests/register/{email}/{token} endpoint. Because of insufficient ...

DWSurvey 6.14.0 is vulnerable to Incorrect Access Control. When deleting a questionnaire, replacing the questionnaire ID with the ID of another questi...

An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses us...

An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP adm...

Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validation, which allows attackers to bypass update protect...

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6...

An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediat...

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function js_array_buffer_slice of the file ...

HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes se...

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An attacker with phys...

Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexos_nuevo.php asocImgRad.

Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Admi...

Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txt_depe_codi, busqueda/busqueda.ph...

GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the local network, DNS, or a proxy can perform a man-in-t...

A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of multiple WSO2 products due to a lack of output encoding...

** exclusively-hosted-service ** A Stored Cross-Site Scripting (XSS) vulnerability in the chat functionality of the SelfBest platform 2023.3 allows au...

A Stored Cross-Site Scripting (XSS) vulnerability in the chat functionality of the SelfBest platform 2023.3 allows authenticated attackers to inject a...

A DOM-based Cross-Site Scripting (XSS) vulnerability in the SelfBest platform 2023.3 allows attackers to execute arbitrary JavaScript in the context o...

A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By ta...

PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. The ...

A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to manipulate the zhekou parameter in the /topfirst.php Pay mo...

OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter.

Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication...

Improper authentication in the API authentication middleware of HCL DevOps Loop allows authentication tokens to be accepted without proper validation ...

Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing co...

Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target valid...

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - #151 and below allow authenticated administrators with plugin management priv...

DataEase is an open source data visualization analysis tool. In versions 2.10.14 and below, the vendor added a blacklist to filter ldap:// and ldaps:/...

Dataease is an open source data visualization analysis tool. In versions 2.10.14 and below, DataEase did not properly filter when establishing JDBC co...

MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnera...

The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid' parameter in all versions up to, and including, 1.3 due ...

The Easy Email Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to...

The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all versions up to, and including, 3.5.2 due to an order verifi...

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to limited file upload due to an incorrect capability check on ...

Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates a page containing crafted contents, an arbitrary scri...

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and inclu...

A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys driver. This vulnerability can be triggered by manually ...

The Hubbub Lite – Fast, free social sharing and follow buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dpsp_list...

Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on Mitsubishi Electric Corporation MELSEC iQ-F Series C...

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to unauthorized API usage due to a missing capability check on...

The Strong Testimonials plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.16. This is due ...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Netcad Software Inc. Netigma allows XSS T...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Proliz Software Ltd. Co. OBS (Student Aff...

IBM Business Automation Workflow containers 24.0.0 through 24.0.0-IF006, 24.0.1 through 24.0.1-IF004, 25.0.0 through 25.0.0-IF001 and IBM Business Aut...

Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service ...

An argument injection vulnerability exists in the affected product that could allow an attacker to execute arbitrary code within the context of the ho...

Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush Image Compression and Optimization wp-smushit allows ...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in axiomthemes smart SEO smartSEO allows SQL Inject...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bingu replyMail replymail allows Stored XSS.This...

Improper Control of Generation of Code ('Code Injection') vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Dessau dessau a...

Missing Authorization vulnerability in flippercode Advanced Google Maps wp-google-map-gold allows Exploiting Incorrectly Configured Access Control Sec...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Dør dor allows ...

Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pantherius Modal Survey modal...

Improper Control of Generation of Code ('Code Injection') vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic...

Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block Country block-country allows Stored XSS.This issue affects Block Country: from ...

Cross-Site Request Forgery (CSRF) vulnerability in Norbert Slick Google Map slick-google-map allows Stored XSS.This issue affects Slick Google Map: fr...

Cross-Site Request Forgery (CSRF) vulnerability in andriassundskard wpNamedUsers wpnamedusers allows Stored XSS.This issue affects wpNamedUsers: from ...

Cross-Site Request Forgery (CSRF) vulnerability in ZIPANG Simple Stripe simple-stripe allows Stored XSS.This issue affects Simple Stripe: from n/a thr...

Deserialization of Untrusted Data vulnerability in wpdreams Ajax Search Lite ajax-search-lite allows Object Injection.This issue affects Ajax Search L...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rainbow-Themes Education WordPress Theme | HiStu...

Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka-wp allows PHP Local File Inclusion.This issue affects ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in bslthemes Kinsley kinsley all...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Daman Jeet Real Time Validati...

Improper Control of Generation of Code ('Code Injection') vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code In...

Deserialization of Untrusted Data vulnerability in Scott Reilly Preserve Code Formatting preserve-code-formatting allows Object Injection.This issue a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in christophrado Cookie Notice & Consent cookie-not...

Deserialization of Untrusted Data vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Object Injection.This issue affects Sign-up Shee...

Missing Authorization vulnerability in bPlugins Image Gallery block – Create and display photo gallery/photo album. 3d-image-gallery allows Accessing ...

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Easy Appointments Easy Appointments easy-appointments a...

Incorrect Privilege Assignment vulnerability in bPlugins Advanced scrollbar advanced-scrollbar allows Privilege Escalation.This issue affects Advanced...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam Booking and Rental Manager bookin...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginsCafe Range Slider Addon for Gravity Forms...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Bookmark & Follow penci-bookma...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marielav flexoslider flexoslider allows Reflecte...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hiecor HieCOR Payment Gateway Plugin hcv4-paymen...

Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier-certificates-open-badges allows Exploiting Incorrectly ...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bnovotny User Registration Aide user-registratio...

Deserialization of Untrusted Data vulnerability in VictorThemes Seil seil allows Object Injection.This issue affects Seil: from n/a through <= 1.7.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Afzal Multani WP Logo Changer am-login-logo allo...

Missing Authorization vulnerability in Gaurav Aggarwal Backup and Move backup-and-move allows Exploiting Incorrectly Configured Access Control Securit...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zozothemes Zegen zegen allows...

Unrestricted Upload of File with Dangerous Type vulnerability in borisolhor Drop Uploader for CF7 - Drag&Drop File Uploader Addon drop-uploader-for-co...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jhainey Milevis Dropify wc-dropi-integration all...

Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel WP GDPR Cookie Consent wp-gdpr-cookie-consent allows Stored XSS.This issue affects ...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeYatri Gutenify gutenify allows Stored XSS.Th...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laborator Kalium kalium allows Reflected XSS.Thi...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme Epic Review epic-review allows Reflecte...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ptibogxiv Doliconnect doliconnect allows Reflect...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme WeMusic noo-wemusic allows Reflected XS...

Deserialization of Untrusted Data vulnerability in NooTheme WeMusic noo-wemusic allows Object Injection.This issue affects WeMusic: from n/a through <...

Missing Authorization vulnerability in bPlugins Info Cards info-cards allows Accessing Functionality Not Properly Constrained by ACLs.This issue affec...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi al...

Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi allows Object Injection.This issue affects Yogi - Hea...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Resca resca allows Reflected XSS.This ...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ex-Themes WooTour woo-tour allows Reflected XSS....

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflec...

Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly ...

Missing Authorization vulnerability in Jthemes imEvent imevent allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects imEv...

Deserialization of Untrusted Data vulnerability in Cozmoslabs TranslatePress translatepress-multilingual allows Object Injection.This issue affects Tr...

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All I...

Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage:...

Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Exploiting Incorrectly Con...

Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This...

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Object Injection.This issue aff...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Institutions Directory institutions-di...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Enzy enzy allows Reflected XSS.This iss...

Path Traversal: '.../...//' vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos...

Missing Authorization vulnerability in ganddser Jock On Air Now (JOAN) joan allows Exploiting Incorrectly Configured Access Control Security Levels.Th...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in designervily Greenify greenif...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Leblix lebli...

Unrestricted Upload of File with Dangerous Type vulnerability in Helmut Wandl Advanced Settings advanced-settings allows Upload a Web Shell to a Web S...

Deserialization of Untrusted Data vulnerability in Cristián Lávaque s2Member s2member allows Object Injection.This issue affects s2Member: from n/a th...

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive (containing a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup GoStore gostore allows Reflected XSS.Th...

Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking.This issue affects VikBooking Hotel Booking Engine & ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Responsive Sidebar ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Lazy Load Optimizer...

Unrestricted Upload of File with Dangerous Type vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Using Malicious Files.This issue...

Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Da...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PoloPag PoloPag &#8211; Pix A...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hinnerk Altenburg Immocaster ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wishlist ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wholesale...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce User Role...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Product S...

Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Privilege Escalation.This issue affects Atarim: f...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Clearblue Clearblue® Ovulatio...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in owenr88 Simple Contact Forms ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dedalx Saxon - Viral Content ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dedalx InHype - Blog & Magazi...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress LearnPress Export I...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aguilatechnologies WP Custome...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favor...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Josh Kohlbach Store Exporter ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Josh Kohlbach WooCommerce Sto...

Unrestricted Upload of File with Dangerous Type vulnerability in Addify Custom User Registration Fields for WooCommerce user-registration-plugin-for-w...

Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Helpdesk Support Ticket System for WooCommerce support-ticket-system-for-wooc...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codexpert, Inc CoSchool LMS coschool allows Blin...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Alexander AnyComment anycomme...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce premmerce...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Anatoly Download Counter download-counter allows Path ...

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Esca...

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in RealMag777 TableOn posts-table-filterable allows Code I...

Deserialization of Untrusted Data vulnerability in WP User Manager WP User Manager wp-user-manager allows Object Injection.This issue affects WP User ...

Missing Authorization vulnerability in Bux Bux Woocommerce bux-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPClever WPC Product Options ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Famita famita allow...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem thegem.This issue affects The...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor....

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme ITok itok.This issu...

Unrestricted Upload of File with Dangerous Type vulnerability in hogash Kallyas kallyas.This issue affects Kallyas: from n/a through <= 4.22.0.

Missing Authorization vulnerability in hogash Kallyas kallyas.This issue affects Kallyas: from n/a through <= 4.22.0.

Missing Authorization vulnerability in hogash Kallyas kallyas.This issue affects Kallyas: from n/a through <= 4.22.0.

Missing Authorization vulnerability in ThemeNectar Salient salient.This issue affects Salient: from n/a through < 17.4.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer.This issue af...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer.This issue af...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Cloud Library td-cloud-library all...

Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.

Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.

Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/...

Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.

Insertion of Sensitive Information Into Sent Data vulnerability in Sovlix MeetingHub meetinghub allows Retrieve Embedded Sensitive Data.This issue aff...

Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant ...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Pol...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor....

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for WPBakery)...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodexThemes TheGem Theme Elem...

Missing Authorization vulnerability in CodexThemes TheGem Demo Import (for WPBakery) thegem-importer.This issue affects TheGem Demo Import (for WPBake...

Unrestricted Upload of File with Dangerous Type vulnerability in Case-Themes Case Addons case-addons.This issue affects Case Addons: from n/a through ...

Missing Authorization vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder.This issue affects Cost Calculator Builder: from n/a t...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign Core u-design-core.This issu...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez houzez.This...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Academist acade...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-t...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force SureRank surerank.This issue af...

Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search & Go search-and-go allows Password Recovery Exploitatio...

Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes Revolution revolut...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Savory savory.T...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amauri WPMobile.App wpappninja.This issue affect...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ido Kobelkowsky Simple Paymen...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ido Kobelkowsky Simple Payment simple-payment.Th...

Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows Exploiting Incorrectly Configured Access Control Security Leve...

Cross-Site Request Forgery (CSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Reque...

alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting (XSS). The application permits user-controlled upload, create, and rename o...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jet...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in appscreo Easy Social Share Buttons easy-social-s...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Conference Theme Custom Post Ty...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc Import from YML import-from-yml allows ...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Alloggio - Hotel ...

Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king-addons allows Privilege Escalation.This issue affects Ki...

Unrestricted Upload of File with Dangerous Type vulnerability in KingAddons.com King Addons for Elementor king-addons allows Upload a Web Shell to a W...

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient vali...

Improper privilege management during pre-MFA cookie handling in Devolutions Server allows a low-privileged authenticated user to impersonate another a...

Improper access control in Devolutions allows a View-only user to retrieve sensitive third-level nested fields, such as password lists custom values, ...

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 with the readwrite passwo...

An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows a remote attacker to cause a denial of service via t...

An unauthenticated reflected cross-site scripting vulnerability in the query handling of CMSimpleXH allows remote attackers to inject and execute arbi...

A reflected XSS vulnerability exists in CMSimple_XH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before ...

An ownership verification issue in the Virtual Desktop preview page in the Research and Engineering Studio (RES) on AWS before version 2025.09 may all...

An issue was discovered in AnyDesk through 9.0.4. When the connection between two clients is established via an IP address, it is possible to manipula...

An issue was discovered in AnyDesk through 9.0.4. Remote Denial of Service can occur because of incorrect deserialization that results in failed memor...

An issue was discovered in AnyDesk before 9.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processin...

An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my device" permission can manipulate remote AnyDesk sett...

containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0...

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integr...

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4....

A Server-Side Request Forgery (SSRF) in the /api/proxy/ component of linshenkx prompt-optimizer v1.3.0 to v1.4.2 allows attackers to scan internal res...

A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content Management Sy...

SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of the ‘uid’ parameter within the ‘export’ functionality...

SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’...

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypas...

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypas...

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypas...

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypas...

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypas...

D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interf...

Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files o...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting (XSS) vulnerability via NetworksController.addNetworkAction(). I...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting (XSS) vulnerability via StandaloneVpnClientsController.addStanda...

Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute path traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfi...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction() that allows an aut...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxDeviceController.ajaxDeviceAction() that allows an authen...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxNetworkController.ajaxAction() that allows an authenticat...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxNetworkFwRulesAction() that allows ...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxDeviceFwRulesAction() that allows a...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxStandaloneVpnClientsController.ajaxAction() that allows a...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxPrevalidationController.ajaxAction() that allows an authe...

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction() that allows an authenti...

runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2,...

Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary...

oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote a...

oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote a...

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges...

A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle (MITM) attack.

IBM OpenPages 9.1, and 9.0 with Watson is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would b...

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can tr...

Apollo Router Core is a configurable graph router written in Rust to run a federated supergraph using Apollo Federation 2. In versions 1.61.11 below, ...

Magento-lts is a long-term support alternative to Magento Community Edition (CE). Versions 20.15.0 and below are affected by a stored Cross-Site Scrip...

Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the IP address of the project member inviting the user to the pro...

ThinkDashboard is a self-hosted bookmark dashboard built with Go and vanilla JavaScript. Versions 0.6.7 and below contain a Blind Server-Side Request ...

A flaw was found in the 3scale Developer Portal. When creating or updating an account in the Developer Portal UI it is possible to modify fields expli...

Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potential...

Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted ...

Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a cr...

Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI ...

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omni...

Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific U...

Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a...

Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in s...

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in...

Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML pa...

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a craf...

Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafte...

ThinkDashboard is a self-hosted bookmark dashboard built with Go and vanilla JavaScript. In versions 0.6.7 and below, an attacker can upload any file ...

ThinkDashboard is a self-hosted bookmark dashboard built with Go and vanilla JavaScript. In versions 0.6.7 and below, there is a stored Cross-Site Scr...

Jellysweep is a cleanup tool for the Jellyfin media server. In versions 0.12.1 and below, /api/images/cache, used to download media posters from the s...

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. In versions 1.69.0 and below, missing authentication in the...

Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted H...

Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. (Chrom...

Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote attacker who had compromised the renderer process to potenti...

Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a craf...

The Ubia camera ecosystem fails to adequately secure API credentials, potentially enabling an attacker to connect to backend services. The attacker ...

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse dir...

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code exec...

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code exec...

Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or dat...

A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirect_uri param...

A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypass filety...

A vulnerability in Nuxt DevTools has been fixed in version **2.6.4***. This issue may have allowed Nuxt auth token extraction via XSS under certain co...

CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe f...

The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wp_user.php file in v...

Manager-io/Manager is accounting software. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorize...

Dosage is a comic strip downloader and archiver. When downloading comic images in versions 3.1 and below, Dosage constructs target file names from dif...

OctoPrint provides a web interface for controlling consumer 3D printers. Versions 1.11.3 and below are affected by a vulnerability that allows injecti...

kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any cl...

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore...

The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the copy_post_image() function i...

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capabili...

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Insecure Direct Object Reference via the admin...

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 th...

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-#146 and below, the Manage Photos feature is vulnerable to stored Cross-site...

The WP Airbnb Review Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including,...

The Page & Post Notes plugin for WordPress is vulnerable to unauthorized modification of notes due to a missing capability check on the 'yydev_notes_s...

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-#146 and below, the Manage Playlists feature is vulnerable to stored Cross-s...

(conda) Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation d...

archives is a Go library for extracting archives (tar, zip, etc.). Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive...

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. Thi...

Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router 'WSR-1800AX4 series'. When WPS is enabled, PIN code a...

SQL injection vulnerability in DIAL's CentrosNet v2.64. Allows an attacker to retrieve, create, update, and delete databases by sending POST and GET r...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQL Injection: Hibernate vulnerability in GG Soft So...

A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_cl...

A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/....

A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newslett...

A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This ma...

A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/...

Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execut...

A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of ...

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelist_main.php. The manipulation of the argume...

A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/spec_add.php. Thi...

A NULL pointer dereference vulnerability has been reported to affect several product versions. If a remote attacker gains a user account, they can the...

An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or co...

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit ...

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit ...

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user ac...

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user ac...

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an admini...

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit ...

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user ac...

A cross-site scripting (XSS) vulnerability has been reported to affect Notification Center. If a remote attacker gains an administrator account, they ...

A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can the...

A cross-site scripting (XSS) vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploi...

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnera...

A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can th...

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the...

A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If a remote attacker gains a user account, they can then expl...

A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to...

There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit 5a02b1ab208feacf3a34fc123c9381162afbaa95 (2020-11-23) in the d...

An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in file src/main/java/com/rymcu/forest/core/service/secu...

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 (2025-09-14) allows a remot...

In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management function under the system management module, it is ...

In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Management module, the token query interface (/api/a...

A Broken Object Level Authorization (BOLA) vulnerability was discovered in the tRPC project mutation APIs (update, delete, add/remove tag) of the Onlo...

A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /d...

Improper Authentication vulnerability in GE Vernova Smallworld on Windows, Linux allows Authentication Abuse.This issue affects Smallworld: 5.3.3 and ...

AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_plugin_upload of the interface '/plugin/install-upl...

An Open Redirect vulnerability exists in the OAuth callback handler in file onlook/apps/web/client/src/app/auth/callback/route.ts in Onlook web applic...

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the text editor feature of the Onlook web application 0.2.32. This vulnerability occurs...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in GE Vernova Smallworld on Windows, Linux allows File Ma...

An uninitialized stack read issue exists in Amazon Ion-C versions <v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in ...

A security flaw has been discovered in Campcodes School File Management 1.0. This affects an unknown part of the file /admin/update_user.php. Performi...

AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Since the _encode_image_bs64 function defined in enti...

Cross-Site Scripting (XSS) vulnerability in SourceCodester "MatchMaster" 1.0 allows remote attackers to inject arbitrary web script or HTML via crafte...

Cross-Site Scripting (XSS) vulnerability in SourceCodester User Account Generator 1.0 allows remote attackers to execute arbitrary JavaScript code in ...

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unauthorized state-changing operation...

A SQL injection vulnerability exists in the SourceCodester PQMS (Patient Queue Management System) 1.0 in the api_patient_schedule.php endpoint. The ap...

Apollo Router Core is a configurable Rust graph router written to run a federated supergraph using Apollo Federation 2. Versions 1.61.12-rc.0 and belo...

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions 4.2.0 through 7.5.3, and 8.0.0 thr...

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leve...

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Co...

Improper handling of malformed Connection Request with the interval set to be 1 (which supposed to be illegal) and the chM 0x7CFFFFFFFF triggers a cr...

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnera...

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user ...

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Co...

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user t...

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) clpplus co...

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1, 6...

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow a local user to cause a...

IBM Db2 12.1.0 through 12.1.2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a local user to cause a denial of service due to i...

IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) under specific configurations could allow a local user to exec...

A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context o...

The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross...

Zitadel is an open source identity management platform. Versions 4.0.0-rc.1 through 4.6.2 are vulnerable to secure Direct Object Reference (IDOR) atta...

KubeVirt is a virtual machine management add-on for Kubernetes. Versions 1.5.3 and below, and 1.6.0 contained a flawed implementation of the Kubernete...

A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to cra...

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validatio...

Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Task Title" and "Description (Optional)" fields when...

The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting (XSS) due to improper handling...

Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medicine Name" and "Notes (Optional)" fields when creati...

A flaw was found in the xmlSetTreeDoc() function of the libxml2 XML parsing library. This function is responsible for updating document pointers when ...

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. ...

Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access...

Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access...

TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q parameter.

TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter.

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). In versions 2....

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious i...

Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of...

Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a code execution vulnerability in the EWEB management sy...

Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 R1, 2024 R2, 2023 R2, and prior. When e.g., a local...

A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue exists in the "/styles/" path, which fails to proper...

CrushFTP11 before 11.3.7_57 is vulnerable to stored HTML injection in the CrushFTP Admin Panel (Reports / "Who Created Folder"), enabling persistent H...

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be ...

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM to read arbi...

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, due to the peer verification logic in virt-handler (via veri...

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disru...

KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, suc...

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launc...

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a...

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTM...

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via...

Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform domain...

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. ...

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information ...

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTM...

CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.4.0 through 2.48.1, a malicious CVAT user with a...

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an ...

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.7 and below and 8.0.0-beta....

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.7 and prior, 8.0.0-beta.1 thro...

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.7 and prior, 8.0.0-beta.1 thro...

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.7 and below allow unauthentica...

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 8.9.0 and below contain a time-base...

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 8.6.0 through 8.9.0, there is an...

Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data (e...

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. In versions 0.6.34 and below, the functionality tha...

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.6.224 and prior contain a code injection...

The Asgaros Forum plugin for WordPress is vulnerable to SQL Injection via the '$_COOKIE['asgarosforum_unread_exclude']' cookie in all versions up to, ...

The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_ne...

The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0 via the 'group_id' param...

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to SQL Injection via the 'post_types' parameter...

The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpfnl_delete_log() functio...

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php fi...

The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, ...

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via adding scripts in all versions u...

The HTML Forms – Simple WordPress Forms Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up...

The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the auto-image creati...

The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '...

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired() and clearTempDa...

The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mp' parameter in all versions up to, and including, 2....

The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And Increase Sales plugin for WordPress is vulnerable to una...

The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /c...

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Limited Code Injection in all versions up to, and including...

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized booking note creation due to a missing capab...

The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured ca...

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all ver...

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to PHP Object Injection in all versions up t...

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capab...

The Mail Mint plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_contact_attribute_import...

The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'delete_orphaned' function in all versions up to, and including,...

The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' functionality i...

The Alex Reservations: Smart Restaurant Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in th...

The Saphali LiqPay for donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'saphali_liqpay' shortcode in all versions up ...

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Call To Action widget in versions up to, an...

A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of the file /admin/roomdel.php. Executing manipulation ...

A vulnerability has been found in aaPanel BaoTa up to 11.1.0. This vulnerability affects unknown code of the file /database?action=GetDatabaseAccess o...

A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown processing of the component Init Script Handler. The manipulat...

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/...

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 ("serial: qcom-ge...

In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure set_ent is always present Ensure that set_ent is always set...

A vulnerability was identified in TOZED ZLT T10 T10PLUS_3.04.15. The affected element is an unknown function of the file /reqproc/proc_post of the com...

A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /d...

A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graphql/types/Order/Order.resolvers...

A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product...

A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /I...

A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm o...

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/commo...

A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the fil...

A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/d...

U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to...

U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to...

EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechanism vulnerability, allowing unauthenticated remote attacker to predict or brute-...

A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This...

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archives_add.php. Su...

EIP Plus developed by Hundred Plus has an Arbitrary File Uplaod vulnerability, allowing privileged remote attackers to upload and execute web shell ba...

New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the...

A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipu...

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function save_user/update_user of the file /LoginRegistration....

A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown function of the file /view-ticket.php. The manipulat...

Versions of the package cloudinary before 2.7.0 are vulnerable to Arbitrary Argument Injection due to improper parsing of parameter values containing ...

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/...

A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=...

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master bra...

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master bra...

A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&acti...

A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowled...

A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer pe...

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute ...

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious...

Stored Cross Site Scripting (XSS) vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/on...

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report vi...

Cross Site Scripting (XSS) vulnerability stored in SOPlanning v1.53.02, which consist of a stored XSS due to a lack of proper validation of user input...

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /p...

A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of t...

In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation

In JetBrains dotTrace before 2025.2.5 local privilege escalation possible via race condition

In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations

In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit

In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API

In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure

In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context

In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget

In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token

In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after set...

A Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user ...

The send_message.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery (CSRF). The application does n...

A Cross-Site Request Forgery (CSRF) vulnerability in the SourceCodester Client Database Management System 1.0 allows an attacker to cause an authentic...

Cross-Site Request Forgery (CSRF) in SourceCodester Product Expiry Management System. The User Management module (delete-user.php) allows remote attac...

Dell Display and Peripheral Manager, versions prior to 2.1.2.12, contains an Execution with Unnecessary Privileges vulnerability in the Installer. A l...

Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the wpapsk_crypto parameter of the wlSetExternParameter function. This vulnera...

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. This vulnerability ...

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerabi...

Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerabili...

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. This vulnera...

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows atta...

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attack...

The patient prescription viewing functionality in his_doc_view_single_patient.php of rickxy Hospital Management System version 1.0 contains an SQL inj...

A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of t...

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the guestSsid parameter of th...

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can...

The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to Mac and Linux supported versions that invoked multiple s...

Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm ...

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of t...

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is ...

In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service.

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chrom...

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTM...

Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chr...

Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious ext...

Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium...

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a craf...

Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTM...

Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to obtai...

Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corrupti...

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially...

Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific ...

Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML ...

Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HT...

Incorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI...

Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to leak ...

Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI ges...

Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specif...

Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bounds memory write vi...

Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer p...

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a cra...

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage i...

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage i...

IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages.

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is...

An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to Administrator vi...

BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line...

Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. This vulnerabi...

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET (Supervisor-mode Exception Return) instruction fail...

Combodo iTop is a web based IT service management tool. In versions prior to 3.2.2, when displaying content in a browse brick in the user portal, a cr...

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a field with an...

Combodo iTop is a web based IT service management tool. In versions on the 3.x branch prior to 3.2.2, an insecure direct object reference allows a use...

KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution vulnerability in its boot/update logic: during startup ...

ktg-mes before commit a484f96 (2025-07-03) has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and ...

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, a user that has enough rights to create webhooks (mostl...

changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update A...

Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code during broa...

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to a cross-site scripting attack (leading to...

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In ve...

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In ve...

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In ve...

OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy...

ProsemirrorToHtml is a JSON converter which takes ProseMirror-compatible JSON and outputs HTML. In versions 0.2.0 and below, the `prosemirror_to_html`...

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. The MongoDB `explain()` method provides detail...

Langfuse is an open source large language model engineering platform. Starting in version 2.70.0 and prior to versions 2.95.11 and 3.124.1, in certain...

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where...

Bugsink is a self-hosted error tracking tool. In versions prior to 2.0.5, brotli "bombs" (highly compressed brotli streams, such as many zeros) can be...

Bugsink is a self-hosted error tracking tool. In versions prior to 2.0.6, a specially crafted Brotli-compressed envelope can cause Bugsink to spend ex...

Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107,...

Milvus is an open-source vector database built for generative AI applications. An unauthenticated attacker can exploit a vulnerability in versions pri...

The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Start...

PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer compo...

Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitra...

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access...

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues sea...

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers wit...

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL in...

Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where webhook URLs are not validated...

SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions prior to 1.45.2, users who ...

In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated incorrect signature results with low probability.

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with basic privileges could execute a spe...

Migration Workbench (DX Workbench) in SAP NetWeaver Application Server for ABAP fails to trigger a malware scan when an attacker with administrative p...

SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject JNDI environment properties or pass a URL used during JNDI lookup operati...

Due to missing authentication, SAP HANA 2.0 (hdbrss) allows an unauthenticated attacker to call a remote-enabled function that will enable them to vie...

Due to a Reflected Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and...

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function...

SAP GUI for Windows may allow a highly privileged user on the affected client PC to locally access sensitive information stored in process memory duri...

SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this v...

SQL Anywhere Monitor (Non-GUI) baked credentials into the code,exposing the resources or functionality to unintended users and providing attackers wit...

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network acce...

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim...

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write,...

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply cr...

Due to information disclosure vulnerability in anonymous API provided by SAP Business One (SLD), an attacker with normal user access could gain access...

SAP S4CORE (Manage journal entries) does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. T...

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URL...

SAP S/4HANA landscape SAP E-Recruiting BSP allows an unauthenticated attacker to craft malicious links, when clicked the victim could be redirected to...

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may ...

The Include Fussball.de Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'api' and 'type' parameters in all versions ...

The Mementor Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.5. This is due to plugin not pr...

The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the Cpiwm_Import_Controlle...

The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to arbitrary files reads in all versions up to, and incl...

The EasyCommerce – AI-Powered, Fast & Beautiful WordPress Ecommerce Plugin plugin for WordPress is vulnerable to Privilege Escalation in versions 0.9....

The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient validation of remo...

The Wisly plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.0 due to missing validation...

The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skipto' shortcode in all versions up to, and includin...

The Woocommerce – Products By Custom Tax plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'woo_products_custom_tax' shortcode...

The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstrap_tab' shortcode in all versions up to, and i...

The Magazine Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headerHtmlTag' attribute in the bnm-blocks/featured-...

The Five9 Live Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'toolbar' attribute of the [five9-chat] shortcode in all...

The Eventbee Ticketing Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eventbeeticketwidget' shortcode in all versio...

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and ...

The Twitter Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ottwitter_feed' shortcode in all versions up to, and inclu...

The My Geo Posts Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mygeo_city' shortcode in all versions up to, and incl...

The Precise Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `wrap_id` shortcode attribute in all versions up to, and...

The WP BBCode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' shortcode in all versions up to, and including,...

The Slippy Slider – Responsive Touch Navigation Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slippy-slid...

The Simple Donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's simpledonate shortcode in versions less than, or ...

The CTL Arcade Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing...

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.0 through publicly ex...

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoi...

The Crypto plugin for WordPress is vulnerable to Information exposure in all versions up to, and including, 2.22. This is due to the plugin registerin...

The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plug...

The Find Unused Images plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the fui_delete_image() and...

The Document Pro Elementor – Documentation & Knowledge Base plugin for WordPress is vulnerable to Information Exposure in all versions up to, and incl...

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultipl...

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitr...

The Featured Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image metadata in all versions up to, and including, 2.1 due ...

The Double the Donation – A workplace giving tool to help your fundraising efforts plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...

The WP-OAuth plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'error_description' parameter in all versions up to, and inc...

The The Total Book Project plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0 via severa...

The WP Custom Admin Login Page Logo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.8.4. Th...

The Private Google Calendars plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pgc_rem...

The Fleet Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.5.1 due...

The USB Qr Code Scanner For Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. ...

The WP-Walla plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 0.5...

The YSlider plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 1.1....

The Squirrels Auto Inventory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including...

The RandomQuotr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.4 due t...

The Elastic Theme Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a dynamic code generation feature in the process_theme fu...

The Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nonaki' sh...

The Live Photos on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'video_src', 'img_src', and 'class' parameters ...

The Ungapped Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'prefillvalues' parameter in the ungapped-form shortcod...

The Preload Current Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'complete' parameter in the 'preload_progress_bar...

The Coon Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter in the 'map' shortcode in all versio...

The Jeba Cute forkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' parameter in the 'jeba_forkit' shortcode in all ...

The Ninja Countdown | Fastest Countdown Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on t...

The GitHub Gist Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the 'gist' shortcode in all vers...

The WP Count Down Timer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters of the 'wp_countdown_timer' shortcod...

The WP-Iconics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters of the 'wp_iconics' shortcode in all versions...

The Flickr Show plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'div_height' parameter of the 'flickrshow' shortcode in all ...

The Share to Google Classroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the share_to_google shortcode in all versions up t...

The Chart Expert plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pmzez_chart' shortcode in all versions up to, and includin...

The Geopost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter of the 'geopost' shortcode in all versions up...

The Holiday class post calendar plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.1 via the 'content...

The Progress Bar Blocks for Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, an...

The Make Email Customizer for WooCommerce WordPress plugin through 1.0.6 lacks proper authorization checks and option validation in its AJAX actions, ...

The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.48 does not sanitize user input provided via an AJAX action, allowing unauthentic...

The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the age_restrictionRemoteSupportRequest function, allowing any authe...

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploite...

A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential pri...

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. Th...

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device ...

ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can o...

A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it.

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerabil...

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerabili...

AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows ...

An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac (BEST) before 7.20.52.200087 allows local users with adminis...

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Mails Deleted or Moved repo...

It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can...

The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This fla...

The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only...

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.

The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. Thi...

The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to unauthorized booking cancellation in all versions ...

The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to missing payment verification to unauthenticated pa...

The Blocksy Companion plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 2.1.19. This is ...

The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data...

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Si...

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report.

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aryom Software High Technology Systems In...

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation...

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation...

Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security...

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation...

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation...

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation...

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation...

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration.

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without ...

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious Java...

A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any ...

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the ...

A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.

Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, ...

Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improp...

Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.

An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the loc...

Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk In...

Collision in MiniFilter driver in Avast Software Avast Free Antivirus  before 25.9  on Windows allows a local attacker with administrative privileges ...

Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary ...

Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and ...

Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird ...

Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, a...

Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 1...

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 1...

Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and T...

Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < ...

Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunder...

Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird...

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough...

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit

System call entry on Cortex M (and possibly R and A, but I think not) has a race which allows very practical privilege escalation for malicious usersp...

Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y (AX1800 Dual Band PoE Multi-Gig In...

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform M...

Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800...

Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potent...

Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3  on windows allows local attacker to escalate privelages via pool overflow.

Use of unmaintained third party components for some Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications m...

Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of...

Improper input validation for some Intel VTune Profiler before version 2025.1 within Ring 3: User Applications may allow an escalation of privilege. U...

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escala...

External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an ...

Sensitive information uncleared in resource before release for reuse for some Intel(R) NPU Drivers for Windows before version 32.0.100.4023 within Rin...

Improper access control for some SigTest before version 6.1.10 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged sof...

NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issu...

NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control ...

Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation o...

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalati...

Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information di...

Insecure inherited permissions for some Intel(R) Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may al...

Uncontrolled search path for some Intel(R) Killer(TM) Performance Suite software before version killer 4.0 40.25.509.1465 within Ring 3: User Applicat...

Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a ...

Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information di...

Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. Sy...

Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an informati...

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalati...

Uncontrolled search path for the Intel(R) System Support Utility before version 4.1.0 within Ring 3: User Applications may allow an escalation of priv...

Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information ...

Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalatio...

Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may...

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an informat...

Improper link resolution before file access ('link following') for some Intel(R) Server Configuration Utility software and Intel(R) Server Firmware Up...

Uncontrolled search path for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may a...

Improper input validation in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial o...

Protection mechanism failure for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adver...

Improper control of dynamically-managed code resources for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. U...

Null pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. ...

Incorrect default permissions for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an es...

Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3: User Applications may allow a denial of service. System...

Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information d...

Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications ...

Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of p...

Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege...

Time-of-check time-of-use race condition for some ACAT before version 3.13 within Ring 3: User Applications may allow a denial of service. Unprivilege...

Uncontrolled search path for some Intel(R) Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may al...

Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. System soft...

Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial...

Uncontrolled search path for some Intel Driver and Support Assistant before version 25.2 within Ring 3: User Applications may allow an escalation of p...

Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation...

Incorrect default permissions for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow an escalation of privilege....

Time-of-check time-of-use race condition for some Intel Ethernet Adapter Complete Driver Pack software before version 1.5.1.0 within Ring 3: User Appl...

Uncontrolled search path for some System Event Log Viewer Utility software for all versions within Ring 3: User Applications may allow an escalation o...

Uncontrolled search path for some Intel(R) Graphics Software before version 25.22.1502.2 within Ring 3: User Applications may allow an escalation of p...

Uncontrolled search path for the Instrumentation and Tracing Technology API (ITT API) software before version 3.25.4 within Ring 3: User Applications ...

Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System...

Incorrect default permissions for some Intel(R) Thread Director Visualizer software before version 1.1.1 within Ring 3: User Applications may allow an...

Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of se...

Uncontrolled search path for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalat...

Improper access control for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow a denial of service. Network adve...

Uncontrolled search path for some FPGA Support Package for the Intel oneAPI DPC++C++ Compiler software before version 2025.0.1 within Ring 3: User App...

Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service....

Incorrect default permissions in some firmware for the Intel(R) Arc(TM) B-series GPUs within Ring 1: Device Drivers may allow an escalation of privile...

Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escala...

Unquoted search path for some PRI Driver software before version 03.03.1002 within Ring 3: User Applications may allow an escalation of privilege. Unp...

Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System so...

Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privi...

Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial...

NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause ...

NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure.  A successful exploit of this vulnera...

NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, information discl...

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large pa...

Insufficient control flow management for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers m...

Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial ...

Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Startup code and smm a...

Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial...

Uncontrolled search path for the Intel MPI Library before version 2021.16 within Ring 3: User Applications may allow an escalation of privilege. Unpri...

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the...

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the...

InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in t...

InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context o...

InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context o...

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code exec...

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code exec...

Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.

Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges...

Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.

Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevat...

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate...

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate...

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.

Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to de...

External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.

Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.

Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges l...

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.

Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privil...

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny s...

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution...

Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execut...

Illustrator on iPad versions 3.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary ...

Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code executio...

Illustrator on iPad versions 3.0.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in t...

Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code executio...

Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in...

Illustrator on iPad versions 3.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary ...

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose informa...

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attac...

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attac...

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code loc...

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate...

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an...

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an author...

Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.

Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorize...

Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attac...

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locall...

Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypas...

Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in ...

Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in ...

Format Plugins versions 1.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a rea...

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could le...

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could le...

Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverag...

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could le...

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could le...

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could le...

A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL ch...

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privil...

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privil...

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to extraction of ...

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to run arbitrary ...

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to alter the loca...

When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasourc...

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate client cert...

A vulnerability has been identified in Altair Grid Engine (All versions < V2026.0.0). Affected products do not properly handle error messages and disc...

A vulnerability has been identified in Altair Grid Engine (All versions < V2026.0.0). Affected products do not properly validate environment variables...

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! ...

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! ...

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! ...

A vulnerability has been identified in Siemens Software Center (All versions < V3.5), Solid Edge SE2025 (All versions < V225.0 Update 10). The affecte...

When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasour...

Substance3D - Stager versions 3.1.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in...

Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the co...

Substance3D - Stager versions 3.1.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary...

Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the co...

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 11.4, tvOS 18.4, visionOS 2.4, iOS 18.4 and ...

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a null-ptr access in the cursor snooper Check that the resource ...

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix Use-after-free in validation Nodes stored in the validation dupl...

A health check port on Zscaler Client Connector on Windows, versions 4.6 < 4.6.0.216 and 4.7 < 4.7.0.47, which under specific circumstances was not r...

The Wishlist and Save for later for Woocommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and incl...

The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to Insecure Direct Object Referen...

The Asgaros Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing...

The Team Members Showcase WordPress plugin before 3.5.0 does not sanitize and escape a parameter before outputting it back in the page, leading to ref...

The MembershipWorks – Membership, Events & Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versi...

The Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images plugin for WordPress is vulnerable to unauthorized loss of data due to a ...

The Booking Calendar | Appointment Booking | Bookit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabilit...

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject pers...

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain ...

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access toke...

The a+HRD and a+HCM developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to upload files cont...

Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers...

Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers...

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to unauthorized access of sensitive information due to a mi...

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-b...

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that...

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that...

Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in ...

Apache OpenOffice documents can contain links to other files. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft ...

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that...

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corru...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in DivvyDrive Information Technologies Inc. ...

Improper Limitation of a Pathname 'Path Traversal') vulnerability in Algosec Firewall Analyzer on Linux, 64 bit allows an authenticated user to upload...

Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant.

Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.03. Users are recommend...

Reflected cross-site scripting vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.03. Users are recommended to upgrade to ...

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that...

The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eos_sc...

The Easy Email Subscription plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in all versions up to, and incl...

In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara The r...

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E The ADSP firmware on X1E ha...

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() During mpt...

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthre...

In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl() Commit...

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d...

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4_mb_init() In ext4_mb_init(), ext4_mb_avg_...

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB r...

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping When an invalid value...

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix IA32_PMC_x_CFG_B MSRs access error When running perf_fuzzer ...

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expected_attach_type for tailcall compatibility Yinhao et al. recen...

In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III...

In the Linux kernel, the following vulnerability has been resolved: blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx I...

In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC Th...

In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in ks_sa_rng_init Fix division by zero in ks...

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix symbolic link reading when bs > ps [BUG DURING BS > PS TEST] When run...

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix null pointer dereference on zero-length checksum In xdr_stream_decod...

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpu_la...

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu() In ath12k_dp_mo...

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback In create_sdw_da...

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). mptcp_acti...

In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in __dm_suspend() There is a race condition bet...

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() ...

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - request reserved interrupt for virtual function The devic...

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fs_truncate() syzbot reports...

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fs_check_quota_consistency() sy...

In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx...

In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast syzbot rep...

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix possible UAF on iso_conn_free This attempt to fix similar is...

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT snd_...

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpf_scc_visit on speculative path Syzb...

In the Linux kernel, the following vulnerability has been resolved: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe() devm_kc...

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure When devm_...

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nr_requests grown Allocate and free sched_t...

In the Linux kernel, the following vulnerability has been resolved: blk-throttle: fix access race during throttle policy activation On repeated cold...

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL pointer checks in dc_stream cursor attribute functions ...

In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_f...

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs:...

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: No support of struct argument in trampoline programs The current...

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix bootup splat with separate_gpu_drm modparam The drm_gem_for_each_gp...

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling m...

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value...

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTP...

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() The dr...

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading t...

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rc...

In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdp_desc validation Turned out certain clearly in...

In the Linux kernel, the following vulnerability has been resolved: xen/events: Return -EEXIST for bound VIRQs Change find_virq() to return -EEXIST ...

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fix SGI cleanup on unbind The driver incorrectly determines...

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails devm_kasprintf...

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop dl_server before CPU goes offline IBM CI tool reported kern...

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smp_processor_id() in preemptible code warnings Syzbot reporte...

In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: m2m: Fix streaming cleanup on release If streamon/streamof...

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check GuC running state before deregistering exec queue In normal op...

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINE_DATA + EXTENTS flag combination syzbot reported a BU...

In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). smc_clc_prfx_...

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the check_...

In the Linux kernel, the following vulnerability has been resolved: net: use dst_dev_rcu() in sk_setup_caps() Use RCU to protect accesses to dst->de...

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: move lsop put work to nvmet_fc_ls_req_op It’s possible for more than o...

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Currently...

In the Linux kernel, the following vulnerability has been resolved: net/ip6_tunnel: Prevent perpetual tunnel growth Similarly to ipv4 tunnel, ipv6 v...

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix SMP ordering in switch_mm_irqs_off() Stephen noted that it is possib...

In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp ...

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tls_strp_msg_hold fails Async decrypt...

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers ...

Improper Authentication vulnerability in TYPO3 Extension "Modules" codingms/modules.This issue affects Extension "Modules": before 4.3.11, from 5.0.0 ...

A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root.This issue affects light...

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause elevated system access wh...

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain acce...

CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properl...

Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suff...

Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10-20240725 allows attackers to access sensitive API end...

N-central < 2025.4 is vulnerable to authentication bypass via path traversal

The N-central Software Probe < 2025.4 is vulnerable to Remote Code Execution via deserialization

N-central versions < 2025.4 are vulnerable to an XML External Entities injection leading to information disclosure

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryption_helpe...

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password (WPA/WPA2 pre-shared key) to be predicted fro...

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permit_no field.

An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Golemiq 0 Day Analytics allows SQL Injection.Thi...

N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N-central: before 2025.4.

A maliciously crafted JPG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage t...

A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor can leverage this vu...

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.166 allowed a remote attacker to potentially exploit heap corruption via a cra...

A flaw was found in the Observability Operator. The Operator creates a ServiceAccount with *ClusterRole* upon deployment of the *Namespace-Scoped* Cus...

Cross-site scripting (XSS) vulnerability in the generate report functionality in Rarlab WinRAR 7.11, allows attackers to disclose user information suc...

If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in...

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server (e.g. through server-side request forgery), they can exploit the fact t...

Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields.

Cross Site Scripting (XSS) vulnerability in CrushFTP 11.3.6_48. The Web-Based Server has a feature where users can share files, the feature reflects t...

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121,...

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 a...

Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious actor may be able to enumerate sensitive information ...

A Cross-Site Request Forgery (CSRF) in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request.

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service (DoS) via crafted JSON Web Encrypti...

Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability.

Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters.

Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to acc...

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument `x-amz-copy-source` to put ...

A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=sa...

A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-suppli...

A Cross-Site Request Forgery (CSRF) vulnerability in Salmen2/Simple-Faucet-Script v1.07 via crafted POST request to admin.php?p=ads&c=1 allowing attac...

CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as ...

A stored cross-site scripting (XSS) in the Business Line Management module of Xxl-api v1.3.0 attackers to execute arbitrary web scripts or HTML via in...

The Datadog Agent collects events and metrics from hosts and sends them to Datadog. A vulnerability within the Datadog Linux Host Agent versions 7.65....

free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an UplinkRANConfigurationTransfer NGAP message from a gNB, the AMF proce...

A heap-use-after-free vulnerability exists in airpig2011 IEC104 thru Commit be6d841 (2019-07-08). During multi-threaded client execution, the function...

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 (2019-07-08). When multiple threads enqueue elements concurre...

Open Access Management (OpenAM) is an access management solution. In versions prior to 16.0.0, if the "claims_parameter_supported" parameter is activa...

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high...

A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, un...

A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could all...

An arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allow remote co...

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler....

A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /manage_career....

A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey....

IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end...

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injecti...

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Inject...

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.17...

An improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an au...

An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privi...

A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown function of the file /index.php?page=manage_voting. Per...

A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The...

IBM OpenPages 9.0 and 9.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an atta...

Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access cou...

An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang durin...

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins enteri...

Evervault is a payment security solution. A vulnerability was identified in the `evervault-go` SDK’s attestation verification logic in versions of `ev...

AUTOMGEN versions up to and including 8.0.0.7 (also referenced as 8.022) contain a vulnerability in that project file handling frees an object and sub...

JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model) contain a directory traversal vulnerability in the c...

UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX contr...

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' en...

FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602 contain a stack-based buffer overflow, as the HTTP ser...

DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes hand...

TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control's licensing handling (INI-file based) that can be abu...

The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /...

Ozeki SMS Gateway versions up to and including 10.3.208 contain a path traversal vulnerability. Successful exploitation allows an unauthenticated atta...

Tinycontrol LAN Controller v3 (LK3) firmware versions up to 1.58a (hardware v3.8) contain a missing authentication vulnerability in the stm.cgi endpoi...

IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.

In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pid_nr_ns __task_pid_nr_ns ns = task_...

In the Linux kernel, the following vulnerability has been resolved: ext4: verify orphan file size is not too big In principle orphan file can be arb...

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop The cleanu...

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When runn...

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d ("crypto: api - Add...

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} Cilium has a BPF egress g...

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running wi...

In the Linux kernel, the following vulnerability has been resolved: ice: ice_adapter: release xa entry on adapter allocation failure When ice_adapte...

In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). syzbot reported t...

In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new...

In the Linux kernel, the following vulnerability has been resolved: pwm: berlin: Fix wrong register in suspend/resume The 'enable' register should b...

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error(-ETIMEDOUT) in lan78xx_read...

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found ...

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd process ref leaking when userptr unmapping kfd_lookup_proces...

In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c6089...

In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: add input size check in proc_write_simdisk A malicious user cou...

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() The cp...

In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mnt_ns_release() When calling in listmount() mnt_ns...

In the Linux kernel, the following vulnerability has been resolved: fs: quota: create dedicated workqueue for quota_release_work There is a kernel p...

In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before put device The device minor should not be c...

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Unlike ...

In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix PP_MAGIC_MASK to avoid crashing on some 32-bit arches Helge repor...

In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfs_read_inode() Syskaller reports ...

In the Linux kernel, the following vulnerability has been resolved: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64...

In the Linux kernel, the following vulnerability has been resolved: ipmi: Rework user message limit handling The limit on the number of user message...

In the Linux kernel, the following vulnerability has been resolved: listmount: don't call path_put() under namespace semaphore Massage listmount() a...

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs nee...

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfs_encode_fh() The function btrfs_enc...

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_objref: validate objref and objrefmap expressions Referencing a s...

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() v4l2...

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmwa...

A stored cross-site scripting (XSS) vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the application's message system. Unsanitized ...

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interacti...

DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a ...

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.17...

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony's HttpFoundation component defines an object...

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. I...

sudo-rs is a memory safe implementation of sudo and su written in Rust. With `Defaults targetpw` (or `Defaults rootpw`) enabled, the password of the ...

A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Perfor...

A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Exec...

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Ver...

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able ...

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revo...

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into ...

Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting (XSS) vulnerabil...

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Starting in version 1.7.7 and prior to version 2.0.3, dragging a ...

Anubis is a Web AI Firewall Utility that challenges users' connections in order to protect upstream resources from scraper bots. Prior to version 1.23...

The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to privilege escalation. This is due to the plugin ...

The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the c...

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up ...

The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.1 via the '_srfm_email_n...

The Import any XML, CSV or Excel File to WordPress (WP All Import) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, ...

The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_plugin_op...

The Welcart e-Commerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'usces_export' actio...

The Survey Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ays_survey_show_results' ...

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the ‘filterbyauthor’ param...

The Comment Edit Core – Simple Comment Editing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and includi...

The AI Engine plugin for WordPress is vulnerable to PHP Object Injection via PHAR Deserialization in all versions up to, and including, 3.1.8 via dese...

The Angel – Fashion Model Agency WordPress CMS Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting the profile media uploader in al...

The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.15. This is du...

The WordPress Content Flipper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bgcolor' shortcode attribute of the 'flipper_...

The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to un...

The Save as PDF Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's restpackpdfbutton shortcode in all versions ...

Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Le...

Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Exploiting Incorrectly Configured A...

Cross-Site Request Forgery (CSRF) vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affect...

Missing Authorization vulnerability in PluginEver WP Content Pilot wp-content-pilot allows Exploiting Incorrectly Configured Access Control Security L...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Popup addon for Ninja Forms popup-addon-for...

Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control...

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommer...

Missing Authorization vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Exploiting Incorrectly Configured Acc...

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.This issue affects ...

Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configure...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Manager booking-manager allows...

Missing Authorization vulnerability in Ays Pro Survey Maker survey-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This ...

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PascalBajorat Analytics Germanized for Google An...

Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Sec...

Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affect...

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Se...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jet...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Calendar booking allows Stored...

Missing Authorization vulnerability in WebToffee Order Export & Order Import for WooCommerce order-import-export-for-woocommerce allows Exploiting Inc...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Qode Qi Blocks qi-blocks allows Stored XSS.This ...

Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Leve...

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capab...

pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores...

pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True durin...

pgAdmin <= 9.9  is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP characte...

pgAdmin <= 9.9  is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification.

Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users ...

Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to unders...

Cross-site Scripting (XSS) vulnerability reflected in xCally's Omnichannel v3.30.1. This vulnerability allowsan attacker to executed JavaScript code i...

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipula...

A security flaw has been discovered in macrozheng mall-swarm and mall up to 1.0.3. This impacts the function detail of the file /order/detail/ of the ...

A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOr...

Insecure Direct Object Reference (IDOR) vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized...

A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability is the function cancelOrder o...

A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySu...

A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an unknown part. This manipulation causes cross-site requ...

Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their resp...

Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.

Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access.

Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of i...

External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of inf...

External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network acc...

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct...

Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of priv...

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sort_cmp of the file src/array.c. Such manipulation leads...

Lichess lila before commit 11b4c0fb00f0ffd823246f839627005459c8f05c (2025-06-02) contains a Server-Side Request Forgery (SSRF) vulnerability in the ga...

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the cloudupdate_check binary, specificall...

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary, specifically in the s...

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware wi...

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary (sub_401EE0 function). The binar...

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B2023063...

An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router firmware V9.1.0u.6619_B20230130 within the cstecgi.cgi binar...

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware wi...

An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2...

Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an esca...

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through...

Astro is a web framework. In Astro versions 2.16.0 up to but excluding 5.15.5 which utilizeon-demand rendering, request headers `x-forwarded-proto` an...

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, ...

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Starting in version 1.7.7 and prior to version 2.0.3, an unauthen...

ZITADEL is an open source identity management platform. Starting in version 2.50.0 and prior to versions 2.71.19, 3.4.4, and 4.6.6, a vulnerability in...

js-yaml is a JavaScript YAML parser and dumper. In js-yaml 4.1.0 and below, it's possible for an attacker to modify the prototype of the result of a p...

A vulnerability exists in Keycloak's server distribution where enabling debug mode (--debug <port>) insecurely defaults to binding the Java Debug Wire...

A security vulnerability has been detected in cameasy Liketea 1.0.0. Impacted is the function list of the file laravel/app/Http/Controllers/Front/Stor...

A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an ...

A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privile...

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted c...

A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site...

A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to re...

A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.t...

A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The apply_cgi and block_c...

A stack-based buffer overflow vulnerability exists in the libshared.so library of Cisco Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz...

A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001...

A stack-based buffer overflow vulnerability exists in the mtk_dut binary of Linksys E7350 routers (Firmware 1.1.00.032). The function sub_4045A8 reads...

A stack-based buffer overflow vulnerability exists in the makeRequest.cgi binary of Linksys RE7000 routers (Firmware FW_v2.0.15_211230_1012). The arpl...

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11 fail to properly validate team membership permissions in the Add Channel Member API which al...

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination addr...

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination addr...

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppoi...

Mattermost Mobile Apps versions <=2.32.0 fail to verify that SSO redirect tokens originate from the trusted server, which allows a malicious Mattermos...

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries...

A stack-based buffer overflow exists in the get_merge_mac function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar....

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_443...

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_432...

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `librcm.so` binaries. The `...

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_433...

Typebot is an open-source chatbot builder. In version 3.9.0 up to but excluding version 3.13.0, an Insecure Direct Object Reference (IDOR) vulnerabili...

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate...

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same net...

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDy...

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDM...

A stack buffer overflow vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin in the rc binary's USB storage handling module. The ...

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries...

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNe...

An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi() and ...

ZenTao Biz < 6.5, ZenTao Max < 3.0, ZenTao Open Source Edition < 16.5, and ZenTao Open Source Edition < 16.5.beta1 contain an SQL injection vulnerabil...

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access Control vulnerability. A low privileged attacker wit...

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A low priv...

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker wi...

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker wi...

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control vulnerability. A low privileged attacker with local a...

A vulnerability was found in Alaga Home Security WiFi Camera 3K (model S-CW2503C-H) with hardware version V03 and firmware version 1.4.2, which allows...

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 6....

A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2_FWv1.10CNB05_R1B011D88210.img in the upload.cgi module,...

A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. The `getSaveConf...

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagno...

Typebot is an open-source chatbot builder. In versions prior to 3.13.1, a Server-Side Request Forgery (SSRF) vulnerability in the Typebot webhook bloc...

Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. ...

Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue 1 of 3.

Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue 2 of 3.

Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue 3 of 3.

A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a sp...

OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in t...

Astro is a web framework. Starting in version 5.2.0 and prior to version 5.15.6, a Reflected Cross-Site Scripting (XSS) vulnerability exists in Astro'...

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.13.0, Directus does not properly clean up field-l...

A vulnerability has been found in Radarr 5.28.0.10274. The affected element is an unknown function of the file C:\ProgramData\Radarr\bin\Radarr.Consol...

A vulnerability was found in Sonarr 4.0.15.2940. The impacted element is an unknown function of the file C:\ProgramData\Sonarr\bin\Sonarr.Console.exe ...

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorize...

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse d...

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to execute ar...

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due t...

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

Directus is a real-time API and App dashboard for managing SQL database content. A stored cross-site scripting (XSS) vulnerability exists in versions ...

Directus is a real-time API and App dashboard for managing SQL database content. A vulnerability in versions prior to 11.13.0 allows authenticated use...

Directus is a real-time API and App dashboard for managing SQL database content. An observable difference in error messaging was found in the Directus...

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for f...

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints li...

Jitsi Meet is an open source video conferencing application. A vulnerability present in versions prior to 2.0.10532 allows attackers to hijack the OAu...

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. A vulnerability in versions of Apollo Federation's composi...

Inappropriate implementation in Intents in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a craf...

Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access v...

Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML...

Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a crafted QR ...

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape vi...

Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a cra...

Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engage in specific UI ges...

The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insert_data' AJAX endpoint in all versions up ...

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via...

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing vi...

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTM...

Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML ...

IQ-Support developed by IQ Service International has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to a...

IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relati...

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers...

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in NCP-HG100 1.4.48.16 and earlier. If exploit...

Mattermost versions <11 fail to properly restrict access to archived channel search API which allows guest users to discover archived public channels ...

Mattermost versions <11.0 fail to properly enforce the "Allow users to view archived channels" setting which allows regular users to access archived c...

Mattermost versions <11 fail to enforce multi-factor authentication on WebSocket connections which allows unauthenticated users to access sensitive in...

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <= 10.12.0 fail to validate the relationship between the post being updated and the...

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <= 10.12.0 fail to sanitize user data which allows system administrators to access ...

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'SCodes' parameter in all versions up to, and...

Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable ...

QuickCMS is vulnerable to multiple Stored XSS in language editor functionality (languages). Malicious attacker with admin privileges can inject arbitr...

Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. The specific flaw exists within the parsing of DOE files. Local a...

In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly enforced elsewhere, when the search is triggered from...

A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This f...

Memos is a privacy-first, lightweight note-taking service that uses Access Tokens to authenticate application access. When a user changes their passwo...

A weakness has been identified in ury-erp ury up to 0.2.0. This affects the function overrided_past_order_list of the file ury/ury/api/pos_extend.py. ...

Cross Site Scripting vulnerability in Alto CMS v.1.1.13 allows a local attacker to execute arbitrary code via a crafted script.

Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lnam...

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the id and emailid parameters in password-recovery.php.

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php.

PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting (XSS) via adminname and aemailid parameters in /admin-profile.php.

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php.

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php.

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php.

PHPGurukul Student Record Management System 3.20 is vulnerable to SQL Injection via the id and password parameters in login.php.

A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the...

A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admi...

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb...

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153

npm package `expr-eval` is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inh...

A vulnerability was identified in ZZCMS 2023. This impacts an unknown function of the file /admin/wangkan_list.php. Such manipulation of the argument ...

A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/view-member-report.php....

An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to ...

An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to byp...

A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensi...

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remot...

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic A...

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is Exposure of Sensitive Information...

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remot...

An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. Sensitive Information is exposed to an Unauthoriz...

A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which ...

A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which all...

An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote Path Traversal for loading arb...

A Server-side Request Forgery vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Pr...

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remo...

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Technical Information to be Di...

SQL injection (SQL-i) vulnerability in SVX Portal 2.7A via crafted POST request to admin/update_setings.php.

Reflected Cross-Site Scripting (XSS) vulnerability in SVX Portal 2.7A via the id parameter to Recivers.php.

CKFinder 1.4.3 is vulnerable to Cross Site Scripting (XSS) in the File Upload function. An attacker can upload a crafted SVG containing active content...

A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function do_job of the file /rachelos/we...

A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site reques...

A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /edit_profile of the component...

When processing API requests, the Alteryx server 2022.1.1.42654 and 2024.1 used MongoDB object IDs to uniquely identify the data being requested by th...

Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw (CWE-22) that, in combination with Windows ShellExecuteW fallb...

A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can...

A vulnerability has been found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. This issue affects som...

A vulnerability was found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. Impacted is an unknown func...

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing manipu...

A heap corruption vulnerability exists in the Advantech TP-3250 printer driver's DrvUI_x64_ADVANTECH.dll (v0.3.9200.20789) when DocumentPropertiesW() ...

A vulnerability was identified in pojoin h3blog 1.0. The impacted element is an unknown function of the file /admin/cms/category/addtitle. The manipul...

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. T...

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c. Processing a craft...

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input ca...

Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to dis...

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vucc_details_ajax function in application/controllers/Awards.ph...

A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution up to 4.0. This impacts an unknown function of...

A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Suc...

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generate...

Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote ...

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 contain a remote denial-...

IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. T...

Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. T...

PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup interface over HTTP that does not require authentication. A remote, unauthenticated a...

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. Whil...

TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd.php endpoint. The syscmd POST parameter is passed dire...

TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in user...

Vodafone H500s devices running firmware v3.5.10 (hardware model Sercomm VFH500) expose the WiFi access point password via an unauthenticated HTTP endp...

Screen SFT DAB 600/C firmware versions up to and including 1.9.3 contain an improper access control on the user management API allows unauthenticated ...

A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /auth...

General Industrial Controls Lynx+ Gateway is vulnerable to a weak password requirement vulnerability, which may allow an attacker to execute a brute-...

General Industrial Controls Lynx+ Gateway  is missing critical authentication in the embedded web server which could allow an attacker to remotely re...

General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded web server which could allow an attacker to send GET req...

General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow an attacker to observe network tra...

The Brightpick Internal Logic Control web interface is accessible without requiring user authentication. An unauthorized user could exploit this int...

The Brightpick Mission Control web application exposes hardcoded credentials in its client-side JavaScript bundle.

Brightpick Mission Control discloses device telemetry, configuration, and credential information via WebSocket traffic to unauthenticated users when...

The vulnerability, if exploited, could allow an authenticated miscreant (with privilege of "aaConfigTools") to tamper with App Objects' help files a...

The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge...

The Qi Blocks plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the `resize_image_callback()` function in...

The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation ...

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized arbitrary media a...

A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the ...

The Project Management, Team Collaboration, Kanban Board, Gantt Charts, Task Manager and More – WP Project Manager plugin for WordPress is vulnerable ...

The Contest Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 28.0.2. This is due to the plugin...

A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sg...

A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation...

An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certa...

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenti...

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that could...

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could h...

GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have...

An issue has been discovered in GitLab CE/EE affecting all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that, under...

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could h...

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could h...

A vulnerability has been found in DouPHP up to 1.8 Release 20251022. This impacts an unknown function of the file upload/include/file.class.php. The m...

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of th...

A vulnerability was determined in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality. This manipula...

A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /log...

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /add_to_cart. Performin...

A weakness has been identified in code-projects Simple Cafe Ordering System 1.0. This vulnerability affects unknown code of the file /addmem.php. Exec...

A security flaw has been discovered in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. The impacted element is an unknown f...

A weakness has been identified in bestfeng oa_git_free up to 9.5. This affects the function updateWriteBack of the file yimioa-oa9.5\server\c-flow\src...

A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/produc...

A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Execut...

A flaw has been found in projectsend up to r1720. Impacted is an unknown function of the component File Editor/Custom Download Aliases. This manipulat...

A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=s...

A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=produc...

A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executi...

A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php...

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versio...

A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. Th...

A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/prof...

A security vulnerability has been detected in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution 5. Affected by this issue is some ...

A vulnerability was detected in code-projects Student Information System 2.0. This affects an unknown part of the file /searchquery.php. Performing ma...

A flaw has been found in code-projects Student Information System 2.0. This vulnerability affects unknown code of the file /index.php. Executing manip...

A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. ...

A vulnerability was found in code-projects Student Information System 2.0. Impacted is an unknown function of the file /editprofile.php. The manipulat...

A vulnerability was determined in code-projects Student Information System 2.0. The affected element is an unknown function of the file /register.php....

A vulnerability was identified in code-projects Student Information System 2.0. The impacted element is an unknown function of the file /editprofile.p...

A vulnerability was identified in shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a. Impacted is the function JwtAuthen...

A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-b...

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the...

A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTempla...

A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This impacts the function remove/update/pause/start/triggerJob of the component Job ...

A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The atta...

A vulnerability was found in shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a. Affected by this issue is some unknown ...

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /add_librarian.php. T...

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /add_membe...

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /b...

A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Execu...

A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /a...

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows a...

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipu...

A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/edit_unit.php. This mani...

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/edit_product.ph...

A vulnerability was found in lsfusion platform up to 6.1. Affected is the function DownloadFileRequestHandler of the file web-client/src/main/java/lsf...

TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File Delete vulnerability. The application sets up a simple local web server and provi...

TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File Copy and Paste vulnerability. The application sets up a simple local web server ...

ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands an...

A vulnerability was determined in lsfusion platform up to 6.1. Affected by this vulnerability is the function UploadFileRequestHandler of the file pla...

A vulnerability was identified in SourceCodester Online Magazine Management System 1.0. Affected by this issue is some unknown functionality of the fi...

A security flaw has been discovered in SourceCodester Online Magazine Management System 1.0. This affects an unknown part of the file /view_magazine.p...

A weakness has been identified in lsfusion platform up to 6.1. This vulnerability affects the function unpackFile of the file server/src/main/java/lsf...

A security vulnerability has been detected in wwwlike vlife up to 2.0.1. This issue affects the function create of the file vlife-base/src/main/java/c...

Improper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10.00. If this vulnerability is exploited, a man-in-the-m...

The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the _parse_dynamic_mfunc function, allowing unauthenticated u...

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext d...

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext c...

EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that resul...

A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success....

A flaw has been found in Dromara dataCompare up to 1.0.1. The affected element is the function DbConfig of the file src/main/java/com/vince/xq/project...

A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.p...

A vulnerability was found in Campcodes School Fees Payment Management System 1.0. This affects an unknown function of the file /ajax.php?action=save_c...

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone aut...

A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=l...

A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /manage_course.php....

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality...

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the fil...

A security vulnerability has been detected in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This affects an unknown p...

A vulnerability was detected in g33kyrash Online-Banking-System up to 12dbfa690e5af649fb72d2e5d3674e88d6743455. This vulnerability affects unknown cod...

Denial-of-service condition in M-Files Server versions before 25.11.15392.1, before 25.2 LTS SR2 and before 25.8 LTS SR2 allows an authenticated user ...

A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This...

A vulnerability has been identified in Mendix RichText (All versions >= V4.0.0 < V4.6.1). Affected widget does not properly neutralize the input. This...

A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258). The affected applications contains an out of...

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowed_book_sea...

A vulnerability was found in code-projects Nero Social Networking Site 1.0. The affected element is an unknown function of the file /profilefriends.ph...

A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the com...

A vulnerability was identified in itsourcecode Online Voting System 1.0. The affected element is an unknown function of the file /login.php. Such mani...

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action...

A weakness has been identified in itsourcecode Online Voting System 1.0. This affects an unknown function of the file /index.php?page=categories. Exec...

In a Bluetooth device, using RS9116-WiseConnect SDK experiences a Denial of Service, if it receives malformed L2CAP packets, only hard reset will brin...

A security vulnerability has been detected in Tenda CH22 1.0.0.1. This impacts the function fromPptpUserSetting of the file /goform/PPTPUserSetting. T...

A vulnerability was detected in 1000projects Design & Development of Student Database Management System 1.0. Affected is an unknown function of the fi...

Cross-Site Scripting (XSS) vulnerability exists in SourceCodester AI Font Matcher (nid=18425, 2025-10-10) that allows remote attackers to execute arbi...

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web applicati...

QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails ...

MyScreenTools v2.2.1.0 contains a critical OS command injection vulnerability in the GIF compression tool. The application fails to properly sanitize ...

OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.

GoSign Desktop through 2.4.1 disables TLS certificate validation when configured to use a proxy server. This can be problematic if the GoSign Desktop ...

PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php.

PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frm_id and aremark parameters in manage-tickets.php.

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via the aremark parameter in manage-tickets.php.

PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php.

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email, username, user_firstname, user_lastname, and user_address parameter...

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the formuser and formpassword parameters in /adminLogin.php.

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /client_user/feedback.php.

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivile...

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /sav...

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirm_order.php. Perfo...

An injection vulnerability has been discovered in the API feature in Digi On-Prem Manager, enabling an attacker with valid API tokens to inject SQL vi...

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read...

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update...

PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity (XXE) references. The application uses...

PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to...

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the recover_email parameter in user_password_recover.php.

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email parameter in user_login.php.

PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php.

A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown fun...

Nagios Log Server versions prior to 2026R1.0.1 contain an authenticated command injection vulnerability in the experimental 'Natural Language Queries'...

Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-wr...

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Multiple CWE-352 Cross-Site Request Forgery (CSRF)

CWE-20 Improper Input Validation

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read...

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. When the ESP32 is in advertising mode, if it receives a connection request co...

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command ...

@dependencytrack/frontend is a Single Page Application (SPA) used in Dependency-Track, an open source Component Analysis platform that allows organiza...

PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email and mobileno parameters in reset-password.php.

PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) via the search parameter in user-search.php.

PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and category parameters in subcategory.php.

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php.

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the admin page.

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php.

PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userrepor...

Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmware =...

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in forgot-password.php.

PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting (XSS) via the quantity parameter in my-cart.php.

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-de...

A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enroll...

A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controll...

IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system.

IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could sen...

A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /setti...

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functional...

IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Se...

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such man...

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /searc...

NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.1...

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown c...

A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of th...

A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.1...

A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVau...

A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior ...

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVaul...

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVaul...

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVaul...

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVaul...

A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6...

The The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all ver...

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....

A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boa...

A security flaw has been discovered in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /listorder.php. Per...

A vulnerability was determined in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /enrollment_edi...

The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivile...

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an a...

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could a...

The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the legacy chunked upload mechan...

Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, pote...

Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM may allow a sophisticated attacker with physic...

Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a de...

In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code e...

The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing v...

Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a cra...

Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S Setting Application all versio...

The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'vkExUnit_cta_url' and 'vkExUnit_cta_button...

The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_veu_custom_css' parameter in all versions...

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a ...

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer...

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a ...

The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mrpu_add...

The everviz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `everviz` shortcode attributes in versions up to, and including,...

The ArtiBot Free Chat Bot for WebSites plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and...

The WP Admin Microblog plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to mi...

The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugi...

The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or inco...

The Project Honey Pot Spam Trap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is ...

The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'ID' parameter in versions up to, and incl...

The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the format_classic func...

The WP Dropzone plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 1.1.0 via the `ajax_up...

The CSV to SortTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'csv' shortcode in all versions up to, and including, 4...

The Top Friends plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3. This is due to missing non...

The ACF Flexible Layouts Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'acf...

The Download Panel plugin for WordPress is vulnerable to unauthorized settings modification due to a missing capability check on the 'wp_ajax_save_set...

The Local Syndication plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5a via the `url` param...

The Category and Product Woocommerce Tabs plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0. This i...

SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL f...

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could man...

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute cod...

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. ...

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to...

The Gutenify – Visual Site Builder Blocks & Site Templates. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block a...

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Accordion Block's attributes in all...

The Coil Web Monetization plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to...

The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to unauthorized post modificatio...

The WP Twitter Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including,...

The Meta Display Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Meta Display Block in all versions up to, and includi...

The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handl...

The Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability...

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and...

The WP Duplicate Page plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.7. This is due to the plugin...

The wModes – Catalog Mode, Product Pricing, Enquiry Forms & Promotions plugin for WordPress is vulnerable to authorization bypass in versions up to, a...

The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightb...

The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.39. ...

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.2. This is ...

The Simple User Import Export plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.1.7 via the 'Import/export u...

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Open Street Map widget's marker conten...

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by knowing their...

The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, an...

The WP Migrate Lite – WordPress Migration Made Easy plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and...

Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del Este. This vulnerability allows an attacker to uploa...

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can constr...

An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices.

A low privileged remote attacker can upload any file to an arbitrary location due to missing file check resulting in remote code execution.

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resul...

Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules.

A security flaw has been discovered in SourceCodester Interview Management System 1.0. Affected is an unknown function of the file /editQuestion.php. ...

A weakness has been identified in SourceCodester Train Station Ticketing System 1.0. Affected by this vulnerability is an unknown functionality of the...

A security vulnerability has been detected in SourceCodester Train Station Ticketing System 1.0. Affected by this issue is some unknown functionality ...

SQL injection vulnerability in WinPlus v24.11.27 by Informática del Este. This vulnerability allows an attacker recover, create, update an delete data...

Stored Cross-site Scripting (XSS)vylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a...

Stored Cross-site Scripting (XSS)vylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a...

A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations...

A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array ind...

The Icon List Block – Add Icon-Based Lists with Custom Styles plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to,...

The Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more plugin for WordPress is vulnerable to Information Exp...

A vulnerability was detected in SourceCodester Train Station Ticketing System 1.0. This affects an unknown part of the file /ajax.php?action=save_stat...

A flaw has been found in SourceCodester Train Station Ticketing System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=save_...

A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades....

Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac ...

Windu CMS is vulnerable to Cross-Site Request Forgery in user editing functionality. Implemented CSRF protection mechanism can be bypassed by using CS...

Windu CMS is vulnerable to Broken Access Control in user editing functionality. Malicious attacker can send a GET request which allows privileged user...

Windu CMS is vulnerable to Cross-Site Request Forgery in user editing functionality. Malicious attacker can craft special website, which when visited ...

Windu CMS implements weak client-side brute-force protection by using parameter loginError. Information about attempt count or timeout is not stored o...

Windu CMS is vulnerable to Cross-Site Request Forgery in file uploading functionality. Malicious attacker can craft special website, which when visite...

Windu CMS is vulnerable to Stored Cross-Site Scripting (XSS) in the logon page where input data has no proper validation. Malicious attacker can injec...

Windu CMS is vulnerable to User Enumeration. This issue occurs during logon, where a difference in messages could allow an attacker to determine if th...

Windu CMS is vulnerable to multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the page editing endpoint windu/admin/content/pages/edit/. T...

A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 (Bhabishya-123/E-commerce). The site's client-side JavaScript reads attacke...

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroo...

The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.8 via the rest_helpers_creat...

A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOAP services in multip...

In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, cus...

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11 fail to enforce access permissions on the Agents plugin which allows other users to determin...

Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged use...

Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST...

Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive ...

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs (such as LSTAR) as an unpri...

A command injection vulnerability exists in the MCP Data Science Server's (reading-plus-ai/mcp-server-data-exploration) 0.1.6 in the safe_eval() funct...

A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input ...

The password change endpoint in Open Source Point of Sale 3.4.1 allows users to set their account password to an empty string due to missing server-si...

In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files,...

Value provided in one of POST parameters sent during the process of logging in to Times Software E-Payroll is not sanitized properly, which allows an ...

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Email TFA allows Functionality Bypass.This issue affects Email TFA: f...

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Simple multi step form allows Cross-Site ...

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from...

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue ...

User Interface (UI) Misrepresentation of Critical Information vulnerability in Drupal Drupal core allows Content Spoofing.This issue affects Drupal co...

Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control ...

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successfu...

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successfu...

GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. The manifest contains package URLs and...

An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, ...

A Heap-based Buffer Overflow vulnerability [CWE-122] in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may al...

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, For...

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7....

An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0...

An Out-of-bounds Write vulnerability [CWE-787] in FortiADC 8.0.0, 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.1 all versions, 7.0 al...

pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workst...

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7....

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0...

An Improper Privilege Management vulnerability [CWE-269] in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, ...

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiADC 7.4.0, FortiADC 7.2 all versions, FortiADC 7.1 all ve...

An improper neutralization of crlf sequences ('crlf injection') in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5, FortiMail 7....

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation,...

Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary code via a crafted PDF.

Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiWe...

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7....

An improper neutralization of special elements used in an SQL Command ("SQL Injection") vulnerability [CWE-89] in Fortinet FortiVoice 7.2.0 through 7....

A use of hard-coded credentials vulnerability in Fortinet FortiWeb 7.6.0, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versi...

A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all...

A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wire...

kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleting doctor logic. The applicati...

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.

eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow in the Time_t:: fraction() function.

Requarks Wiki.js 2.5.307 does not properly revoke or invalidate active JWT tokens when a user logs out. As a result, previously issued tokens remain v...

kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email parameter.

DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage.

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php.

Host Header Injection vulnerability in Backdrop CMS 1.32.1 allows attackers to manipulate the Host header in password reset requests, leading to redir...

An arbitrary file upload vulnerability in the /php/UploadHandler.php component of RichFilemanager v2.7.6 allows attackers to execute arbitrary code vi...

Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string() function of the C extension decoder (source/decoder...

A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only us...

A platform-level denial-of-service (DoS) vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an att...

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to condu...

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to condu...

A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an...

A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to ...

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated att...

HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are no...

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An auth...

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password function, leading to an email bombing vulnerability. An a...

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-...

A use-after-free vulnerability has been identified in the GNU GRUB (Grand Unified Bootloader). The flaw occurs because the file-closing process incorr...

Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges to read arbitrary files with elevated privileges ...

Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used all...

A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conver...

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remain...

A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-...

A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normal_...

The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Control due to missing authentication on critical admin...

The comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks adequate security escaping for user-controllable data in mu...

pnetlab 5.3.11 is vulnerable to Command Injection via the qemu_options parameter.

A Cross-Site Request Forgery (CSRF) vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to ...

A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service...

A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. ...

The Sencore SMP100 SMP Media Platform (firmware versions V4.2.160, V60.1.4, V60.1.29) is vulnerable to session hijacking due to improper session manag...

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unrestricted file upload vulnerability in the /patch.php end...

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unauthenticated file upload vulnerability in the /upload_fil...

A mongoc_bulk_operation_t may read invalid memory if large options are passed.

The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mech...

The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse ...

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a va...

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /ma...

XWiki AdminTools integrates administrative tools for managing a running XWiki instance. Prior to version 1.1, users without admin rights have access t...

Piwigo is a full featured open source photo gallery application for the web. In Piwigo 15.6.0, using the password reset function allows sending a pass...

KubeVirt is a virtual machine management add-on for Kubernetes. The `hostDisk` feature in KubeVirt allows mounting a host file or directory owned by t...

Emby Server is a personal media server. Prior to version 4.8.1.0 and prior to Beta version 4.9.0.0-beta, a malicious user can send an authentication r...

Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to ...

Kirby is an open-source content management system. From versions 5.0.0 to 5.1.3, attackers could change the title of any page or the name of any user ...

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a reflected cross-site scripting (XSS) vulnera...

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a weak password policy vulnerability was ident...

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. In versions from 1.3.3 to ...

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a boolean-based blind SQL injection vulnerabil...

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintende...

Tanium addressed an arbitrary file deletion vulnerability in TanOS.

The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.10.0 via ...

The New User Approve plugin for WordPress is vulnerable to unauthorized data disclosure in all versions up to, and including, 3.0.9 due to insufficien...

The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.10.0. This is due to ...

When the service of ABP and AES is installed in a directory writable by non-administrative users, an attacker can replace or plant a DLL with the same...

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via $item['field_id'] in all versions up to...

The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for WordPress is vulnerable to Authorization in versions up to, a...

The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.0.80. This is due to the...

The WavePlayer WordPress plugin before 3.8.0 does not have authorization in an AJAX action as well as does not validate the file to be copied locally,...

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access due to a ...

The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.3 via th...

The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'dayofyear' parameter in all versions up to, and including, 1.5.4 due...

The Pet-Manager – Petfinder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kwm-petfinder shortcode in all versions up to, a...

The WSChat – WordPress Live Chat plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'res...

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of data due to n incorrect capability check on the sitese...

The WP Login and Register using JWT plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mo_jwt...

The Booking Plugin for WordPress Appointments – Time Slot plugin for WordPress is vulnerable to unauthorized email sending in versions up to, and incl...

The FunnelKit – Funnel Builder for WooCommerce Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `wfop_phone` shortco...

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site...

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and includin...

Allocation of Resources Without Limits or Throttling vulnerability in Shelly Pro 4PM (before v1.6) allows Excessive Allocation via network.

Out-of-bounds Read in Shelly Pro 3EM (before v1.4.4) allows Overread Buffers.

The SureForms plugin for WordPress is vulnerable to Cross-Site Request Forgery Bypass in all versions up to, and including, 1.13.1. This is due to the...

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to ...

The Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers plugin for WordPress is vulnerable to St...

The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.9.1. This is due to the plugin's us...

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in al...

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issu...

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in Fortinet FortiADC 8.0.0, FortiADC 7.6.0 through 7.6.3...

An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbit...

A security flaw has been discovered in codehub666 94list up to 5831c8240e99a72b7d3508c79ef46ae4b96befe8. The impacted element is the function Login of...

Apache Causeway faces Java deserialization vulnerabilities that allow remote code execution (RCE) through user-controllable URL parameters. These vuln...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eksagate Electronic Engineering and Computer Ind...

Legacy Vivotek Device firmware uses default credetials for the root and user login accounts.

Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0, 8.0, 8.5, 9.0 may allow attackers to exploit user s...

Reflected XSS using a specific URL in Automated Logic WebCTRL and Carrier i-VU can allow delivery of malicious payload due to a specific GET parameter...

Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay.This issue af...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saysis Computer Systems Trade Ltd. Co. St...

The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable to Broken Access Control due to missing authenticati...

The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to improper session management on the /home....

A reflected cross-site scripting (XSS) vulnerability exists in the password change functionality of Pixeon WebLaudos 25.1 (01). The sle_sSenha paramet...

Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Acce...

Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Acce...

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This mani...

A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbc_raw_realloc of the file src/alloc.c. Such manipulation ...

The Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mecha...

The Axel Technology puma devices (firmware versions 0.8.5 to 1.0.3) are vulnerable to Broken Access Control due to missing authentication on the /cgi-...

The Axel Technology StreamerMAX MK II devices (firmware versions 0.8.5 to 1.0.3) are vulnerable to Broken Access Control due to missing authentication...

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a...

Github Restaurant Website Restoran v1.0 was discovered to contain a SQL injection vulnerability via the Contact Form page.

A reflected cross-site scripted (XSS) vulnerability in the /ecommerce/products.php component of E-commerce Project v1.0 and earlier allows attackers t...

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exist...

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exist...

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exist...

The Looker endpoint for generating new projects from database connections allows users to specify "looker" as a connection name, which is a reserved i...

An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) version 7.21 could allow an attacker...

A vulnerability was detected in Tenda CH22 1.0.0.1. Affected is the function formWrlExtraGet of the file /goform/WrlExtraGet. Performing manipulation ...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component (F2MAdmin) that exp...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an unauthenticated backup upload endpoint at AudioC...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component (F2MAdmin) that exp...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 contain an unauthenticated file read vulnerability via the...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\\F2MAdmin\\F2E with ...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 are vulnerable to an authenticated command injection in th...

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an authenticated command injection vulnerability in...

eGovFramework/egovframe-common-components versions up to and including 4.3.1 contain an unauthenticated file upload vulnerability via the /utl/wed/ins...

eGovFramework/egovframe-common-components versions up to and including 4.3.1 includes Web Editor image upload and related file delivery functionality ...

authentik is an open-source Identity Provider. Prior to versions 2025.8.5 and 2025.10.2, when authenticating with client_id and client_secret to an OA...

authentik is an open-source Identity Provider. Prior to versions 2025.8.5 and 2025.10.2, in previous authentik versions, invitations were considered v...

Astro is a web framework. Prior to version 5.14.3, a vulnerability has been identified in the Astro framework's development server that allows arbitra...

Astro is a web framework. Prior to version 5.15.8, a reflected XSS vulnerability is present when the server islands feature is used in the targeted ap...

Astro is a web framework. Prior to version 5.15.8, a mismatch exists between how Astro normalizes request paths for routing/rendering and how the appl...

Astro is a web framework. Prior to version 5.15.9, when using Astro's Cloudflare adapter (@astrojs/cloudflare) with output: 'server', the image optimi...

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authenticatio...

Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of th...

An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production ...

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface, firmware versions 1.01.18 and 1.02.00, allowing attackers to...

The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to broken access control due to improper authentication ch...

An issue was discovered in bridgetech VB288 Objective QoE Content Extractor, firmware version 5.6.0-8, allowing attackers to gain sensitive informatio...

The ELCA Star Transmitter Remote Control firmware 1.25 for STAR150, BP1000, STAR300, STAR2000, STAR1000, STAR500, and possibly other models, contains ...

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attacker can ...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR) vulnerability in the po...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR) vulnerability exists in...

esm.sh is a nobuild content delivery network(CDN) for modern web development. Prior to version 136, the esm.sh CDN service is vulnerable to path trave...

esm.sh is a nobuild content delivery network(CDN) for modern web development. Prior to version 136, The esm.sh CDN service contains a Template Literal...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference (IDOR) vulnerability allows an...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference (IDOR) vulnerability allows an...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the comment deletion API allows any authe...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization flaw in the comment creation endpoint al...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR) vulnerability allows an...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any au...

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization vulnerability allows any authenticated u...

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no vi...

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to version 1.35...

Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code could have been tricked ...

Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5.0-10, allows attackers to exe...

Homarr is an open-source dashboard. Prior to version 1.43.3, stored XSS vulnerability exists, allowing the execution of arbitrary JavaScript in a user...

WBCE CMS is a content management system. Prior to version 1.6.4, a low-privileged user in WBCE CMS can escalate their privileges to the Administrators...

Isar is an integration system for automated root filesystem generation. In versions 0.11-rc1 and 0.11, defining ISAR_APT_SNAPSHOT_DATE alone does not ...

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the database plan cache implementation.  A user with acces...

A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesyst...

A stored cross-site scripting (XSS) vulnerability is found in the text sharing feature of FileCodeBox version 2.2 and earlier. Insufficient input vali...

A vulnerability found in IPRateLimit implementation of FileCodeBox up to 2.2 allows remote attackers to bypass ip-based rate limit protection and fail...

GatesAir Flexiva-LX devices on firmware 1.0.13 and 2.0, including models LX100, LX300, LX600, and LX1000, expose sensitive session identifiers (sid) i...

The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code Execution (RCE) due to improper input validation on the ...

An issue was discovered in bridgetech VBC Server & Element Manager, firmware version 6.5.0-10 , 6.5.0-9, allowing unauthorized attackers to delete and...

D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by...

OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.9.5, an authenticated SQL Injection vu...

Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before...

A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. S...

A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this vulnerability is an unknown functionality of the file...

A vulnerability was determined in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file ...

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is m...

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause un...

Milos Paripovic OneCommander 3.102.0.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifica...

Campcodes Online Hospital Management System 1.0 is vulnerable to SQL Injection in /admin/index.php via the parameter username.

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code o...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in opentext uCMDB allows Stored XSS. The vul...

A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Ha...

A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue affects some unknown processing of the file /src/store...

A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0. Impacted is an unknown function of the file /src/stor...

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboar...

A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/admin_produ...

A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add_product.php. The m...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Narkom Communication and Software Technol...

Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Ac...

Improper input validation vulnerability in TP-Link System Inc. TL-WR940N V6 (UPnP modules), which allows unauthenticated adjacent attackers to perform...

An attacker could take over a Looker account in a Looker instance configured with OIDC authentication, due to email address string normalization.Looke...

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privileg...

The Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress is vulnerable to unauthorized access of data due to a missin...

A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an unknown function of the file C:\Program Files\Windows...

A weakness has been identified in jameschz Hush Framework 2.0. The impacted element is an unknown function of the file Hush\hush-lib\hush\Util.php of ...

A security vulnerability has been detected in Dreampie Resty up to 1.3.1.SNAPSHOT. This affects the function Request of the file /resty-httpclient/src...

A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /gofor...

A vulnerability was detected in macrozheng mall up to 1.0.3. Affected by this issue is the function delete of the file /member/readHistory/delete. Per...

A flaw has been found in Tenda AC21 16.03.08.16. This affects an unknown part of the file /goform/SetIpMacBind. Executing manipulation of the argument...

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation ...

A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulatio...

A vulnerability was determined in SourceCodester Online Shop Project 1.0. Impacted is an unknown function of the file /shop/register.php. This manipul...

A vulnerability was identified in SourceCodester Online Shop Project 1.0. The affected element is an unknown function of the file /action.php. Such ma...

A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function delete_forum/delete_career/delete_comme...

A security vulnerability has been detected in Public Knowledge Project omp and ojs 3.3.0/3.4.0/3.5.0. Impacted is an unknown function of the file plug...

A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), w...

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signat...

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting cra...

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited...

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optin that causes infinite HTTP redirects when accessed directly. This behavior can be exploited t...

In version 6.13.0 of LimeSurvey, any external user can cause a 500 error in the survey system by sending a malformed session cookie. Instead of displa...

Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library (<= 2.8.3) in...

Session tokens and passwords in couch-auth 0.21.2 are stored in JavaScript objects and remain in memory without explicit clearing in src/user.ts lines...

phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting (XSS) vulnerabilities across various components. User-supplied input from $_REQUE...

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQ...

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. The application passes user-controlled input from $_R...

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipu...

A Cross-Site Request Forgery (CSRF) vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwant...

Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux (any version with anti-virus databases prior to 18.11.2025), Kaspersky I...

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow in: /goform/SetVirtualServerCfg via the list parameter.

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the list parameter of /goform/setPptpUserList.

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the rebootTime parameter of /goform/SetSysAutoRebbotCfg.

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo.

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveParentControlInfo.

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next() to overindex an empty slice when ReadDir returns nil for an ...

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly validate or canonicalize input path segments. This allows...

IBM Concert 1.0.0 through 2.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict-Tr...

Cross Site Scripting vulnerability in Ilevia EVE X1 Server Firmware Version<= 4.7.18.0.eden:Logic Version<=6.00 - 2025_07_21 allows a remote attacker ...

An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 2025_07_21 and before allows a remote attacker to ex...

SOPlanning is vulnerable to Broken Access Control in /status endpoint. Due to lack of permission checks in Project Status functionality an authenticat...

SOPlanning is vulnerable to Predictable Generation of Password Recovery Token. Due to weak mechanism of generating recovery tokens, a malicious attack...

SOPlanning is vulnerable to Stored XSS in /groupe_form endpoint. Malicious attacker with medium privileges can inject arbitrary HTML and JS into websi...

SOPlanning is vulnerable to Stored XSS in /taches endpoint. Malicious attacker with medium privileges can inject arbitrary HTML and JS into website, w...

SOPlanning is vulnerable to Stored XSS in /projets endpoint. Malicious attacker with medium privileges can inject arbitrary HTML and JS into website, ...

SOPlanning is vulnerable to Stored XSS in /status endpoint. Malicious attacker with an account can inject arbitrary HTML and JS into website, which wi...

SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with user_manage_team role are allowed to modify permissions of users. ...

SOPlanning is vulnerable to Stored XSS in /feries endpoint. Malicious attacker with access to public holidays feature is able to inject arbitrary HTML...

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openS...

Lite XL versions 2.1.8 and prior automatically execute the .lite_project.lua file when opening a project directory, without prompting the user for con...

Lite XL versions 2.1.8 and prior contain a vulnerability in the system.exec function, which allowed arbitrary command execution through unsanitized sh...

When zx is invoked with --prefer-local=<path>, the CLI creates a symlink named ./node_modules pointing to <path>/node_modules. Due to a logic error in...

Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the mydetailsstudent.php endpoint. The `myds` GET parame...

ClipBucket v5 is an open source video sharing platform. In ClipBucket version 5.5.2, a change to network.class.php causes the application to dynamical...

Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, users can craft a "Time of Check to Time of Use" (TOCTOU) attack when ...

Stored cross site scripting (xss) vulnerability in SWISH prolog thru 2.2.0 allowing attackers to execute arbitrary code via crafted web IDE notebook.

Snipe-IT v8.3.4 (build 20218) contains a reflected cross-site scripting (XSS) vulnerability in the CSV Import workflow. When an invalid CSV file is up...

Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, Open OnDemand packages create world writable locations in the GEM_PATH...

Dataease is an open source data visualization analysis tool. Versions prior to 2.10.17 are vulnerable to JNDI injection. A blacklist was added in the ...

The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24 contains a remote code execution vulnerability.

The fetch function in file thinkphp\library\think\Template.php in ThinkPHP 5.0.24 allows attackers to read arbitrary files via crafted file path in a ...

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. I...

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability Edgenius.This issue affects ABB Ability Edgenius: 3.2.0.0, 3...

HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-relat...

HackerOne community member Dao Hoang Anh (yoyomiski) has reported an improper neutralization of whitespace in the username when adding new users. A us...

HackerOne community member Dao Hoang Anh (yoyomiski) has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An at...

An issue was discovered in Clerk-js 5.88.0 allowing attackers to bypass the OAuth authentication flow by manipulating the request at the OTP verificat...

Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability that allows an authenticated attacker to add arbitra...

Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in attacker to change other users' email address and pot...

Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a potential reflected XSS attack.

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to d...

Missing JSON Content-Type header in a script in Revive Adserver 6.0.1 and 5.5.2 and earlier versions causes a stored XSS attack to be possible for a l...

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information...

Insecure design policies in the user management system of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to have access t...

Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on the system to delete banners owned by other accoun...

Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to acquire inf...

Improper neutralization of input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes manager accounts to be able to craft XSS attacks to th...

Improper neutralisation of input in Revive Adserver 6.0.0+ causes a reflected XSS attack in the banner-zone.php script.

FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discov...

The affected product allows unauthenticated access to Real Time Streaming Protocol (RTSP) services, which may allow an attacker unauthorized access to...

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the...

An issue was discovered in weijiang1994 university-bbs (aka Blogin) in commit 9e06bab430bfc729f27b4284ba7570db3b11ce84 (2025-01-13). A weak verificati...

The affected products allow unauthenticated access to Open Network Video Interface Forum (ONVIF) services, which may allow an attacker unauthorized ac...

A vulnerability exists in the Opto22 Groov Manage REST API on GRV-EPIC and groov RIO Products that allows remote code execution with root privileges. ...

IBM Concert 1.0.0 through 2.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaSc...

IBM Concert 1.0.0 through 2.0.0 could allow a local user with specific permission to obtain sensitive information from files due to uncontrolled recur...

IBM Concert 1.0.0 through 2.0.0 could allow a local user to forge log files to impersonate other users or hide their identity due to improper neutrali...

IBM Concert 1.0.0 through 2.0.0 could disclose sensitive server information from HTTP response headers that could aid in further attacks against the s...

Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/ directory.

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /...

IBM webMethods Integration 10.11 through 10.11_Core_Fix22, 10.15 through 10.15_Core_Fix22, and 11.1 through 11.1_Core_Fix6 IBM webMethods Integration ...

Azure Bastion Elevation of Privilege Vulnerability

Microsoft SharePoint Online Elevation of Privilege Vulnerability

Azure Monitor Elevation of Privilege Vulnerability

Microsoft Defender Portal Spoofing Vulnerability

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network.

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature over a network.

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.ph...

vLLM is an inference and serving engine for large language models (LLMs). From versions 0.10.2 to before 0.11.1, a memory corruption vulnerability cou...

vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can crash the vLLM engine serving...

vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, the /v1/chat/completions and /tokenize ...

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1....

Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read...

The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In authkit-...

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's p...

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 4.2...

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capab...

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capab...

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capab...

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capab...

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have ...

The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate files withi...

LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an arbitrary script ...

LogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may create a new use...

Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations may be perfo...

LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes.

Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with ...

The UiPress lite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.08. This is due to mis...

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data due to...

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validati...

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'column_count' parameter in the [display-pages] ...

The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' parameter in the [notification] shortcode in...

The Stock Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'image_height' and 'image_width' shortcode attributes in all...

The Tips Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tip' shortcode in all versions up to, and including, 0.2...

The Islamic Phrases plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'phrases' shortcode attribute in all versions up to, and...

The BrightTALK WordPress Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'format' shortcode attribute in the brigh...

The Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin for WordPress is vulnerable to unauthenticated and unauthorized...

The Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin for WordPress is vulnerable to unauthorized modification of dat...

The Affiliate AI Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'asin' shortcode attribute in the affiai_img shortcode...

The Surbma | MiniCRM Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode attribute of the 'minicrm' sho...

The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' shortcode attribute of the 'audiotube' shortcode in ...

The Bulma Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' shortcode attribute in the bulma-notification sh...

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data due to...

The EchBay Admin Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the '_ebnonce' parameter in all versions up to, and...

The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capab...

The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and inclu...

The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'css_code' parameter in all versions up to, and including, 1.0....

The URL Image Importer plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, an...

The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_ajax_nopriv_checkbox_clean_l...

The Padlet Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'key' parameter in the 'wallwisher' shortcode in all ve...

The Pollcaster Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter in the 'pollcaster' shortcode in...

The Tainacan plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in all versions up to, and including, 1.0...

The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and inclu...

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions ...

The AuthorSure plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or i...

The HotelRunner Booking Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'hotelrunner' shortcode in all versi...

The Custom Post Type plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missin...

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions u...

The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in all versions up to, and...

The WPSite Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'format' shortcode attribute in the wpsite_y shortcode ...

The Shortcode for Google Street View plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'streetview' shortcode in all versions ...

The WP Company Info plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' attribute of the 'social-networks' shortcode in ...

The 简数采集器 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.6.3 via the __kds_flag functionality that ...

The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 2.0....

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all...

The Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories plugin for WordPress is vulnerable to u...

The Vitepos – Point of Sale (POS) for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in ...

The WP Delete Post Copies plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6...

The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpr_admin_msg' parameter in all versions up to...

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to SQL Injection via the 'term' parameter in all versio...

The Magical Products Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mpdpr_title_tag' and 'mpdpr_subtitle_tag' para...

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columns_search' parameter of the select_2_ajax() function in all ver...

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgroup_list in btrfs_add_qgroup_relation When btrfs_ad...

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've fo...

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpi_video_switch_brightness() The switch_bri...

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, ...

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capab...

The FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution plugin for WordPress is vulnerable to ...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold enfold allows Stored XSS.This issu...

Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email-subscribers allows Object Injection.This issue affect...

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Ret...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder a...

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-...

Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured A...

Cross-Site Request Forgery (CSRF) vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Cross Site Request Forg...

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.This issue affects...

Missing Authorization vulnerability in jgwhite33 WP Google Review Slider wp-google-places-review-slider allows Exploiting Incorrectly Configured Acces...

Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Giveaways and Contests by RafflePress rafflepress allows Cross Site Request Forgery.Thi...

Missing Authorization vulnerability in Jegstudio Gutenverse gutenverse allows Exploiting Incorrectly Configured Access Control Security Levels.This is...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo Extra envo-extra allows Stored X...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Funnel Builder by FunnelKit funnel-bui...

Missing Authorization vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Exploiting Incorrectly Configured Access Contro...

Missing Authorization vulnerability in tychesoftwares Custom Order Numbers for WooCommerce custom-order-numbers-for-woocommerce allows Exploiting Inco...

Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe...

Deserialization of Untrusted Data vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows Object Injection.This issue affects WP Webhooks: from n/a...

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorre...

Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issu...

Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows Exploiting Incorrectly Configured Access Control Security Leve...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Head Meta Data head-meta-data allows ...

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Level...

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Level...

Missing Authorization vulnerability in Shahjahan Jewel FluentCommunity fluent-community allows Exploiting Incorrectly Configured Access Control Securi...

Missing Authorization vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Exploiting Incorrectly Configured Access Control Se...

Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Sec...

Missing Authorization vulnerability in Property Hive PropertyHive propertyhive allows Exploiting Incorrectly Configured Access Control Security Levels...

Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Exploiting Incorrectly Configured Access C...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Skill Bar skt-skill-bar allows ...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Design Stylish Cost Calculator stylish-cost-calc...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bqworks Accordion Slider accordion-slider allows...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hupe13 Extensions for Leaflet Map extensions-lea...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-managemen...

Missing Authorization vulnerability in Imtiaz Rayhan Table Block by Tableberg tableberg allows Exploiting Incorrectly Configured Access Control Securi...

Cross-Site Request Forgery (CSRF) vulnerability in Igor Jerosimić I Order Terms i-order-terms allows Cross Site Request Forgery.This issue affects I O...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Camille V Travelers' Map travelers-map allows St...

Missing Authorization vulnerability in ThemeAtelier Chat Help chat-help allows Exploiting Incorrectly Configured Access Control Security Levels.This i...

Missing Authorization vulnerability in Sabuj Kundu CBX Bookmark & Favorite cbxwpbookmark allows Exploiting Incorrectly Configured Access Control Secur...

Missing Authorization vulnerability in Essential Plugin Featured Post Creative featured-post-creative allows Exploiting Incorrectly Configured Access ...

Missing Authorization vulnerability in Scott Paterson Subscriptions & Memberships for PayPal subscriptions-memberships-for-paypal allows Exploiting In...

Missing Authorization vulnerability in Merlot Digital (by TNC) TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Acces...

Missing Authorization vulnerability in octolize Cart Weight for WooCommerce woo-cart-weight allows Exploiting Incorrectly Configured Access Control Se...

Missing Authorization vulnerability in bPlugins Tiktok Feed b-tiktok-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nelio Software Nelio Popups nelio-popups allows ...

Missing Authorization vulnerability in WebToffee Accessibility Toolkit by WebYes accessibility-plus allows Exploiting Incorrectly Configured Access Co...

Missing Authorization vulnerability in ThemeAtelier Better Chat Support for Messenger better-chat-support allows Exploiting Incorrectly Configured Acc...

Missing Authorization vulnerability in theme funda Show Variations as Single Products Woocommerce woo-show-single-variations-shop-category allows Expl...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in MatrixAddons Easy Invoice eas...

The Mstoreapp Mobile App WordPress plugin through 2.08 and Mstoreapp Mobile Multivendor through 9.0.1 do not properly verify users identify when using...

Vault’s Terraform Provider incorrectly set the default deny_null_bind parameter for the LDAP auth method to false by default, potentially resulting in...

Terraform state versions can be created by a user with specific but insufficient permissions in a Terraform Enterprise workspace. This may allow for t...

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by in...

The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as priva...

The S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing...

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left...

This vulnerability allowed a site to enter fullscreen, after a user click, without a full-screen notification (toast) appearing. Without this notifica...

Wazuh is a security detection, visibility, and compliance open source project. From version 4.9.0 to before 4.13.0, the Wazuh API – Agent Configuratio...

A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss...

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent ...

Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service.

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0, a missing ACL on "C...

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load() when pa...

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::load_gguf() when...

Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, pot...

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fim_alert() impleme...

hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API. Prior to version 1.7.5, the public SenderContext Seal() ...

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant...

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim.

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This...

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user ...

With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS (perfect forward secrecy) and the client would continu...

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a de...

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Seq...

A spoofing issue was addressed with improved truncation when displaying the fully qualified domain name This issue is fixed in Safari 18.5, macOS Sequ...

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS...

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG...

PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder...

LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vul...

Langfuse is an open source large language model engineering platform. In versions from 2.95.0 to before 2.95.12 and from 3.17.0 to before 3.131.0, in ...

md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prior to version 5.2.5, a Markdown front-matter block ...

Minder is an open source software supply chain security platform. In Minder Helm version 0.20241106.3386+ref.2507dbf and Minder Go versions from 0.0.7...

SpiceDB is an open source database system for creating and managing security-critical application permissions. Prior to version 1.47.1, if a schema in...

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20...

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder

Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated atta...

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows f...

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cau...

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architect...

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Prior to version 3.26.7, Due to an error in validation it was possible...

thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread ...

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.

The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cookies_accepted sho...

The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to fake payment creation in all versions up to, and including, 1.1.7. Th...

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized modification od data due to a mis...

The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.96. This is due...

The CP Contact Form with PayPal plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.56. This is due ...

The GSheetConnector For Ninja Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'njform...

The Booking Calendar Contact Form plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.60. This is du...

The OneClick Chat to Order plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.8 via the ...

A weakness has been identified in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected is an unknown function of the fi...

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerabilit...

A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown func...

A flaw has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This affects an unknown part of the file /boafrm/formDdns. This mani...

A vulnerability has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This vulnerability affects unknown code of the file /boafrm...

A vulnerability was found in D-Link DIR-822K 1.00. This issue affects the function sub_455524 of the file /boafrm/formNtp. Performing manipulation of ...

A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpn...

A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The affected element is an unknown function of the file /bo...

A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the fil...

A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub_41C7FC of the file /boafrm/formPinManageSetup. This manipulati...

A security vulnerability has been detected in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /index.php of the...

A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component L...

A flaw has been found in Campcodes Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checklogin...

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code executi...

Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code executio...

A vulnerability has been found in Campcodes Online Polling System 1.0. Affected by this issue is some unknown functionality of the file /registeracc.p...

A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulat...

The security state of the calling processor into Arm® Trusted Firmware (TF-A) is not used and could potentially allow non-secure processors access to ...

A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This m...

A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argu...

The Secure Flag passed to Versal™ Adaptive SoC’s Arm® Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (P...

A security flaw has been discovered in SourceCodester Pre-School Management System 1.0. Impacted is the function removefile of the file app/controller...

A weakness has been identified in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the file /model/user/...

A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function show_content_in_floating_window/run_cmd_as_plu...

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This affects an unknown function of the file /admin/?page=establishment. The m...

A flaw has been found in itsourcecode COVID Tracking System 1.0. This impacts an unknown function of the file /admin/?page=people. This manipulation o...

A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/?page=city. Such manipula...

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?pa...

A vulnerability was determined in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /lis...

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including,...

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /delete_admin.php. Th...

A security flaw has been discovered in projectworlds can pass malicious payloads up to 1.0. This vulnerability affects unknown code of the file /add_b...

A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addc...

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function category_exists of the file /resources/functions/b...

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulati...

A flaw has been found in PHPGurukul Hostel Management System 2.1. The impacted element is an unknown function of the file /register-complaint.php. Exe...

A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. Th...

A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argum...

A vulnerability was determined in code-projects Library System 1.0. Affected is an unknown function of the file /mail.php. This manipulation of the ar...

A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file ...

A security flaw has been discovered in code-projects Jonnys Liquor 1.0. Affected by this issue is some unknown functionality of the file /detail.php o...

FMS developed by Otsuka Information Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execut...

A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the compon...

A security vulnerability has been detected in Eigenfocus up to 1.4.0. This vulnerability affects unknown code of the component Description Handler. Th...

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘site_id’ para...

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading...

The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticat...

The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.0 does not validate a parameter before redirecting the user to its va...

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Re...

A vulnerability was detected in code-projects COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipu...

A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. Th...

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy...

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier....

An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied scri...

A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a mal...

A Looker user with Developer role could create a database connection using Denodo driver and, by manipulating LookML, cause Looker to execute a malici...

Cross-Site Scripting (XSS) vulnerability stored in tha Taclia web application, where the uploaded SVG images are not properly sanitized. This allows t...

An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service.

The WP 2FA WordPress plugin does not generate backup codes with enough entropy, which could allow attackers to bypass the second factor by brute forci...

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsd_set_fh_dentry() nfsd exports a "pseudo root file...

Inadequate access control vulnerability in Davantis DFUSION v6.177.7, which allows unauthorised actors to extract images and videos related to alarm e...

Inadequate access control vulnerability in Davantis DDFUSION v6.177.7, which allows unauthorised actors to retrieve perspective parameters from securi...

NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS conne...

NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service...

Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service vi...

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of servi...

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of servi...

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of servi...

Array index error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a cra...

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of servi...

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake ...

Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization ...

Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization...

Apache Syncope can be configured to store the user password values in the internal database with AES encryption, though this is not the default option...

iStats contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via command injection.This issue af...

Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This ...

The extract_name function in Fluent Bit in_docker input plugin copies container names into a fixed size stack buffer without validating length. An att...

Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses unt...

Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs. An attacker with network access or the ability to w...

Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins contain a flaw in the tag_key validation logic that fails to enforce exact key-lengt...

A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product Manager from Release 3DEXPERIENCE R2023x through Release 3D...

A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x...

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete There is a BUG...

A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can lead to a fir...

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName.

An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive inform...

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the Npcf_BDTPolicyC...

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via the Nudm_SubscriberDataManagement API.

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the Nnssf_NSSAIAvai...

Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensitive information via sending a ...

An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path...

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 ...

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 ...

Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is Missing SSL Certificate Validation. The application fails to properly validate the TL...

Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is Missing SSL Certificate Validation. The application fails to properly validate the TL...

Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored ...

Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored ...

The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure. The application downloads and extracts update packa...

The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure. The application downloads and extracts update packa...

Xtooltech Xtool AnyScan Android Application 4.40.40 is Missing Authentication for Critical Function. The server-side endpoint responsible for serving ...

Xtooltech Xtool AnyScan Android Application 4.40.40 is Missing Authentication for Critical Function. The server-side endpoint responsible for serving ...

A Cross-Site Request Forgery (CSRF) in the /mwapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarily create ac...

A Cross-Site Request Forgery (CSRF) in the /mwapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarily create ac...

A Cross-Site Request Forgery (CSRF) in the /usapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarily create ac...

A Cross-Site Request Forgery (CSRF) in the /usapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarily create ac...

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (/MILLENSYS/settings) that is accessible without authentication...

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (/MILLENSYS/settings) that is accessible without authentication...

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform M...

body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attac...

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive serve...

Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash ...

A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface (AXI), po...

Cross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6.5.0 for Android and iOS, affects the Tuya Smart and Smar...

An issue was discovered in Cinnamon kotaemon 0.11.0. The _may_extract_zip function in the \libs\ktem\ktem\index\file\ui.py file does not check the con...

OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.

YCCMS 3.4 contains a stored cross-site scripting (XSS) vulnerability in the article management functionality. The vulnerability exists in the add() an...

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) contains hardcoded API credentials and ...

Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker...

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) versions prior to 1.3.4 contain an auth...

Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-Free condition potentially resulting in loss of co...

Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate privileges from user space to kernel space, potentia...

Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive informatio...

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or den...

Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in loss o...

alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the "userName" parameter.

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces a...