EUVD-2025-26377

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass. This issue affects OctoCloud: from s1.09.03 before v1.11.01...

EUVD-2025-210041

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...

EUVD-2025-210019

Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer...

EUVD-2025-209888

ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection...

EUVD-2025-209884

Medical Management System a81df1ce700a9662cb136b27af47f4cbde64156b is vulnerable to Insecure Permissions, which allows arbitrary user password reset...

EUVD-2025-209836

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient input validation...

EUVD-2025-209724

NPM package next-npm-version1.0.1 is vulnerable to Command injection...

EUVD-2025-209487

Nordic Semiconductor IronSide SE for nRF54H20 before 23.0.2+17 has an Algorithmic complexity issue...

EUVD-2025-209230

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

EUVD-2025-209021

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...

EUVD-2025-209019

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

EUVD-2025-209008

IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user...

EUVD-2025-208983

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting XSS vulnerability which, if exploited, can lead to unauthorized disclosure and modification of certain information...

EUVD-2025-208911

AWStats 8.0 is vulnerable to Command Injection via the open function...

EUVD-2025-208891

Bitcoin Core 0.13.0 through 29.x has an integer overflow...

EUVD-2025-208465

PROBLEMTYPE in COMPONENT in VENDOR PRODUCT VERSION on PLATFORMS allows ATTACKER to IMPACT via VECTOR...

EUVD-2025-208462

Affected ProductsVersionsInfoSphere Data Architect9.2.1...

EUVD-2025-208449

An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

EUVD-2025-206890

Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...

EUVD-2025-206831

Tanium addressed a documentation issue in Engage...