12 matches found
CVE-2025-40841
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery CSRF vulnerability which, if exploited, can lead to unauthorized modification of certain information...
PT-2025-41349
Name of the Vulnerable Software and Affected Versions Versions prior to 2025-47342 Description A temporary denial-of-service condition might happen when multiple profiles are used at the same time with QHS enabled. Recommendations At the moment, there is no information about a newer version that...
CVE-2025-8411 XSS in Dokuzsoft Technology's E-Commerce Web Design Product
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Dokuzsoft Technology E-Commerce Web Design Product allows XSS Through HTTP Headers. This issue affects E-Commerce Web Design Product: before 11.08.2025...
PT-2025-33131 · Webview · Webview
Name of the Vulnerable Software and Affected Versions: versions prior to 2025-27388 Description: Loading arbitrary external URLs through WebView components introduces malicious JavaScript JS code that can steal arbitrary user tokens. Recommendations: At the moment, there is no information about a...
Arm Development Studio 代码问题漏洞
Arm Development Studio is a software development tool designed for the Arm architecture from Arm UK. A code issue vulnerability exists in versions prior to Arm Development Studio 2025 that stems from an uncontrolled search path element that could lead to a DLL hijacking attack...
Salesforce OmniStudio 安全漏洞
Salesforce OmniStudio is a digitization platform from US-based Salesforce, Inc. A security vulnerability exists in versions of Salesforce OmniStudio prior to 2025, which stems from an improper privilege retention issue that could lead to the disclosure of encrypted data...
Salesforce OmniStudio 安全漏洞
Salesforce OmniStudio is a digitization platform from US-based Salesforce, Inc. A security vulnerability exists in Salesforce OmniStudio versions prior to 2025 that stems from an improper privilege retention issue that could lead to field-level security control bypass...
PT-2025-8947 · Unknown · Yukseloglu Filter B2B Login Platform
Name of the Vulnerable Software and Affected Versions: Yukseloglu Filter B2B Login Platform versions prior to 16.01.2025 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection...
CVE-2024-12251
In Progress Telerik UI for WinUI versions prior to 2025 Q1 3.0.0, a command injection attack is possible through improper neutralization of hyperlink elements...
Progress Telerik Document Processing Libraries 路径遍历漏洞
Progress Telerik Document Processing Libraries is a document processing library from Progress USA. A path traversal vulnerability exists in Progress Telerik Document Processing Libraries prior to version 2025 Q1, which stems from the fact that an unzip archive operation could lead to arbitrary fi...
PT-2025-3559 · Msfm · Msfm
Name of the Vulnerable Software and Affected Versions: MSFM versions prior to 2025.01.01 Description: The issue is related to a SQL injection vulnerability via the s name parameter at the "table/list" endpoint. This vulnerability allows for potential exploitation. No information is provided about...
PT-2024-27240 · Autodesk · Autodesk Revit
Name of the Vulnerable Software and Affected Versions: Autodesk Revit versions prior to 2025 Description: A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. This allows a malicious actor to execute arbitrary code in the context of the current process...