Lucene search
K

291 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/26 12:0 a.m.7 views

GLSA-202511-06 : libpng: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202511-06 libpng: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libpng. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly fro...

7.1CVSS5.7AI score0.00352EPSS
Exploits5References6
Redos
Redos
added 2025/11/25 12:0 a.m.10 views

ROS-20251125-04

A vulnerability in OpenBao's secret management and encryption system is related to the fact that the software stores sensitive information in log files. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...

7.5CVSS6.8AI score0.00286EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.8 views

PT-2025-47540

Name of the Vulnerable Software and Affected Versions freeprojectscodes Sports Club Management System version 1.0 Description A flaw exists in freeprojectscodes Sports Club Management System 1.0 that allows for SQL injection. The issue is located in an unknown function within the...

7.5CVSS7.5AI score0.00394EPSS
Exploits1References7
CVE
CVE
added 2025/11/17 8:2 p.m.15 views

CVE-2025-13299

The CVE-2025-13299 entry concerns itsourcecode Web-Based Internet Laboratory Management System 1.0. Several connected sources (CNVD-2025-29439, RH/CVE-2025-13299, CNNVD-202511-1860, PT-2025-47203) confirm a SQL injection vulnerability in the file /user/controller.php. Attack surface: remote explo...

9.8CVSS7AI score0.00346EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/11/15 4:15 p.m.7 views

CVE-2025-13200

A vulnerability was determined in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality. This manipulation causes exposure of information through directory listing. The attack is possible to be carried out remotely. The exploit has been publicly...

6.9CVSS0.00402EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/11/15 12:0 a.m.6 views

PT-2025-47057

Name of the Vulnerable Software and Affected Versions Simple Cafe Ordering System version 1.0 Description A SQL injection issue exists in Simple Cafe Ordering System 1.0. The issue is related to the manipulation of the Username parameter within the /login.php file. This manipulation can be...

9.8CVSS7.5AI score0.00411EPSS
Exploits1References12
OSV
OSV
added 2025/11/14 8:15 p.m.2 views

CVE-2025-13181

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...

4.8CVSS4.2AI score0.00256EPSS
Exploits1References5
EUVD
EUVD
added 2025/11/07 6:30 p.m.6 views

EUVD-2025-38271

A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/specadd.php. This manipulation of the argument flags causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

5.8CVSS6.5AI score0.00296EPSS
Exploits0References5
CVE
CVE
added 2025/11/07 3:2 p.m.16 views

CVE-2025-12860

Summary: CVE-2025-12860 affects DedeBIZ up to version 6.3.2. An SQL injection can be triggered by manipulating the orderby parameter in /admin/freelist_main.php. The vulnerability is exploitable remotely and the public exploit is available. Multiple connected sources corroborate the issue and its...

7.2CVSS5.2AI score0.00296EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/10/17 8:32 p.m.22 views

CVE-2025-11914

The CVE-2025-11914 entry concerns Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The Vulnerable component is the Download function at /DeviceFileReport.do?Action=Download, where manipulating the FilePath argument enables path traversal. The attack could be initiated remotely, and public expl...

7.5CVSS6.4AI score0.00813EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/10/08 1:15 p.m.4 views

CVE-2025-11475

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

9.8CVSS5.8AI score0.00387EPSS
Exploits1References5
OSV
OSV
added 2025/10/08 1:15 p.m.4 views

CVE-2025-11474

A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbooking.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has...

9.8CVSS6.5AI score0.00367EPSS
Exploits1References5
CVE
CVE
added 2025/10/05 5:32 a.m.17 views

CVE-2025-11284

CVE-2025-11284 describes a vulnerability in Zytec Dalian Zhuoyun Technology Central Authentication Service (CAS) v3, affecting the HTTP Header Handler component. The flaw arises from a vulnerable handling of the Authorization argument in the request to /index.php/auth/Ops/git, which can lead to u...

7.5CVSS6.4AI score0.0044EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24685

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00371EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24645

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00352EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24136

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.0053EPSS
Exploits1References6
CVE
CVE
added 2025/09/29 4:2 a.m.28 views

CVE-2025-11140

The CVE-2025-11140 issue affects Bjskzy Zhiyou ERP up to v11.0, specifically the function openForm in com.artery.richclient.RichClientService. The vulnerability arises from manipulating the argument contentString, enabling an XML External Entity (XXE) reference. It can be exploited remotely, and ...

9.8CVSS6.5AI score0.00575EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/28 12:0 a.m.6 views

PT-2025-39767

Name of the Vulnerable Software and Affected Versions Projectworlds Online Tours and Travels version 1.0 Description A security issue exists in Projectworlds Online Tours and Travels 1.0 related to unrestricted file upload. The issue is located in the /admin/change-image.php file, where...

5.8CVSS4.5AI score0.00351EPSS
Exploits1References8
NVD
NVD
added 2025/09/27 9:15 p.m.9 views

CVE-2025-11079

A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this issue is some unknown functionality. The manipulation results in file and directory information exposure. The attack may be performed from remote. The exploit has been released to the public and may be...

9.8CVSS0.00835EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.7 views

PT-2025-39462

Name of the Vulnerable Software and Affected Versions JeecgBoot versions through 3.8.2 Description A security flaw exists in JeecgBoot related to improper authorization. The issue is located in an unknown function within the /sys/user/exportXls file of the Filter Handler component. The flaw is...

6.5CVSS4.6AI score0.00368EPSS
Exploits1References8
Rows per page
Query Builder