EUVD-2025-209147

Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none...

Pega Platform 安全漏洞

Pega Platform is an enterprise management platform from Pega Corporation, USA. A security vulnerability exists in Pega Platform versions 7.1.0 through Infinity 25.1.0, which stems from a difference in response time during user authentication and could lead to a user enumeration attack...

EUVD-2025-2919

Malicious code in bioql PyPI...

CVE-2025-1501

An access control vulnerability was discovered in the Request Trace and Download Trace functionalities of CMC before 25.1.0 due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can request and download...

CVE-2025-1501

The CVE-2025-1501 vulnerability affects Nozomi Networks Guardian/CMC prior to v25.1.0, where improper access controls in the Request Trace and Download Trace features allow an authenticated user with limited privileges to request and download trace files, potentially exposing unauthorized network...

PT-2025-34753 · Cmc · Cmc

Name of the Vulnerable Software and Affected Versions: CMC versions prior to 25.1.0 Description: An access control issue was identified in the Request Trace and Download Trace functionalities. Improper access restrictions allow authenticated users with limited privileges to request and download...

Sentry 安全漏洞

Sentry is a developer-oriented bug tracking and performance monitoring platform from Sentry Open Source. A security vulnerability exists in Sentry versions 25.1.0 through 25.5.1, which originates from an authenticated attacker being able to access a project's problematic endpoints and perform...

CVE-2025-22693

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows SQL Injection.This issue affects Contest Gallery: from n/a through = 25.1.0...

CVE-2025-22693

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Contest Gallery Contest Gallery allows SQL Injection. This issue affects Contest Gallery: from n/a through 25.1.0...

CVE-2025-22693 WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Contest Gallery Contest Gallery allows SQL Injection. This issue affects Contest Gallery: from n/a through 25.1.0...

WordPress plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Contest Gallery versions = 25.1.0...