8 matches found
CVE-2025-8025
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...
PT-2026-7577
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...
CVE-2025-9549 Facets - Moderately critical - Information Disclosure - SA-CONTRIB-2025-099
Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...
Jupyter Remote Desktop Proxy 安全漏洞
Jupyter Remote Desktop Proxy is an open source application from JupyterHub. A security vulnerability exists in Jupyter Remote Desktop Proxy versions prior to 3.0.1, which stems from the fact that the VNC server remains accessible over the network when used with TigerVNC...
WordPress plugin Silvasoft boekhouden SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Silvasoft...
Pallets Werkzeug Buffer Error Vulnerability
Pallets Werkzeug is a WSGI web application library. A security vulnerability exists in Pallets Werkzeug versions prior to 3.0.1, which stems from a vulnerability that allows an attacker to cause a denial of service by sending carefully crafted multi-part data...
DEBIAN-CVE-2021-23215
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR...
Sql injection
SQL injection vulnerability in bbadmin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable...