CVE-2024-9531

The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mvxsentdeactivationrequest' function in all versions up to, and including, 4.2.4. This makes it possible f...

CVE-2024-43930

Cross-Site Request Forgery CSRF vulnerability in eyecix JobSearch allows Cross Site Request Forgery.This issue affects JobSearch: from n/a through 2.5.3...

CVE-2019-14077

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability (CVE-2025-27907)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Product...

CVE-2025-30706

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attac...

AZL-62190 CVE-2025-30689 affecting package mysql for versions less than 8.0.42-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

CVE-2025-0124

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include syste...

CVE-2025-32150

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows PHP Local File Inclusion.This issue affects Real Estate Manager: from n/a through = 7.3...

CVE-2024-58045

Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. Huawei EMUI and HarmonyOS have a bypass privilege checking vulnerability that can be exploited by an attacker to...

Fedora: Security Advisory (FEDORA-2025-2543c24e23)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-13648 · WordPress · Gfazioli Wp Cleanfix

Name of the Vulnerable Software and Affected Versions: Gfazioli WP Cleanfix versions through 5.6.2 Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. This enables potential unauthorized access...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS. An attacker exploited the vulnerability to affect availability...

CVE-2024-51530

CVE-2024-51530 is described in connected sources as a LaunchAnywhere vulnerability in the Huawei HarmonyOS/EMUI account module (launcherAnyWhere). The impact stated across sources is potential confidentiality exposure. Public details about affected versions, root cause, exploitability, and fixes ...

CVE-2024-51525

Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2024-8878 Unauthenticated Password Reset

The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...

CVE-2024-41849 Adobe Experience Manager | Improper Input Validation (CWE-20)

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass. An low-privileged attacker could leverage this vulnerability to slightly affect the integrity of the page. Exploitation of this issue...

CVE-2023-46146

Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5...

BELL-CVE-2024-34161 CVE-2024-34161 does not affect BellSoft software

Bulletin has no description...

CVE-2024-3701 Improper Authentication in com.transsion.kolun.aiservice

The system application com.transsion.kolun.aiservice component does not perform an authentication check, which allows attackers to perform malicious exploitations and affect system services...