CVE-2025-6231

An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying an application configuration file...

CVE-2025-4375 Cross-Site Request Forgery vulnerability in Pro Cloud Server's WebEA

Cross-Site Request Forgery CSRF vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password. This issue affec...

Amazon Linux 2 : openssl-snapsafe (ALASOPENSSL-SNAPSAFE-2024-006)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2OPENSSL-SNAPSAFE-2024-006 advisory. Issue summary: Calling the OpenSSL API function SSLselectnextproto with anempty supported client protocol...

PHP-Nuke Error Manager Module 2.1 - error.php Multiple Cross-Site Scripting Vulnerabilities

PHP-Nuke Error Manager Module 2.1 - error.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/9911/info It has been reported that Error Manager is prone to multiple vulnerabilities. These issues are due to failure to validate user input, failure to handle...