CVE-2025-0575

A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the component Rooting Detection. The manipulation leads to protection mechanism failure. The attack needs to be approached locally. The complexity...

CVE-2025-0870

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of ...

CVE-2024-10073

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

CVE-2024-0942

A vulnerability was found in Totolink N200RE V5 9.3.5u.6255B20211224. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2024-11619

A vulnerability, which was classified as problematic, has been found in macrozheng mall up to 1.0.3. Affected by this issue is some unknown functionality of the component JWT Token Handler. The manipulation leads to use of default cryptographic key. The complexity of an attack is rather high. The...

CVE-2024-12663

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The...

CVE-2025-4769

The CVE-2025-4769 entry concerns CBEWIN Anytxt Searcher 1.3.1128.0, affecting ATService.exe with an uncontrolled search path vulnerability. According to PT-Security, exploitation requires local access, with high attack complexity and low privileges, leading to a potential local escalation or impa...

CVE-2025-4532

A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunloginguard.exe. The manipulation leads to uncontrolled search path. Local access is required to...

CVE-2025-4534

The CVE-2025-4534 entry concerns SunGrow Logger1000 (version 01_A). Technical details across connected docs indicate a weakness in password policy that leads to weak password requirements. The vulnerability is described as exploitable remotely with high attack complexity, and exploitation has bee...

PT-2025-20661 · Hainan · Hainan Todesk

Name of the Vulnerable Software and Affected Versions: Hainan ToDesk version 4.7.6.3 Description: A critical vulnerability was found in Hainan ToDesk, affecting unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to an uncontrolled search path, making ...

PT-2025-20666 · D Link · D-Link Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 versions up to 16.07.26A1 Description: A critical issue affects the processing of the file /ddos.asp of the component jhttpd. The manipulation of the arguments def max, def time, def tcp max, def tcp time, def udp max, def udp...

PT-2025-20646

Name of the Vulnerable Software and Affected Versions Discord version 1.0.9188 Description A critical issue has been found in Discord, affecting some unknown functionality in the library WINSTA.dll. This issue leads to an uncontrolled search path. The attack must be approached locally and has a...

CVE-2025-4455

CVE-2025-4455 affects Patch My PC Home Updater (versions up to 5.1.3.0). The issue is an uncontrolled search path (DLL search path manipulation) impacting multiple system DLLs (advapi32.dll, BCrypt.dll, comctl32.dll, crypt32.dll, dwmapi.dll, gdi32.dll, gdiplus.dll, imm32.dll, iphlpapi.dll, kernel...

PT-2025-20458 · Microsoft +2 · Comctl32.Dll +21

Name of the Vulnerable Software and Affected Versions: Patch My PC Home Updater versions up to 5.1.3.0 Description: A critical issue affects some unknown processing in various system libraries, including advapi32.dll, BCrypt.dll, comctl32.dll, crypt32.dll, dwmapi.dll, gdi32.dll, gdiplus.dll,...

CVE-2025-3954

CVE-2025-3954 affects ChurchCRM 5.16.0, targeting an unknown functionality in the Referer Handler that enables server-side request forgery (SSRF). The issue can be triggered remotely over a network, with attack complexity rated HIGH and exploitation deemed difficult; multiple sources note the exp...

MST3 Encryption Improvement with Three-Parameter Group of Hermitian Function Field

This scholarly work presents an advanced cryptographic framework utilizing automorphism groups as the foundational structure for encryption scheme implementation. The proposed methodology employs a three-parameter group construction, distinguished by its application of logarithmic signatures...

CVE-2025-3555 ScriptAndTools eCommerce-website-in-PHP login.php excessive authentication

A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected is an unknown function of the file /login.php. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack remotely. The...

CVE-2025-3329 Consumer Comanda Mobile Restaurant Order cleartext transmission

A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3.2/15.0.0.8. This affects an unknown part of the component Restaurant Order Handler. The manipulation of the argument Login/Password leads to cleartext transmission of sensitive information. The attack...

CVE-2025-3329

CVE-2025-3329 affects Consumer Comanda Mobile (versions 14.9.3.2 through 15.0.0.8) in the Restaurant Order Handler component. The issue is the manipulation of the Login/Password argument, which results in sensitive information being transmitted in clear text. Exploitation requires proximity (loca...

CVE-2025-3177

Concerning CVE-2025-3177, multiple connected sources confirm a vulnerability in FastCMS 0.1.5 affecting the JWT Handler component, specifically the use of a hard-coded cryptographic key. Access is remote, attack complexity is high, and no privileges are required. The Public disclosure status is n...