CVE-2026-34245

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the plugin/PlayLists/View/Playlistsschedules/add.json.php endpoint allows any authenticated user with streaming permission to create or modify broadcast schedules targeting any playlist on the platform, regardless...

CVE-2025-57818

Firecrawl turns entire websites into LLM-ready markdown or structured data. Prior to version 2.0.1, a server-side request forgery SSRF vulnerability was discovered in Firecrawl's webhook functionality. Authenticated users could configure a webhook to an internal URL and send POST requests with...

CVE-2022-45185

CVE-2022-45185 affects SuiteCRM 7.12.7. Authenticated users can upload malicious files through CRM functions, and Minecraft-like… sorry, deserialization can be used to achieve code execution. The Red Hat and OSV entries confirm the same description. The documented impact is high (CVE-3.1 base sco...

PT-2022-5187 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 11.2.1 Description: The issue is related to the transmission of critical information in plain text. Exploitation of this issue may allow a remote attacker to disclose protected information. It is...