CVE-2025-8742 macrozheng mall Admin Login excessive authentication

A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The...

CVE-2025-8708 Antabot White-Jotter com.gm.wj.config.ShiroConfiguration ShiroConfiguration.java CookieRememberMeManager deserialization

A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input EVANNIGHTLYWAOU leads...

PT-2025-32413 · Unknown · Macrozheng Mall

Name of the Vulnerable Software and Affected Versions: macrozheng mall versions up to 1.0.3 Description: A vulnerability exists in macrozheng mall up to version 1.0.3, involving the cleartext transmission of sensitive information. The vulnerability affects an unknown functionality of the...

CVE-2025-8528

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The...

CVE-2025-8548

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...

CVE-2025-8537

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack...

CVE-2025-8534 libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PSLvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity ...

CVE-2025-8534 libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PSLvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity ...

CVE-2025-8528

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The...

CVE-2025-8528 Exrick xboot getMenuList sensitive information in a cookie

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The...

PT-2025-31873 · Exrick · Exrick Xboot

Name of the Vulnerable Software and Affected Versions: Exrick xboot versions through 3.3.4 Description: A problematic issue has been identified in Exrick xboot. The issue resides in an unknown function within the /xboot/permission/getMenuList file. Manipulation of this function results in the...

PT-2025-31805 · Intelbras · Intelbras Incontrol

Name of the Vulnerable Software and Affected Versions: Intelbras InControl version 2.21.60.9 Description: A vulnerability exists in Intelbras InControl that allows for information disclosure. The issue is related to the processing of the /v1/operador/ JSON Endpoint. The exploitation of this issue...

CVE-2025-49084

CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access can overwrite policy rules without the requisite permissions. The attack complexity is low, attack requirements are present, privileges required are...

CVE-2025-49082

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read other settings. The attack...

UBUNTU-CVE-2024-13978

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiffinit of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally...

CVE-2024-13978

CVE-2024-13978 affects LibTIFF up to 4.7.0, specifically the t2p_read_tiff_init function in fax2ps (tools/tiff2pdf.c). The flaw causes a null pointer dereference and is exploitable locally with high attack complexity; patches are available. Public docs (Debian LTS) confirm the vulnerability and p...

CVE-2025-54085

CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read or change other settings. The...

CVE-2025-49082

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read other settings. The attack...

CVE-2025-49082

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read other settings. The attack...

CVE-2025-49082

CVE-2025-49082 affects the management console of Absolute Secure Access, prior to version 13.56. The vulnerability allows attackers who have administrative access and a specific set of permissions to bypass permission checks and read other settings. According to the provided documents, attack com...