CVE-2025-52988

creationtimestamp| type| source ---|---|--- 2025-07-11 16:20:52+00:00| seen| Telegram/G1BVFjjVwHoVhe8TZ-X1B5VzW6v5zvPrMvVXiBrcgvjc24...

CVE-2025-53006

DataEase before version 2.10.11 vulnerable due to improper handling of SSL-related JDBC connection parameters (sslfactory, sslfactoryarg, sslhostnameverifier, sslpasswordcallback, authenticationPluginClassName) which must be triggered after the connection is established. This affects PostgreSQL a...

CVE-2025-50695

creationtimestamp| type| source ---|---|--- 2025-06-24 16:47:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19379 2025-06-24 20:29:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsewrwzik22o...

CVE-2025-6569

creationtimestamp| type| source ---|---|--- 2025-06-24 15:47:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19363 2025-06-24 16:32:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsejjzceqq2r...

The vulnerability of the SLNX PC Client of the embedded application and document management tool RICOH Streamline NX allows a perpetrator to elevate their privileges and execute arbitrary code.

The vulnerability of the SLNX PC Client of the embedded application and document management tool RICOH Streamline NX lies in the use of an unreliable data source during the download of updates. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary cod...

Dmacroweb DM Corporative CMS 安全漏洞

Dmacroweb DM Corporative CMS is a content management system from the Spanish company Dmacroweb. Dmacroweb DM Corporative CMS suffers from an insecure direct object reference vulnerability, which stems from the failure of the option parameter in the file /administer/selectionnode/framesSelection.a...

CVE-2025-0691

creationtimestamp| type| source ---|---|--- 2025-06-05 14:39:24+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqukdxealci2...

CVE-2025-5688

creationtimestamp| type| source ---|---|--- 2025-06-04 17:38:25+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114626311294944724 2025-06-04 17:47:09+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqseem5hgaa2 2025-06-06...

CVE-2025-5368

creationtimestamp| type| source ---|---|--- 2025-05-31 04:28:24+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqgvtfaz7f42 2025-05-31 08:12:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqhcfortmr2q...

CVE-2024-6055

Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration fil...

CVE-2024-10602

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file /general/approvecenter/list/inputform/datapickerlink.php. The manipulation of the argument dataSrc leads to sql injection. The attack may be launched...

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

CVE-2022-41263

Due to a missing authentication check, SAP Business Objects Business Intelligence Platform Web Intelligence - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the...

CVE-2022-3641

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account...

CVE-2019-13348

In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...

CVE-2025-5052

creationtimestamp| type| source ---|---|--- 2025-05-22 01:35:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lppxzrrcvj2m...

CVE-2009-0609

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

CVE-2024-49925

creationtimestamp| type| source ---|---|--- 2025-05-16 07:34:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16657 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

CVE-2025-28074

creationtimestamp| type| source ---|---|--- 2025-05-08 21:15:21+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3looteghxxqh2 2025-05-08 21:25:41+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15628 2025-05-08...

CVE-2025-45020

creationtimestamp| type| source ---|---|--- 2025-04-30 13:13:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14024 2025-04-30 15:55:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo25tbbs2z2o 2025-04-30 16:14:28+00:00| seen|...