CVE-2025-2032

creationtimestamp| type| source ---|---|--- 2025-03-06 19:41:32+00:00| seen| https://t.me/cvedetector/19715 2025-08-18 13:31:23+00:00| seen| MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3 2025-08-19 02:47:43+00:00| seen| MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3...

CVE-2025-1905

creationtimestamp| type| source ---|---|--- 2025-03-04 05:30:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6341 2025-03-04 08:18:31+00:00| seen| https://t.me/cvedetector/19470 2025-08-18 18:31:00+00:00| seen| MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7...

CVE-2025-1902

creationtimestamp| type| source ---|---|--- 2025-03-04 04:34:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6316 2025-03-04 06:01:30+00:00| published-proof-of-concept| Telegram/macVH0v7i2nzlHDG3843dn9M-u-r9AI0mgz7c0Lv52YB4Bs 2025-08-19 13:26:46+00:00| seen|...

CVE-2025-22624 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 - Reflected cross-site scripting (XSS)

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php...

CVE-2024-6261

creationtimestamp| type| source ---|---|--- 2025-02-27 06:24:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5654 2025-02-27 08:42:04+00:00| seen| https://t.me/cvedetector/19019 2025-08-22 14:52:22+00:00| seen| MISP/24306fae-b16b-4478-9297-d2973cdb583c...

WordPress plugin FooGallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2024-53573

creationtimestamp| type| source ---|---|--- 2025-02-26 22:24:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5632 2025-02-26 23:33:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj4jzthcqz2c 2025-02-27 00:19:21+00:00| seen| https://t.me/cvedetector/18...

CVE-2024-22341

IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management...

CVE-2024-37363

The CVE-2024-37363 entry concerns Hitachi Vantara Pentaho Business Analytics Server. Affected versions include before 10.2.0.0 and before 9.3.0.8, including 8.3.x. The root cause is an improper authorization check in the data source management service (CWE-862), allowing actors to access resource...

CVE-2023-50740

In Apache Linkis =1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. We recommend users upgrade the version of Linkis to version 1.5.0...

CVE-2023-29216

In Apache Linkis =1.3.1, because the parameters are not effectively filtered, the attacker uses the MySQL data source and malicious parameters to configure a new data source to trigger a deserialization vulnerability, eventually leading to remote code execution. Versions of Apache Linkis = 1.3.0...

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 9.5.18 to 10.4.13 jscPED-11591,jscPED-11649: Security issues fixed: CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto bsc1234554 CVE-2023-3128: Fixed...

SUSE CVE-2023-1410

Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have contro...

CVE-2025-24432

creationtimestamp| type| source ---|---|--- 2025-02-11 18:20:02+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwbjtao772h 2025-02-11 21:33:43+00:00| seen| https://t.me/cvedetector/17749...

The vulnerability of the Security component of the Oracle Communications Order and Service Management system allows a perpetrator to gain read, modify, add, or delete access to data, or cause a partial service disruption.

The vulnerability of the Security component of the Oracle Communications Order and Service Management system is related to a data source validation error. Exploiting this vulnerability may allow an attacker, operating remotely, to gain read, modify, add, or delete access to data, or cause a parti...

CVE-2022-43773

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...

CVE-2022-43940

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x do not correctly perform an authorization check in the data source management service...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information through a specially...

CVE-2024-20147

creationtimestamp| type| source ---|---|--- 2025-02-03 04:16:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhaond6oke2j 2025-02-03 07:46:56+00:00| seen| https://t.me/cvedetector/17053 2025-02-03 08:03:45+00:00| seen|...

CVE-2019-19245

creationtimestamp| type| source ---|---|--- 2025-02-02 11:26:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3789 2025-02-03 08:53:13+00:00| seen| https://bsky.app/profile/hacker.at.thenote.app/post/3lhb64vdklk2n 2025-02-06 02:39:09+00:00| seen|...