CVE-2025-7337 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 7.8 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user with Developer-level access to cause a persistent denial of service affecting all users on a GitLab instance by...

CVE-2025-7337 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 7.8 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user with Developer-level access to cause a persistent denial of service affecting all users on a GitLab instance by...

PT-2025-37294

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 7.8 through 18.1.5 GitLab CE/EE versions 18.2 through 18.2.5 GitLab CE/EE versions 18.3 through 18.3.1 Description: An authenticated user with Developer-level access could cause a persistent denial of service affecting a...

KLA87522 ACE vulnerability in Microsoft Developer Tools

A remote code execution vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2025-55319 Related products Visual-Studio-Code CVE list CVE-2025-55319 critical KB list...

CVE-2025-8681

Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component. Requires a high privileged user with a developer role...

CVE-2025-8681

Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component. Requires a high privileged user with a developer role...

CVE-2025-8681

The CVE-2025-8681 entry describes a Stored XSS vulnerability in Pega Platform UI components affecting versions 7.1.0 through Infinity 24.2.2. A high-privilege user with a developer role is required to exploit. The issue stems from a stored XSS flaw in the user interface component, enabling inject...

CVE-2025-8681 Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component

Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component. Requires a high privileged user with a developer role...

Linux Distros Unpatched Vulnerability : CVE-2022-41561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition,...

Linux Distros Unpatched Vulnerability : CVE-2020-7018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interface. If a user is given the developer role, they will be able ...

KLA87521 PE vulnerability in Microsoft Developer Tools

An elevation of privilege vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-49734 Related products PowerShell CVE list CVE-2025-49734 high Solution Install necessary updates from the KB section, th...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21119)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/cycle endpoint. An attacker could use this vulnerability to steal a victim's cookie-based authentication...

appRain CMF cross-site scripting vulnerability (CNVD-2025-21127)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which stems from the lack of effective filtering and escaping of user-supplied data in the /apprain/developer/addons parameter page, which can be exploited by an attacker to steal a victim's...

CVE-2025-58818

Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...

CVE-2025-41062

A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 'page' parameter in /apprain/developer/addons...

CVE-2025-58818

Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...

CVE-2025-58818 WordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...

CVE-2025-58818 WordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...

CVE-2025-58818

CVE-2025-58818 is a CSRF vulnerability in the WordPress plugin Developer Tools Blocker (SwiftNinjaPro) affecting versions up to 3.2.1. Technical details across sources confirm CSRF as the root cause and that exploitation could enable actions on behalf of authenticated users. Mitigation: update to...

WordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Developer Tools Blocker versions = 3.2.1...