CVE-2025-24786 Path traversal opening Sqlite3 database in WhoDB

WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory /db, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present on the host machine that the applicati...

CVE-2021-35572

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-35659

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-35658

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

[SECURITY] Fedora 41 Update: FlightGear-2020.3.19-8.fc41

The Flight Gear project is working to create a sophisticated flight simulator framework for the development and pursuit of interesting flight simulator ideas. We are developing a solid basic sim that can be expanded and improved upon by anyone interested in contributing...

CVE-2022-21445

Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

The Impact of Cybersecurity on Game Development

The gaming industry has grown into a massive global market, with millions of players engaging in online multiplayer…...

CVE-2022-46822

Unauth. Reflected Cross-Site Scripting XSS vulnerability in JC Development Team WooCommerce JazzCash Gateway Plugin plugin = 2.0 versions...

CVE-2022-31172

OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. SignatureChecker.isValidSignatureNow is not expected to revert. However, an incorrect assumption about Solidity 0.8's abi.decode allows some cases to...

CVE-2022-4048

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application...

CVE-2019-19300

A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0, SIMATIC ET 200eco PN, ...

CVE-2020-2787

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2024-34714

The Hoppscotch Browser Extension is a browser extension for Hoppscotch, a community-driven end-to-end open-source API development ecosystem. Due to an oversight during a change made to the extension in the commit d4e8e4830326f46ba17acd1307977ecd32a85b58, a critical check for the origin list was...

CVE-2024-32003

wn-dusk-plugin Dusk plugin is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment such as headless Chrome to act as a user in the Backend or User plugin without having ...

CVE-2024-51837

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sophia M Williams WP Contest wp-contest allows SQL Injection.This issue affects WP Contest: from n/a through = 1.0.0...

FreeBSD : nginx-devel -- SSL session reuse vulnerability (9761af78-e3e4-11ef-9f4a-589cfc10a551)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9761af78-e3e4-11ef-9f4a-589cfc10a551 advisory. The nginx development team reports: This update fixes the SSL session reuse vulnerability. Tenable has...

How Imperva Infused AI Throughout Research and Development

The Age of AI Is Upon Us The current pace of technological change beggars’ belief. Generative Artificial Intelligence GenAI, released to the world a mere two years ago, promises to eliminate much of the tedium of the digital world. Software engineers around the world are already using it to speed...

CVE-2025-22129

CVE-2025-22129 affects Tuleap (community and enterprise editions) where an unauthorized user could access restricted information. The issue is addressed in Tuleap Community Edition 16.3.99.1736242932, Tuleap Enterprise Edition 16.2-5, and Tuleap Enterprise Edition 16.3-2; users should upgrade. Th...

CVE-2025-24029

CVE-2025-24029 affects Tuleap’s Cross Tracker Search widget: artifact permissions are not verified, allowing access to restricted artifacts for users (including anonymous) when the widget is used in public project dashboards. Affected versions have been addressed by Tuleap: Community Edition 16.3...

NI Vision Development Module Vision Assistant JPG File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Development Module. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...