CVE-2025-5031

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an...

CVE-2025-5030

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...

CVE-2025-0870

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of ...

CVE-2024-9048

A vulnerability was found in yproject RuoYi up to 4.7.9. It has been declared as problematic. Affected by this vulnerability is the function SysUserServiceImpl of the file ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java of the component Backend User Import. The...

CVE-2024-0347

A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file signupteacher.php. The manipulation of the argument Password leads to weak password requirements. The attack may be initiated remotely. The...

CVE-2023-4462

A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250,...

CVE-2023-3800

A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...

CVE-2023-2900

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2016-15024

A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...

CVE-2015-10067

A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulation leads to race condition within a thread. The complexity of an attack is rather high. The...

CVE-2025-4894

CVE-2025-4894 affects calmkart Django-sso-server. The vulnerability is in common/crypto.py, function gen_rsa_keys, leading to inadequate encryption strength. Attacker could potentially exploit remotely; the CVE notes the attack complexity as high and exploitation as difficult, with no version det...

CVE-2025-4727 Meteor livedata_server.js Object.assign redos

A vulnerability was found in Meteor up to 3.2.1 and classified as problematic. This issue affects the function Object.assign of the file packages/ddp-server/livedataserver.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be...

CVE-2025-4525

A vulnerability, which was classified as critical, has been found in Discord 1.0.9188 on Windows. Affected by this issue is some unknown functionality in the library WINSTA.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an...

CVE-2025-4544 D-Link DI-8100 jhttpd ddos.asp stack-based overflow

A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument defmax/deftime/deftcpmax/deftcptime/defudpmax/defudptime/deficmpmax leads to...

CVE-2025-4542

A vulnerability, which was classified as problematic, has been found in Freeebird Hotel 酒店管理系统 API up to 1.2. Affected by this issue is some unknown functionality of the file /src/main/java/cn/mafangui/hotel/tool/SessionInterceptor.java. The manipulation leads to permissive cross-domain policy wi...

CVE-2025-4539

A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

CVE-2025-4537

CVE-2025-4537 affects yangzongzhuan/RuoYi-Vue up to version 3.8.9, specifically the Password Handler components in ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue. The issue enables cleartext storage of sensitive information in a cookie, with remote attack potential and relatively high attack comple...

CVE-2025-4534

The CVE-2025-4534 entry concerns SunGrow Logger1000 (version 01_A). Technical details across connected docs indicate a weakness in password policy that leads to weak password requirements. The vulnerability is described as exploitable remotely with high attack complexity, and exploitation has bee...

CVE-2025-4532 Shanghai Bairui Information Technology SunloginClient sunlogin_guard.exe uncontrolled search path

A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunloginguard.exe. The manipulation leads to uncontrolled search path. Local access is required to...

CVE-2025-4532 Shanghai Bairui Information Technology SunloginClient sunlogin_guard.exe uncontrolled search path

A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunloginguard.exe. The manipulation leads to uncontrolled search path. Local access is required to...