2 matches found
GHSA-774Q-R975-VQWP Mayan EDMS is vulnerable to XSS through the /authentication/ file
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...
CVE-2025-62785 Wazuh fillData NULL pointer dereference causes analysisd crash
Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData implementation does not check whether value is NULL or not before calling osstrdup on it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh...