EUVD-2026-3855

Authorization Bypass Through User-Controlled Key vulnerability in Elated-Themes Sweet Jane sweetjane allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sweet Jane: from n/a through = 1.2...

CVE-2020-12708

Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the catid parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043...

EUVD-2025-204329

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts in the administration interface. Attackers can exploit this vulnerability to execute arbitrary scripts within the administrative context...

CVE-2025-44952

A missing length check in ogspfcpsubnetadd function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the session.dnn field with a value with length greater than 101...

CVE-2022-49582

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix NULL pointer dereference in dsaportresetvlanfiltering The "ds" iterator variable used in dsaportresetvlanfiltering - dsaswitchforeachport overwrites the "dp" received as argument, which is later used to call...