CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2025/12/16 12:0 a.m.•3 views

PT-2025-51399

Name of the Vulnerable Software and Affected Versions azzaroco Ultimate Learning Pro versions through 3.9.3 Description An authorization issue exists in azzaroco Ultimate Learning Pro, allowing exploitation of incorrectly configured access control security levels. Recommendations Update to a...

4.9CVSS6.6AI score0.00235EPSS

Packet Storm News•added 2025/12/16 12:0 a.m.•2 views

Cybersecurity Skills in New Graduates: A Philippine Perspective

This study investigates the key skills and competencies needed by new cybersecurity graduates in the Philippines for entry-level positions. Using a descriptive cross-sectional research design, it combines analysis of job listings from Philippine online platforms with surveys of students, teachers...

6.9AI score

CNNVD•added 2025/12/16 12:0 a.m.•4 views

WordPress plugin Ultimate Learning Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.9CVSS6.6AI score0.00235EPSS

Exploits0References1

Packet Storm News•added 2025/12/16 12:0 a.m.•3 views

LegionITS: A Federated Intrusion-Tolerant System Architecture

The growing sophistication, frequency, and diversity of cyberattacks increasingly exceed the capacity of individual entities to fully understand and counter them. While existing solutions, such as Security Information and Event Management SIEM systems, Security Orchestration, Automation, and...

6.5AI score

NVD•added 2025/12/15 9:15 p.m.•4 views

CVE-2023-53876

Academy LMS 6.1 contains a file upload vulnerability that allows authenticated users to upload malicious SVG files with stored cross-site scripting payloads. Attackers can inject malicious scripts through the profile avatar upload feature by modifying file extensions and embedding executable...

5.4CVSS0.00202EPSS

Exploits1References3

CVE•added 2025/12/15 8:28 p.m.•6 views

CVE-2023-53876

CVE-2023-53876 affects Academy LMS 6.1 and is a file-upload vulnerability that lets authenticated users upload malicious SVGs containing stored XSS via the profile avatar upload feature by altering extensions and embedding JavaScript. Root cause: lax file-type handling permitting SVG execution. I...

5.4CVSS5.8AI score0.00202EPSS

Exploits1References3Affected Software1

NVD•added 2025/12/15 6:15 a.m.•4 views

CVE-2025-14712

Student Learning Assessment and Support System developed by JHENG GAO has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain test accounts and password...

8.7CVSS0.00331EPSS

CVE•added 2025/12/15 5:37 a.m.•8 views

CVE-2025-14712

CVE-2025-14712 affects the Student Learning Assessment and Support System developed by JHENG GAO. The vulnerability is an exposure of sensitive information that allows unauthenticated remote attackers to view a specific page and obtain test accounts and passwords. Reported across multiple feeds (...

8.7CVSS6.6AI score0.00331EPSS

EUVD•added 2025/12/15 5:37 a.m.•5 views

EUVD-2025-203331

8.7CVSS6.5AI score0.00331EPSS

Cvelist•added 2025/12/15 5:37 a.m.•25 views

CVE-2025-14712 JHENG GAO｜Student Learning Assessment and Support System - Exposure of Sensitive Information

8.7CVSS0.00331EPSS

Vulnrichment•added 2025/12/15 5:37 a.m.•4 views

CVE-2025-14712 JHENG GAO｜Student Learning Assessment and Support System - Exposure of Sensitive Information

8.7CVSS6.6AI score0.00331EPSS

Positive Technologies•added 2025/12/15 12:0 a.m.•5 views

PT-2025-51196

8.7CVSS7AI score0.00331EPSS

CNNVD•added 2025/12/15 12:0 a.m.•4 views

JHENG GAO Student Learning Assessment and Support System 安全漏洞

JHENG GAO Student Learning Assessment and Support System is a student learning diagnostic and tutoring system from JHENG GAO in Taiwan, China. A security vulnerability exists in the JHENG GAO Student Learning Assessment and Support System, which can be exploited by an unauthenticated, remote...

8.7CVSS6.5AI score0.00331EPSS

Packet Storm News•added 2025/12/14 12:0 a.m.•3 views

Hyperparameter Tuning-Based Optimized Performance Analysis of Machine Learning Algorithms for Network Intrusion Detection

Network Intrusion Detection Systems NIDS are essential for securing networks by identifying and mitigating unauthorized activities indicative of cyberattacks. As cyber threats grow increasingly sophisticated, NIDS must evolve to detect both emerging threats and deviations from normal behavior. Th...

6.8AI score

Packet Storm News•added 2025/12/14 12:0 a.m.•2 views

Detecting Prompt Injection Attacks against Application Using Classifiers

Prompt injection attacks can compromise the security and stability of critical systems, from infrastructure to large web applications. This work curates and augments a prompt injection dataset based on the HackAPrompt Playground Submissions corpus and trains several classifiers, including LSTM,...

7.3AI score

Packet Storm News•added 2025/12/14 12:0 a.m.•7 views

SHERLOCK: A Deep Learning Approach to Detect Software Vulnerabilities

The increasing reliance on software in various applications has made the problem of software vulnerability detection more critical. Software vulnerabilities can lead to security breaches, data theft, and other negative outcomes. Traditional software vulnerability detection techniques, such as...

7.4AI score

RedhatCVE•added 2025/12/13 8:2 p.m.•4 views

CVE-2025-67734

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...

5.4CVSS5.9AI score0.00138EPSS

Exploits0References1

Packet Storm News•added 2025/12/13 12:0 a.m.•2 views

The Role of AI in Modern Penetration Testing

Penetration testing is a cornerstone of cybersecurity, traditionally driven by manual, time-intensive processes. As systems grow in complexity, there is a pressing need for more scalable and efficient testing methodologies. This systematic literature review examines how Artificial Intelligence AI...

6.8AI score