Lucene search
K

783 matches found

Debian CVE
Debian CVE
added 2025/07/28 7:2 a.m.5 views

CVE-2025-8262

A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity. It is possible to launch...

7.5CVSS3.9AI score0.007EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/07/28 4:32 a.m.3 views

CVE-2025-8176

A flaw was found in libtiff. The gethistogram function in file/tiffmedian.c exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial o...

7.8CVSS5AI score0.00238EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.3 views

PT-2025-31053 · Unknown +1 · Yarnpkg Yarn +1

Name of the Vulnerable Software and Affected Versions: yarnpkg Yarn versions up to 1.22.22 Description: A vulnerability exists in the explodeHostedGitFragment function within the src/resolvers/exotics/hosted-git-resolver.js file. This manipulation results in inefficient regular expression...

7.5CVSS4.4AI score0.007EPSS
Exploits1References20
NVD
NVD
added 2025/07/27 8:15 a.m.3 views

CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

4.8CVSS0.00223EPSS
Exploits1References5
NVD
NVD
added 2025/07/26 4:16 a.m.3 views

CVE-2025-8176

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...

7.8CVSS0.00238EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/07/26 4:2 a.m.3 views

CVE-2025-8177 LibTIFF thumbnail.c setrow buffer overflow

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

5.3CVSS5.3AI score0.00271EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/07/24 2:24 a.m.9 views

CVE-2025-7949

A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html. The manipulation of the argument url lead...

6.1CVSS4AI score0.00297EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/22 1:32 a.m.12 views

CVE-2025-7949 Sanluan PublicCMS preview.html redirect

A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html. The manipulation of the argument url lead...

5.1CVSS0.00297EPSS
Exploits1References5
OSV
OSV
added 2025/07/20 3:15 a.m.4 views

CVE-2025-7863

A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. The attack may be...

5.1CVSS7.1AI score
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/07/20 2:44 a.m.5 views

CVE-2025-7864 thinkgem JeeSite FileUploadController.java upload unrestricted upload

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been classified as critical. This affects the function Upload of the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java. The manipulation leads to unrestricted upload. It is possible to initiate the attack...

6.5CVSS7.2AI score0.00303EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.9 views

PT-2025-30202 · Harry0703 · Moneyprinterturbo

Name of the Vulnerable Software and Affected Versions: harry0703 MoneyPrinterTurbo versions through 1.2.6 Description: A critical issue exists in harry0703 MoneyPrinterTurbo. The upload bgm file function within the File Extension Handler component, located in the app/controllers/v1/video.py file,...

6.5CVSS6.3AI score0.00372EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.11 views

PT-2025-30167

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A vulnerability exists in thinkgem JeeSite up to version 5.12.0 related to cross-site scripting. The issue resides in the xssFilter function within the...

5.4CVSS3.8AI score0.00304EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.5 views

PT-2025-30207 · Yangzongzhuan · Ruoyi

Name of the Vulnerable Software and Affected Versions: yangzongzhuan RuoYi versions up to 4.8.1 Description: A cross-site scripting issue exists due to the addSave function within the com/ruoyi/web/controller/system/SysNoticeController.java file. This allows for remote attacks. The exploit detail...

5.4CVSS4AI score0.00262EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.6 views

PT-2025-30166

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A critical issue exists in thinkgem JeeSite that allows for unrestricted file uploads. The Upload function within the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java ...

6.5CVSS6.2AI score0.00303EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.8 views

PT-2025-30204 · Unknown · Moneyprinterturbo

Name of the Vulnerable Software and Affected Versions: harry0703 MoneyPrinterTurbo versions through 1.2.6 Description: A critical issue exists in the verify token function within the app/controllers/base.py file of the API Endpoint component. This allows for missing authentication and may be...

7.5CVSS7.2AI score0.00626EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/18 12:0 a.m.7 views

PT-2025-30079 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC versions up to 2.4 Description: A null pointer dereference issue exists in the gf dash download init segment function within the src/media tools/dash client.c file. Manipulation of the base init url argument can trigger this issue. This...

6.9CVSS5AI score0.00871EPSS
Exploits1References17
NVD
NVD
added 2025/07/17 11:15 p.m.4 views

CVE-2025-7763

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...

5.3CVSS0.00397EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/07/17 10:14 p.m.11 views

CVE-2025-7763 thinkgem JeeSite Site Controller SiteController.java select redirect

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...

5.3CVSS0.00397EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.3 views

PT-2025-29981

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A problematic vulnerability exists in thinkgem JeeSite. The select function within the src/main/java/com/jeesite/modules/cms/web/SiteController.java file of the Site Controller component is...

5.3CVSS4AI score0.00397EPSS
Exploits1References19
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.4 views

PT-2025-29978

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A critical vulnerability exists in thinkgem JeeSite. The issue is located in an unknown part of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java within the UEdit...

8.8CVSS6.3AI score0.00309EPSS
Exploits1References15
Rows per page
Query Builder