72 matches found
CVE-2025-48336
Deserialization of Untrusted Data vulnerability in ThimPress Course Builder course-builder allows Object Injection.This issue affects Course Builder: from n/a through 3.6.6...
CVE-2022-32283
Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Cabinet via unspecified vectors...
CVE-2025-31421
CVE-2025-31421 : SrbTransLatin (Serbian Latinisation) plugin vulnerability permitting unauthenticated sensitive information exposure via an externally accessible file path; description indicates sensitive data retrieval. Connected data confirms this is an exposure issue for SrbTransLatin
CVE-2025-30558
Cross-Site Request Forgery CSRF vulnerability in EnzoCostantini55 ANAC XML Render anac-xml-render allows Stored XSS.This issue affects ANAC XML Render: from n/a through = 1.5.7...
CVE-2025-25161
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SocialEvolution WP Find Your Nearest wp-find-your-nearest allows Reflected XSS.This issue affects WP Find Your Nearest: from n/a through = 0.3.1...
BELL-CVE-2024-57995
Bulletin has no description...
CVE-2023-37569
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...
CVE-2025-24556
Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle moowoodle allows Retrieve Embedded Sensitive Data.This issue affects MooWoodle: from n/a through = 3.2.4...
CVE-2025-24734
Missing Authorization vulnerability in CodeSolz Better Find and Replace real-time-auto-find-and-replace allows Privilege Escalation.This issue affects Better Find and Replace: from n/a through = 1.6.7...
CVE-2024-50532
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jerin K Alexander Events Manager Pro – extended events-manager-pro-extended allows Reflected XSS.This issue affects Events Manager Pro – extended: from n/a through = 0.1...
CVE-2024-54367
Deserialization of Untrusted Data vulnerability in Ultimate Member ForumWP forumwp allows Object Injection.This issue affects ForumWP: from n/a through = 2.1.0...
CVE-2024-11627
: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...
CVE-2023-40334
Missing Authorization vulnerability in RealMag777 HUSKY woocommerce-products-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HUSKY: from n/a through = 1.3.4.2...
PT-2024-18605 · Mms · Mms
Name of the Vulnerable Software and Affected Versions: mms affected versions not specified Description: The issue is related to a possible out of bounds write in mms due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User...
Intel Thunderbolt Driver May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt driver software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP h...
CVE-2024-29944
An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...
BELL-CVE-2019-15845 CVE-2019-15845 does not affect BellSoft software
Bulletin has no description...
JVN#41694426: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-3122 Denial-of-service DoS in Message CWE-400 - CVE-2023-26595 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L| Base Score: 5.0 CVSS v2| AV:N/AC:L/Au:S/C:N/I:N/A:P...
PT-2023-15846 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It appears to be a notification about a candidate number that is not in use...
PT-2023-23323 · Evasys · Evasys
Name of the Vulnerable Software and Affected Versions: evasys versions prior to 8.2 Build 2286 evasys versions 9.x prior to 9.0 Build 2401 Description: The issue concerns the lack of input validation for certain parameters in evasys, specifically nutzer titel, nutzer vn, nutzer nn, langID, and...