CVE-2025-22592

Missing Authorization vulnerability in 8blocks 1003 Mortgage Application 1003-mortgage-application allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 1003 Mortgage Application: from n/a through = 1.87...

CVE-2025-22711

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Thomas Maier Image Source Control image-source-control-isc allows Reflected XSS.This issue affects Image Source Control: from n/a through = 2.29.0...

CVE-2025-22508

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in roninwp FAT Event Lite fat-event-lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through = 1.1...

CVE-2025-22320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProductDyno ProductDyno productdyno allows Reflected XSS.This issue affects ProductDyno: from n/a through = 1.0.24...

CVE-2025-22357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdever Target Notifications target-notifications allows Reflected XSS.This issue affects Target Notifications: from n/a through = 1.1.1...

CVE-2025-0355

Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3...

CVE-2022-25729

Memory corruption in modem due to improper length check while copying into memory...

CVE-2022-25750

Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile...

CVE-2022-43716

A vulnerability has been identified in SIMATIC CP 1242-7 V2 6GK7242-7KX31-0XE0 All versions V3.4.29, SIMATIC CP 1243-1 6GK7243-1BX30-0XE0 All versions V3.4.29, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.4.29, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.4.29,...

CVE-2022-36324

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack...

CVE-2022-2060

Cross-site Scripting XSS - Stored in GitHub repository dolibarr/dolibarr prior to 16.0...

CVE-2022-0244

An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary file read was possible by importing a group was due to incorrect handling of file...

CVE-2020-15263

In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4...

CVE-2020-13323

A vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private merge requests could be read via Todos...

CVE-2024-43246

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in creativeon WHMpress allows Reflected XSS.This issue affects WHMpress: from n/a through 6.2-revision-5...

CVE-2024-43366

zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to version 1.5.3, since LLL IR has no Turing-incompletness restrictions, it is compiled to a loop with a much more late exit condition. It leads to a loss of funds or other unwanted behavior if the loop body contains it. However,...

CVE-2024-43212

Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.7.7...

CVE-2024-52444

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in wpopal Opal Woo Custom Product Variation opal-woo-custom-product-variation allows Path Traversal.This issue affects Opal Woo Custom Product Variation: from n/a through = 1.1.3...

CVE-2024-52400

Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through = 1.01...

CVE-2024-52373

Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery devexhub-gallery allows Upload a Web Shell to a Web Server.This issue affects Devexhub Gallery: from n/a through = 2.0.1...