Lucene search
K

650 matches found

NVD
NVD
added 2025/10/21 5:15 p.m.5 views

CVE-2025-62597

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to version 3.5.1, a reflected cross-site scripting XSS vulnerability was identified in the editarinfopessoal.php endpoint of the WeGIA application. This vulnerability allows attackers to inject...

6.9CVSS0.00268EPSS
Exploits1References3
Microsoft Security Update
Microsoft Security Update
added 2025/10/14 5:0 p.m.77 views

2025-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for ARM64 (KB5066746)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2025/10/14 5:0 p.m.11 views

2025-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 for ARM64 (KB5066747)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2025/10/14 5:0 p.m.16 views

2025-10 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 (KB5066738)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2025/10/14 5:0 p.m.50 views

2025-10 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5066743)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2025/10/14 5:0 p.m.11 views

2025-10 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for ARM64 (KB5066738)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2025/10/14 5:0 p.m.1132 views

2025-10 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5066747)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/10/14 2:0 p.m.36 views

October 14, 2025-KB5066747 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2

October 14, 2025-KB5066747 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 Release Date: October 14, 2025 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 10 Version...

8.8CVSS8AI score0.02262EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/10/14 12:0 a.m.11 views

October 14, 2025-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5066748)

October 14, 2025-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 KB5066748 Applies to:Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7....

8.8CVSS8.2AI score0.02262EPSS
Exploits0
EUVD
EUVD
added 2025/10/13 9:12 p.m.6 views

EUVD-2025-34102

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...

3.5CVSS5.3AI score0.00219EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.6 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.5.1, which stems from an unvalidated log parameter in configuracaogeral.php and could lead to a reflective cross-site scripting...

6.1CVSS6AI score0.00239EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/10/12 9:2 p.m.4 views

CVE-2025-11646 Tomofun Furbo 360/Furbo Mini GATT Service access control

A vulnerability was detected in Tomofun Furbo 360 and Furbo Mini. This vulnerability affects unknown code of the component GATT Service. The manipulation results in improper access controls. The attack can only be performed from the local network. The exploit is now public and may be used. The...

6.3CVSS6AI score0.00514EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/12 3:30 a.m.18 views

CVE-2025-11380

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everestprocessstatus' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for...

5.9CVSS5.4AI score0.00374EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/11 12:0 a.m.11 views

PT-2025-41630

Name of the Vulnerable Software and Affected Versions Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin versions prior to 2.3.6 Description The Everest Backup plugin for WordPress allows unauthorized access to data due to a missing capability check on the everest proces...

5.9CVSS5.3AI score0.00374EPSS
Exploits1References7
Circl
Circl
added 2025/10/10 11:11 a.m.7 views

CVE-2025-52635

creationtimestamp| type| source ---|---|--- 2025-10-10 11:11:48+00:00| seen| Telegram/U6-OpfEB8PA8JmfNuGIjjqscc7fjmIVPnKg9RJrQefpg5Q...

9.8CVSS4.8AI score0.00247EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3116

Malware in sbrugna...

7.8CVSS7.7AI score0.00411EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.4 views

CVE-2023-53567

In the Linux kernel, the following vulnerability has been resolved: spi: qup: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried later and so this is a...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References10
CVE
CVE
added 2025/10/02 8:9 p.m.13 views

CVE-2025-61604

WeGIA CSRF in delete operation (Almoxarifado) affects versions 3.4.12 and earlier of WeGIA, where the delete endpoint is exposed via HTTP GET without CSRF protection, allowing an attacker to trigger actions using a victim’s authenticated session. This vulnerability is fixed in version 3.5.0. Impa...

7.1CVSS6.2AI score0.00163EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.6 views

PT-2025-40424

Name of the Vulnerable Software and Affected Versions WeGIA versions 3.4.12 and below Description WeGIA is a Web manager for charitable institutions. A SQL Injection issue exists in the /controle/control.php endpoint, specifically in the descricao parameter. This allows attackers to execute...

9.4CVSS8AI score0.00397EPSS
Exploits1References9
OSV
OSV
added 2025/10/01 8:41 p.m.6 views

CVE-2025-59337 Discourse: Cross-Site Data Exposure via Backup Restore Metacommand Injection in Multisite Deployments

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to access data or credentials from other sites. This issue is fixe...

5.5CVSS6.4AI score0.00277EPSS
Exploits0References4
Rows per page
Query Builder