CVE-2025-26481

Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service...

pycodium (>=0.1.0 <=0.2.1), reflex-icon-library (=1.4.2) potentially affected by CVE-2025-47425 via reflex (>=0.7.12 <=0.7.14)

reflex PYPI version =0.7.12, =0.1.0, =0.2.1 - reflex-icon-library =1.4.2 Source cves: CVE-2025-47425 Source advisory: SNYK:PYTHON-REFLEX-10442544...

Progress Telerik UI 资源管理错误漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A security vulnerability exists in Progress Telerik UI versions 2011.2.712 through 2025.1.218, which stems from insecure reflection that could lead to unhandled exceptions, which in turn...

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. A security vulnerability exists in Centreon versions prior to 24.04.0 to 24.04.10 and 24.10.0 to...

NetAlertX 安全漏洞

NetAlertX is a network intruder and presence detector from the jokob-sk individual developer. A security vulnerability exists in NetAlertX versions prior to 23.01.14 through 24.10.12, which stems from unauthenticated command injection and could lead to arbitrary command execution...

Kanboard 跨站脚本漏洞

Kanboard is a suite of open source visual task board software from Kanboard Open Source. The software has the ability to customize the panels based on the business. A cross-site scripting vulnerability exists in Kanboard versions 1.2.26 through 1.2.44, which stems from the presence of stored...

CVE-2025-47590

Cross-Site Request Forgery CSRF vulnerability in JExtensions Store WPSpeed wpspeed allows Cross Site Request Forgery.This issue affects WPSpeed: from n/a through = 2.6.5...

CVE-2025-47655

Cross-Site Request Forgery CSRF vulnerability in themarketer2023 theMarketer themarketer allows Stored XSS.This issue affects theMarketer: from n/a through = 1.4.7...

EnerSys AMPA 安全漏洞

EnerSys AMPA is an industrial-grade battery management system from EnerSys, Inc. designed as an intelligent monitoring platform for power equipment. A security vulnerability exists in EnerSys AMPA versions 24.04 through 24.16 that stems from a command injection issue that could lead to privileged...

Rack::Session 安全漏洞

Rack::Session is an application from Official Rack repositories open source. A security vulnerability exists in Rack::Session versions prior to 2.0.0 through 2.1.1 that stems from improper session management and could lead to a session recovery attack...

org.graylog.plugins:graylog-plugin-parent (>=6.0.0 <=6.0.13), org.graylog.plugins:graylog-plugin-web-parent (>=6.0.0 <=6.0.13) potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.0.0 <=6.0.13)

org.graylog2:graylog2-server MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.13 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...

CVE-2025-47547

CVE-2025-47547 (WordPress SendPulse Email Marketing Newsletter) is a stored XSS vulnerability in the SendPulse Email Marketing Newsletter plugin for WordPress, affecting versions n/a through 2.1.6. The issue arises from improper neutralization of input during web page generation, enabling attacke...

CVE-2025-47483 WordPress Easy Replace Image plugin <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through = 3.5.0...

be.yildiz-games:module-messaging-activemq (=1.0.15), com.chutneytesting:action-impl (>=2.2.1 <=3.0.0) +114 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-client (>=5.18.0 <=5.18.6)

org.apache.activemq:activemq-client MAVEN version =5.18.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =2.0.0, =0.4.4, =0.4.4, =0.28.0, =2.0.0, =3.0.0, =0.17.0, =0.19.12-2023-11-12, =RC0-0.19.12-2023-10-27, =RC0-0.19.12-2023-10-27, =RC-1.0.0.RC4+2025-05-15 and more Source cves: CVE-2025-27533 Source advisory...

Hyperledger Besu 安全漏洞

Hyperledger Besu is a Hyperledger open source application. It is used to run, maintain, debug and monitor nodes in the Ethernet network. A security vulnerability exists in Hyperledger Besu versions 24.7.1 through 25.2.2, which stems from a precompiled implementation issue that could lead to a...

WordPress plugin PeproDev Ultimate Profile Solutions 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An authorization issue vulnerabilit...

Crestron Automate VX 安全漏洞

Crestron Automate VX is an enterprise-grade intelligent space automation platform from Crestron, Inc. that integrates AV control, IoT device management, and data analytics. A security vulnerability exists in Crestron Automate VX versions 5.6.8161.21536 through 6.4.0.49, which stems from the...

summaly 安全漏洞

summaly is a Misskey open source tool for obtaining a summary of any web page. A security vulnerability exists in summaly version 3.0.1 through versions prior to 5.2.1, which stems from a logic error that results in improper redirection controls and could lead to information disclosure...

CVE-2025-3488

The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmllanguageswitcher shortcode in versions 3.6.0 - 4.7.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

click-clack (>=0.1.0 <=0.2.1), paos (>=1.2.7 <=1.2.10) +1 more potentially affected by unknown CVE via marimo (>=0.10.19 <=0.11.31)

marimo PYPI version =0.10.19, =0.1.0, =1.2.7, =0.1.1.dev1736307293, =0.1.1.dev1742453945 Source cves: unknown CVE Source advisory: SNYK:PYTHON-MARIMO-12671196...