Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2026/04/06 4:9 p.m.6 views

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +66 more potentially affected by CVE-2026-34379 via openexr (>=3.4.12 <=3.4.4)

openexr PYPI version =3.4.12, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-34379 Source advisory: SNYK:PYTHON-OPENEXR-15993246...

7.1CVSS5.7AI score0.00283EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/10/12 9:16 p.m.12 views

CVE-2025-61665

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Broken Access Control vulnerability, identified in the getrelatoriossocios.php endpoint. This vulnerability allows unauthenticated attackers to directly access sensitive personal and...

8.7CVSS6.8AI score0.00446EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/03 8:57 p.m.11 views

CVE-2025-61606

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an Open Redirect vulnerability, identified in the control.php endpoint, specifically in the nextPage parameter metodo=listarUmnomeClasse=FuncionarioControle. This vulnerability allows...

4.8CVSS6.8AI score0.00208EPSS
Exploits1References1
CVE
CVE
added 2025/10/02 8:25 p.m.13 views

CVE-2025-61606

WeGIA is affected: open redirect in the control.php endpoint via the nextPage parameter (metodo=listarUmnomeClasse=FuncionarioControle) for versions 3.4.12 and below. This could redirect users to arbitrary external domains, enabling phishing or credential theft as described in the CVE entries. Th...

6.1CVSS6.4AI score0.00208EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2025/10/02 8:15 p.m.4 views

CVE-2025-61604

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Cross-Site Request Forgery CSRF vulnerability. The delete operation for the Almoxarifado entity is exposed via HTTP GET without CSRF protection, allowing a third-party site to trigger...

7.1CVSS0.00163EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/02 12:0 a.m.4 views

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA 3.4.12 and earlier versions, which stems from incorrect manipulation of the parameter idpet in the file /pet/profilepet.php, which could lead to a SQL injection...

9.8CVSS7.3AI score0.00397EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.5 views

PT-2025-4786 · Github · Github Desktop

Name of the Vulnerable Software and Affected Versions: GitHub Desktop versions prior to 3.4.12 Description: An attacker can access a user's credentials by convincing them to clone a repository directly or through a submodule using a maliciously crafted remote URL. GitHub Desktop relies on Git for...

6.6CVSS9.4AI score0.00747EPSS
Exploits0References12
Rows per page
Query Builder