Aggregator
CVE-2020-5283 | ViewVC up to 1.1.27/1.2.0 CVS show_subdir_lastmod cross site scripting (Nessus ID 261354)
10 months ago
A vulnerability labeled as problematic has been found in ViewVC up to 1.1.27/1.2.0. This impacts an unknown function of the component CVS show_subdir_lastmod. Executing manipulation can lead to basic cross site scripting.
This vulnerability is tracked as CVE-2020-5283. The attack can be launched remotely. No exploit exists.
The affected component should be upgraded.
vuldb.com
CVE-2019-6970 | Moodle 3.5.0/3.5.1/3.5.2/3.5.3 server-side request forgery (Nessus ID 261353)
10 months ago
A vulnerability classified as critical was found in Moodle 3.5.0/3.5.1/3.5.2/3.5.3. Affected by this issue is some unknown functionality. Executing manipulation can lead to server-side request forgery.
The identification of this vulnerability is CVE-2019-6970. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2019-3572 | libming 0.4.8 util/dbl2png.c writePNG out-of-bounds (Issue 169 / Nessus ID 261356)
10 months ago
A vulnerability categorized as critical has been discovered in libming 0.4.8. The affected element is the function writePNG of the file util/dbl2png.c. The manipulation results in out-of-bounds read.
This vulnerability is known as CVE-2019-3572. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2021-21303 | Helm up to 3.5.1 Version injection (Nessus ID 261355)
10 months ago
A vulnerability was found in Helm up to 3.5.1. It has been classified as problematic. Affected by this issue is some unknown functionality. Performing manipulation of the argument Version results in injection.
This vulnerability is known as CVE-2021-21303. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2019-17109 | Koji up to 1.18.0 path traversal (FEDORA-2019-adf618865f / Nessus ID 261357)
10 months ago
A vulnerability classified as critical has been found in Koji up to 1.18.0. Impacted is an unknown function. Performing manipulation results in path traversal.
This vulnerability is reported as CVE-2019-17109. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
Mydata
10 months ago
You must login to view this content
cohenido
Скрытая бомба в корпоративных хранилищах: Apache Jackrabbit выдаёт злоумышленникам полный контроль
10 months ago
Миллионы серверов оказались беззащитными перед новой угрозой.
Red Hat security advisory (AV25-572)
10 months ago
Canadian Centre for Cyber Security
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
10 months ago
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent to government agencies, trade groups, and laws firms to gain information about U.S. strategy in trade talks with China.
The post Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks appeared first on Security Boulevard.
Jeffrey Burt
CVE-2025-9323 | Foxit PDF Reader JP2 File Parser out-of-bounds
10 months ago
A vulnerability was found in Foxit PDF Reader and classified as critical. This affects an unknown function of the component JP2 File Parser. Executing manipulation can lead to out-of-bounds read.
This vulnerability is registered as CVE-2025-9323. It is possible to launch the attack remotely. No exploit is available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-9324 | Foxit PDF Reader PRC File Parser out-of-bounds
10 months ago
A vulnerability was found in Foxit PDF Reader. It has been declared as critical. Affected is an unknown function of the component PRC File Parser. The manipulation results in out-of-bounds read.
This vulnerability is reported as CVE-2025-9324. The attack can be launched remotely. No exploit exists.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-9325 | Foxit PDF Reader PRC File Parser out-of-bounds
10 months ago
A vulnerability was found in Foxit PDF Reader. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component PRC File Parser. This manipulation causes out-of-bounds read.
This vulnerability appears as CVE-2025-9325. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2025-9327 | Foxit PDF Reader PRC File Parser out-of-bounds
10 months ago
A vulnerability categorized as critical has been discovered in Foxit PDF Reader. Affected by this issue is some unknown functionality of the component PRC File Parser. Such manipulation leads to out-of-bounds read.
This vulnerability is traded as CVE-2025-9327. The attack may be launched remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-9841 | code-projects Mobile Shop Management System 1.0 AddNewProduct.php ProductImage unrestricted upload
10 months ago
A vulnerability was found in code-projects Mobile Shop Management System 1.0. It has been classified as critical. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-2025-9841. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-9766 | itsourcecode Sports Management System 1.0 /Admin/facilitator.php sql injection (EUVD-2025-26331)
10 months ago
A vulnerability identified as critical has been detected in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/facilitator.php. Performing manipulation of the argument code results in sql injection.
This vulnerability is known as CVE-2025-9766. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-9730 | itsourcecode Apartment Management System 1.0 /ajax/updateProfile.php user_id sql injection
10 months ago
A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been declared as critical. The affected element is an unknown function of the file /ajax/updateProfile.php. The manipulation of the argument user_id results in sql injection.
This vulnerability is known as CVE-2025-9730. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com
CVE-2025-9726 | Campcodes Farm Management System 1.0 /review.php pid sql injection (EUVD-2025-26293)
10 months ago
A vulnerability classified as critical was found in Campcodes Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /review.php. The manipulation of the argument pid results in sql injection.
This vulnerability is cataloged as CVE-2025-9726. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-9729 | PHPGurukul Online Course Registration 3.1 student-registration.php studentname sql injection (EUVD-2025-26295)
10 months ago
A vulnerability has been found in PHPGurukul Online Course Registration 3.1 and classified as critical. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection.
This vulnerability is reported as CVE-2025-9729. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-49457 | Zoom Workplace up to 6.3.9 on Windows untrusted search path
10 months ago
A vulnerability was found in Zoom Workplace, Workplace VDI, Rooms, Rooms Controller and Meeting SDK up to 6.3.9 on Windows and classified as problematic. The impacted element is an unknown function. Such manipulation leads to untrusted search path.
This vulnerability is listed as CVE-2025-49457. The attack must be carried out locally. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com