Aggregator

CVE-2025-6496 | HTACG tidy-html5 5.8.0 src/parser.c InsertNodeAsParent null pointer dereference (Issue 1141 / EUVD-2025-18857)

Vuldb Updates
9 months 2 weeks ago
A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-6496. Local access is required to approach this attack. Furthermore, there is an exploit available.
vuldb.com

CVE-2019-11358 | Oracle Financial Services - Regulatory Reporting for US Federal Reserve - Lombard Risk Integration Pack jQuery cross site scripting (EDB-52141 / Nessus ID 208606)

Vuldb Updates
9 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Oracle Financial Services - Regulatory Reporting for US Federal Reserve - Lombard Risk Integration Pack 8.0.4/8.0.5/8.0.6/8.0.7. Affected by this issue is some unknown functionality of the component jQuery. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2019-11358. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-56924 | CodeAstro Internet Banking System 2.0.0 Admin Page pages_account cross-site request forgery (EUVD-2024-53451)

Vuldb Updates
9 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 2.0.0. This affects an unknown part of the component Admin Page. The manipulation of the argument pages_account leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-56924. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2024-56908 | Perfex CRM up to 3.2.0 HTTP POST Request upload_sales_file rel_id improper authentication (EUVD-2024-53448)

Vuldb Updates
9 months 2 weeks ago
A vulnerability was found in Perfex CRM up to 3.2.0. It has been declared as critical. This vulnerability affects the function upload_sales_file of the component HTTP POST Request Handler. The manipulation of the argument rel_id leads to improper authentication. This vulnerability was named CVE-2024-56908. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Lynx

Dark Feed IO
9 months 2 weeks ago

You must login to view this content

cohenido

Managed ad