CVE Alert: CVE-2025-32796
Vulnerability Summary: CVE-2025-32796 Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in...
Vulnerabilities
CVE Alert: CVE-2024-41447
Vulnerability Summary: CVE-2024-41447 A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts...
CVE Alert: CVE-2025-29513
Vulnerability Summary: CVE-2025-29513 Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code in...
CVE Alert: CVE-2025-29512
Vulnerability Summary: CVE-2025-29512 Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and...
CVE Alert: CVE-2025-32442
Vulnerability Summary: CVE-2025-32442 Fastify is a fast and low overhead web framework, for Node.js. In versions 5.0.0 to 5.3.0, applications...
CVE Alert: CVE-2025-28355
Vulnerability Summary: CVE-2025-28355 Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute...
CVE Alert: CVE-2025-36625
Vulnerability Summary: CVE-2025-36625 In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http...
CVE Alert: CVE-2025-3795
Vulnerability Summary: CVE-2025-3795 A vulnerability was found in DaiCuo 1.3.13. It has been rated as problematic. Affected by this issue...
CVE Alert: CVE-2025-25985
Vulnerability Summary: CVE-2025-25985 An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to...
CVE Alert: CVE-2025-24914
Vulnerability Summary: CVE-2025-24914 When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did...
CVE Alert: CVE-2025-32377
Vulnerability Summary: CVE-2025-32377 Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models...
CVE Alert: CVE-2025-25984
Vulnerability Summary: CVE-2025-25984 An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to...
CVE Alert: CVE-2025-25983
Vulnerability Summary: CVE-2025-25983 An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64...
CVE Alert: CVE-2025-3796
Vulnerability Summary: CVE-2025-3796 A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects...
CVE Alert: CVE-2025-32953
Vulnerability Summary: CVE-2025-32953 z80pack is a mature emulator of multiple platforms with 8080 and Z80 CPU. In version 1.38 and...
CVE Alert: CVE-2025-43903
Vulnerability Summary: CVE-2025-43903 NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature...
CVE Alert: CVE-2025-39464
Vulnerability Summary: CVE-2025-39464 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtowebsites AdminQuickbar allows Reflected XSS....
CVE Alert: CVE-2025-39526
Vulnerability Summary: CVE-2025-39526 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark...
CVE Alert: CVE-2025-39521
Vulnerability Summary: CVE-2025-39521 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani Contact Form vCard...
CVE Alert: CVE-2025-39519
Vulnerability Summary: CVE-2025-39519 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtpHarry Bulk Page Stub Creator...
CVE Alert: CVE-2025-39562
Vulnerability Summary: CVE-2025-39562 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Payment Form for PayPal...
CVE Alert: CVE-2025-39550
Vulnerability Summary: CVE-2025-39550 Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity allows Object Injection. This issue affects FluentCommunity: from...
CVE Alert: CVE-2025-39554
Vulnerability Summary: CVE-2025-39554 Missing Authorization vulnerability in Elliot Sowersby / RelyWP AI Text to Speech allows Exploiting Incorrectly Configured Access...
CVE Alert: CVE-2025-39559
Vulnerability Summary: CVE-2025-39559 Missing Authorization vulnerability in Eivin Landa Bring Fraktguiden for WooCommerce allows Exploiting Incorrectly Configured Access Control Security...
