CVE Alert: CVE-2024-11216
Vulnerability Summary: CVE-2024-11216 Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK...
CVE
CVE Alert: CVE-2024-13471
Vulnerability Summary: CVE-2024-13471 The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a...
CVE Alert: CVE-2025-23416
Vulnerability Summary: CVE-2025-23416 Path traversal may lead to arbitrary file deletion. The score without least privilege principle violation is as...
CVE Alert: CVE-2025-21095
Vulnerability Summary: CVE-2025-21095 Path traversal may lead to arbitrary file download. The score without least privilege principle violation is as...
CVE Alert: CVE-2023-38693
Vulnerability Summary: CVE-2023-38693 Lucee Server (or simply Lucee) is a dynamic, Java based, tag and scripting language used for rapid...
CVE Alert: CVE-2025-24494
Vulnerability Summary: CVE-2025-24494 Path traversal may allow remote code execution using privileged account (requires device admin account, cannot be performed...
CVE Alert: CVE-2025-22212
Vulnerability Summary: CVE-2025-22212 A SQL injection vulnerability in the ConvertForms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers...
CVE Alert: CVE-2024-11035
Vulnerability Summary: CVE-2024-11035 Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak vulnerability, which...
CVE Alert: CVE-2025-27411
Vulnerability Summary: CVE-2025-27411 REDAXO is a PHP-based CMS. In Redaxo before 5.18.3, the mediapool/media page is vulnerable to arbitrary file...
CVE Alert: CVE-2025-27412
Vulnerability Summary: CVE-2025-27412 REDAXO is a PHP-based CMS. In Redaxo from 5.0.0 through 5.18.2, the rex-api-result parameter is vulnerable to...
CVE Alert: CVE-2025-24521
Vulnerability Summary: CVE-2025-24521 External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is...
CVE Alert: CVE-2025-20208
Vulnerability Summary: CVE-2025-20208 A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged,...
CVE Alert: CVE-2025-2003
Vulnerability Summary: CVE-2025-2003 Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass...
CVE Alert: CVE-2025-20206
Vulnerability Summary: CVE-2025-20206 A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an...
CVE Alert: CVE-2024-53458
Vulnerability Summary: CVE-2024-53458 Sysax Multi Server 6.99 is vulnerable to a denial of service (DoS) condition when processing specially crafted...
CVE Alert: CVE-2025-27508
Vulnerability Summary: CVE-2025-27508 Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum...
CVE Alert: CVE-2025-27513
Vulnerability Summary: CVE-2025-27513 OpenTelemetry dotnet is a dotnet telemetry framework. A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause...
CVE Alert: CVE-2025-27426
Vulnerability Summary: CVE-2025-27426 Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website...
CVE Alert: CVE-2025-27424
Vulnerability Summary: CVE-2025-27424 Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a...
CVE Alert: CVE-2025-1932
Vulnerability Summary: CVE-2025-1932 An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122...
CVE Alert: CVE-2025-1933
Vulnerability Summary: CVE-2025-1933 On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from...
CVE Alert: CVE-2025-27425
Vulnerability Summary: CVE-2025-27425 Scanning certain QR codes that included text with a website URL could allow the URL to be...
CVE Alert: CVE-2024-50705
Vulnerability Summary: CVE-2024-50705 Unauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary...
CVE Alert: CVE-2024-50706
Vulnerability Summary: CVE-2024-50706 Unauthenticated SQL injection vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary SQL queries...
