CVE Alert: CVE-2025-48952
Vulnerability Summary: CVE-2025-48952 NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerability in the...
Vulnerabilities
CVE Alert: CVE-2025-7069
Vulnerability Summary: CVE-2025-7069 A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FS__sect_link_size...
CVE Alert: CVE-2025-27449
Vulnerability Summary: CVE-2025-27449 The MEAC300-FNADE4 does not implement sufficient measures to prevent multiple failed authentication attempts within a short time...
CVE Alert: CVE-2025-27447
Vulnerability Summary: CVE-2025-27447 The web application is susceptible to cross-site-scripting attacks. An attacker can create a prepared URL, which injects...
CVE Alert: CVE-2025-27451
Vulnerability Summary: CVE-2025-27451 For failed login attempts, the application returns different error messages depending on whether the login failed due...
CVE Alert: CVE-2025-27448
Vulnerability Summary: CVE-2025-27448 The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboards can inject...
CVE Alert: CVE-2025-27450
Vulnerability Summary: CVE-2025-27450 The Secure attribute is missing on multiple cookies provided by the MEAC300-FNADE4. An attacker can trick a...
CVE Alert: CVE-2025-27456
Vulnerability Summary: CVE-2025-27456 The SMB server's login mechanism does not implement sufficient measures to prevent multiple failed authentication attempts within...
CVE Alert: CVE-2025-27457
Vulnerability Summary: CVE-2025-27457 All communication between the VNC server and client(s) is unencrypted. This allows an attacker to intercept the...
CVE Alert: CVE-2025-1711
Vulnerability Summary: CVE-2025-1711 Multiple services of the DUT as well as different scopes of the same service reuse the same...
CVE Alert: CVE-2025-27458
Vulnerability Summary: CVE-2025-27458 The VNC authentication mechanism bases on a challenge-response system where both server and client use the same...
CVE Alert: CVE-2025-1710
Vulnerability Summary: CVE-2025-1710 The maxView Storage Manager does not implement sufficient measures to prevent multiple failed authentication attempts within a...
CVE Alert: CVE-2025-27455
Vulnerability Summary: CVE-2025-27455 The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing...
CVE Alert: CVE-2025-27454
Vulnerability Summary: CVE-2025-27454 The application is vulnerable to cross-site request forgery. An attacker can trick a valid, logged in user...
CVE Alert: CVE-2025-27453
Vulnerability Summary: CVE-2025-27453 The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed...
CVE Alert: CVE-2025-27452
Vulnerability Summary: CVE-2025-27452 The configuration of the Apache httpd webserver which serves the MEAC300-FNADE4 web application, is partly insecure. There...
CVE Alert: CVE-2025-2540
Vulnerability Summary: CVE-2025-2540 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library (version...
CVE Alert: CVE-2025-27460
Vulnerability Summary: CVE-2025-27460 The hard drives of the device are not encrypted using a full volume encryption feature such as...
CVE Alert: CVE-2025-2537
Vulnerability Summary: CVE-2025-2537 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library...
CVE Alert: CVE-2025-27459
Vulnerability Summary: CVE-2025-27459 The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES...
CVE Alert: CVE-2025-49618
Vulnerability Summary: CVE-2025-49618 In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint....
CVE Alert: CVE-2025-27461
Vulnerability Summary: CVE-2025-27461 During startup, the device automatically logs in the EPC2 Windows user without requesting a password. Affected Endpoints:...
CVE Alert: CVE-2025-3702
Vulnerability Summary: CVE-2025-3702 Missing Authorization vulnerability in Melapress Melapress File Monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...
CVE Alert: CVE-2025-43713
Vulnerability Summary: CVE-2025-43713 ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system...
