CVE Alert: CVE-2025-32433
Vulnerability Summary: CVE-2025-32433 Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and...
Vulnerabilities
CVE Alert: CVE-2025-25230
Vulnerability Summary: CVE-2025-25230 Omnissa Horizon Client for Windows contains an LPE Vulnerability. A malicious actor with local access where Horizon...
CVE Alert: CVE-2025-31478
Vulnerability Summary: CVE-2025-31478 Zulip is an open-source team collaboration tool. Zulip supports a configuration where account creation is limited solely...
CVE Alert: CVE-2025-32787
Vulnerability Summary: CVE-2025-32787 SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL...
CVE Alert: CVE-2025-32783
Vulnerability Summary: CVE-2025-32783 XWiki Platform is a generic wiki platform. A vulnerability in versions from 5.0 to 16.7.1 affects users...
CVE Alert: CVE-2025-43703
Vulnerability Summary: CVE-2025-43703 An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controlled...
CVE Alert: CVE-2025-0757
Vulnerability Summary: CVE-2025-0757 Overview The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output...
CVE Alert: CVE-2025-0758
Vulnerability Summary: CVE-2025-0758 Overview The product specifies permissions for a security-critical resource in a way that allows that resource to...
CVE Alert: CVE-2025-0756
Vulnerability Summary: CVE-2025-0756 Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts...
CVE Alert: CVE-2025-43704
Vulnerability Summary: CVE-2025-43704 Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use HTTP Basic Authentication to...
CVE Alert: CVE-2025-24910
Vulnerability Summary: CVE-2025-24910 Overview XML documents optionally contain a Document Type Definition (DTD), which, among other features, enables the definition...
CVE Alert: CVE-2025-24911
Vulnerability Summary: CVE-2025-24911 Overview XML documents optionally contain a Document Type Definition (DTD), which, among other features, enables the definition...
CVE Alert: CVE-2025-24907
Vulnerability Summary: CVE-2025-24907 Overview The product uses external input to construct a pathname that should be within a restricted directory,...
CVE Alert: CVE-2025-24909
Vulnerability Summary: CVE-2025-24909 Overview The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output...
CVE Alert: CVE-2025-24908
Vulnerability Summary: CVE-2025-24908 Overview The product uses external input to construct a pathname that should be within a restricted directory,...
CVE Alert: CVE-2025-26730
Vulnerability Summary: CVE-2025-26730 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NotFound Macro Calculator with Admin...
CVE Alert: CVE-2025-22263
Vulnerability Summary: CVE-2025-22263 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Global Gallery allows Reflected...
CVE Alert: CVE-2025-26740
Vulnerability Summary: CVE-2025-26740 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in burgersoftware SpaBiz allows DOM-Based XSS....
CVE Alert: CVE-2025-22268
Vulnerability Summary: CVE-2025-22268 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for...
CVE Alert: CVE-2025-26746
Vulnerability Summary: CVE-2025-26746 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Advanced Custom Fields: Link...
CVE Alert: CVE-2025-26903
Vulnerability Summary: CVE-2025-26903 Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery allows Cross Site Request Forgery. This issue affects...
CVE Alert: CVE-2025-24315
Vulnerability Summary: CVE-2025-24315 Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary...
CVE Alert: CVE-2025-26906
Vulnerability Summary: CVE-2025-26906 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User...
CVE Alert: CVE-2025-25276
Vulnerability Summary: CVE-2025-25276 An unauthenticated attacker can hijack other users' devices and potentially control them. Affected Endpoints: No affected endpoints...
