CVE Alert: CVE-2025-26803
Vulnerability Summary: CVE-2025-26803 The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during...
Vulnerabilities
CVE Alert: CVE-2025-25460
Vulnerability Summary: CVE-2025-25460 A stored Cross-Site Scripting (XSS) vulnerability was identified in FlatPress 1.3.1 within the "Add Entry" feature. This...
CVE Alert: CVE-2025-27356
Vulnerability Summary: CVE-2025-27356 Missing Authorization vulnerability in Hardik Sticky Header On Scroll allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-27357
Vulnerability Summary: CVE-2025-27357 Cross-Site Request Forgery (CSRF) vulnerability in Musa AVCI Önceki Yazı Link allows Cross Site Request Forgery. This...
CVE Alert: CVE-2025-22495
Vulnerability Summary: CVE-2025-22495 An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card....
CVE Alert: CVE-2025-27364
Vulnerability Summary: CVE-2025-27364 In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found...
CVE Alert: CVE-2025-26201
Vulnerability Summary: CVE-2025-26201 Credential disclosure vulnerability via the /staff route in GreaterWMS
CVE Alert: CVE-2025-26200
Vulnerability Summary: CVE-2025-26200 SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in...
CVE Alert: CVE-2024-54820
Vulnerability Summary: CVE-2024-54820 XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login...
CVE Alert: CVE-2025-26527
Vulnerability Summary: CVE-2025-26527 Tags not expected to be visible to a user could still be discovered by them via the...
CVE Alert: CVE-2025-26529
Vulnerability Summary: CVE-2025-26529 Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS...
CVE Alert: CVE-2025-26528
Vulnerability Summary: CVE-2025-26528 The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk. Affected...
CVE Alert: CVE-2025-26530
Vulnerability Summary: CVE-2025-26530 The question bank filter required additional sanitizing to prevent a reflected XSS risk. Affected Endpoints: No affected...
CVE Alert: CVE-2025-26531
Vulnerability Summary: CVE-2025-26531 Insufficient capability checks made it possible to disable badges a user does not have permission to access....
CVE Alert: CVE-2025-26526
Vulnerability Summary: CVE-2025-26526 Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses...
CVE Alert: CVE-2025-26533
Vulnerability Summary: CVE-2025-26533 An SQL injection risk was identified in the module list filter within course search. Affected Endpoints: No...
CVE Alert: CVE-2025-26525
Vulnerability Summary: CVE-2025-26525 Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where...
CVE Alert: CVE-2025-27137
Vulnerability Summary: CVE-2025-27137 Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software...
CVE Alert: CVE-2025-26532
Vulnerability Summary: CVE-2025-26532 Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored. Affected...
CVE Alert: CVE-2025-1577
Vulnerability Summary: CVE-2025-1577 A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected...
CVE Alert: CVE-2025-1576
Vulnerability Summary: CVE-2025-1576 A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by...
CVE Alert: CVE-2025-1575
Vulnerability Summary: CVE-2025-1575 A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function...
CVE Alert: CVE-2024-13728
Vulnerability Summary: CVE-2024-13728 The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via...
CVE Alert: CVE-2025-1580
Vulnerability Summary: CVE-2025-1580 A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as...
