CVE Alert: CVE-2025-8335
Vulnerability Summary: CVE-2025-8335 A vulnerability classified as problematic has been found in code-projects Simple Car Rental System 1.0. This affects...
Vulnerabilities
CVE Alert: CVE-2025-8336
Vulnerability Summary: CVE-2025-8336 A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects...
CVE Alert: CVE-2025-6504
Vulnerability Summary: CVE-2025-6504 In HDP Server versions below 4.6.2.2978 on Linux, unauthorized access could occur via IP spoofing using the...
CVE Alert: CVE-2025-41241
Vulnerability Summary: CVE-2025-41241 VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission...
CVE Alert: CVE-2025-5587
Vulnerability Summary: CVE-2025-5587 The Appzend theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all...
CVE Alert: CVE-2025-6175
Vulnerability Summary: CVE-2025-6175 Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in DECE Software Geodi allows HTTP Request Splitting.This issue...
CVE Alert: CVE-2025-6505
Vulnerability Summary: CVE-2025-6505 Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress Software's Hybrid Data Pipeline...
CVE Alert: CVE-2025-50738
Vulnerability Summary: CVE-2025-50738 The Memos application, up to version v0.24.3, allows for the embedding of markdown images with arbitrary URLs....
CVE Alert: CVE-2025-51970
Vulnerability Summary: CVE-2025-51970 A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due...
CVE Alert: CVE-2025-6060
Vulnerability Summary: CVE-2025-6060 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in DECE Software Geodi...
CVE Alert: CVE-2025-28172
Vulnerability Summary: CVE-2025-28172 Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker...
CVE Alert: CVE-2025-52358
Vulnerability Summary: CVE-2025-52358 A cross-site scripting vulnerability in Vivaldi United Group iCONTROL+ Server including Firmware version 4.7.8.0.eden Logic version 5.32...
CVE Alert: CVE-2025-44136
Vulnerability Summary: CVE-2025-44136 MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter "layer" is reflected in...
CVE Alert: CVE-2025-44137
Vulnerability Summary: CVE-2025-44137 MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering...
CVE Alert: CVE-2025-28170
Vulnerability Summary: CVE-2025-28170 Grandstream Networks GXP1628
CVE Alert: CVE-2025-28171
Vulnerability Summary: CVE-2025-28171 An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via...
CVE Alert: CVE-2025-46059
Vulnerability Summary: CVE-2025-46059 langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability...
CVE Alert: CVE-2025-36010
Vulnerability Summary: CVE-2025-36010 IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 could allow an unauthenticated user to cause a denial...
CVE Alert: CVE-2025-2533
Vulnerability Summary: CVE-2025-2533 IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the...
CVE Alert: CVE-2025-31965
Vulnerability Summary: CVE-2025-31965 Improper access restrictions in HCL BigFix Remote Control Server WebUI (versions 10.1.0.0248 and lower) allow non-admin users...
CVE Alert: CVE-2025-2928
Vulnerability Summary: CVE-2025-2928 SQL Injection affecting the Archiver role. Affected Endpoints: No affected endpoints listed. Published Date: 7/29/2025, 6:15:27 PM...
CVE Alert: CVE-2025-27514
Vulnerability Summary: CVE-2025-27514 GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses...
CVE Alert: CVE-2025-5043
Vulnerability Summary: CVE-2025-5043 A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based...
CVE Alert: CVE-2025-5038
Vulnerability Summary: CVE-2025-5038 A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability....
