Critical Identity and Communication Data Exposed in Unprotected NASA Hangar Demolition Doc Vulnerability Critical Identity and Communication Data Exposed in...
Vulnerability Summary: CVE-2025-8579 Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who...
Vulnerability Summary: CVE-2025-8577 Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who...
Vulnerability Summary: CVE-2025-8580 Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI...
Vulnerability Summary: CVE-2025-8581 Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a...
Vulnerability Summary: CVE-2025-8578 Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially...
Vulnerability Summary: CVE-2024-55401 An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal. Affected Endpoints:...
Vulnerability Summary: CVE-2025-35970 On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess...
Vulnerability Summary: CVE-2024-52680 EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn. Affected Endpoints: No affected endpoints listed....
Vulnerability Summary: CVE-2025-32094 An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under...
Vulnerability Summary: CVE-2025-8576 Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially...
Company Name: Nintendo Company HackerOne URL: https://hackerone.com/nintendo Submitted By:kinnayLink to Submitters Profile:https://hackerone.com/kinnay Report Title:Man-in-the-middle through broken SSL certificate verificationReport Link:https://hackerone.com/reports/3174987Date...
Vulnerability Summary: CVE-2025-50952 openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. Affected Endpoints:...
Vulnerability Summary: CVE-2025-55133 In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js. Affected Endpoints: No...
Vulnerability Summary: CVE-2025-47188 A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970...
Vulnerability Summary: CVE-2025-55134 In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js. Affected Endpoints: No...
Vulnerability Summary: CVE-2024-56339 IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote...
Vulnerability Summary: CVE-2024-42048 OpenOrange Business Framework 1.15.5 provides unprivileged users with write access to the installation directory. Affected Endpoints: No...
Vulnerability Summary: CVE-2025-55136 ERC (aka Emotion Recognition in Conversation) through 0.3 has insecure deserialization via a serialized object because jsonpickle...
Vulnerability Summary: CVE-2025-44779 An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to...
Vulnerability Summary: CVE-2025-47907 Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a...
Vulnerability Summary: CVE-2025-55135 In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats...
Vulnerability Summary: CVE-2025-54395 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. Affected Endpoints:...
Vulnerability Summary: CVE-2025-54394 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote...
