CVE Alert: CVE-2024-52680
Vulnerability Summary: CVE-2024-52680 EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn. Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2025-32094
Vulnerability Summary: CVE-2025-32094 An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under...
CVE Alert: CVE-2025-8576
Vulnerability Summary: CVE-2025-8576 Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially...
HackerOne Bug Bounty Disclosure: man-in-the-middle-through-broken-ssl-certificate-verification-kinnay
Company Name: Nintendo Company HackerOne URL: https://hackerone.com/nintendo Submitted By:kinnayLink to Submitters Profile:https://hackerone.com/kinnay Report Title:Man-in-the-middle through broken SSL certificate verificationReport Link:https://hackerone.com/reports/3174987Date...
CVE Alert: CVE-2025-50952
Vulnerability Summary: CVE-2025-50952 openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. Affected Endpoints:...
CVE Alert: CVE-2025-55133
Vulnerability Summary: CVE-2025-55133 In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js. Affected Endpoints: No...
CVE Alert: CVE-2025-47188
Vulnerability Summary: CVE-2025-47188 A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970...
CVE Alert: CVE-2025-55134
Vulnerability Summary: CVE-2025-55134 In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js. Affected Endpoints: No...
CVE Alert: CVE-2024-56339
Vulnerability Summary: CVE-2024-56339 IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote...
CVE Alert: CVE-2024-42048
Vulnerability Summary: CVE-2024-42048 OpenOrange Business Framework 1.15.5 provides unprivileged users with write access to the installation directory. Affected Endpoints: No...
CVE Alert: CVE-2025-55136
Vulnerability Summary: CVE-2025-55136 ERC (aka Emotion Recognition in Conversation) through 0.3 has insecure deserialization via a serialized object because jsonpickle...
CVE Alert: CVE-2025-44779
Vulnerability Summary: CVE-2025-44779 An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to...
CVE Alert: CVE-2025-47907
Vulnerability Summary: CVE-2025-47907 Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a...
CVE Alert: CVE-2025-55135
Vulnerability Summary: CVE-2025-55135 In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats...
CVE Alert: CVE-2025-54395
Vulnerability Summary: CVE-2025-54395 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. Affected Endpoints:...
CVE Alert: CVE-2025-54394
Vulnerability Summary: CVE-2025-54394 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote...
CVE Alert: CVE-2025-54396
Vulnerability Summary: CVE-2025-54396 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this....
CVE Alert: CVE-2025-24000
Vulnerability Summary: CVE-2025-24000 Authentication Bypass Using an Alternate Path or Channel vulnerability in WPExperts Post SMTP allows Authentication Bypass.This issue...
CVE Alert: CVE-2025-54393
Vulnerability Summary: CVE-2025-54393 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain...
CVE Alert: CVE-2025-55137
Vulnerability Summary: CVE-2025-55137 LinkJoin through 882f196 mishandles lacks type checking in password reset. Affected Endpoints: No affected endpoints listed. Published...
CVE Alert: CVE-2025-55138
Vulnerability Summary: CVE-2025-55138 LinkJoin through 882f196 mishandles token ownership in password reset. Affected Endpoints: No affected endpoints listed. Published Date:...
CVE Alert: CVE-2025-54392
Vulnerability Summary: CVE-2025-54392 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different...
CVE Alert: CVE-2025-54397
Vulnerability Summary: CVE-2025-54397 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated...
CVE Alert: CVE-2023-41521
Vulnerability Summary: CVE-2023-41521 Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the...
