CVE Alert: CVE-2025-32783
Vulnerability Summary: CVE-2025-32783 XWiki Platform is a generic wiki platform. A vulnerability in versions from 5.0 to 16.7.1 affects users...
CVE
CVE Alert: CVE-2025-43703
Vulnerability Summary: CVE-2025-43703 An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controlled...
CVE Alert: CVE-2025-0757
Vulnerability Summary: CVE-2025-0757 Overview The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output...
CVE Alert: CVE-2025-0758
Vulnerability Summary: CVE-2025-0758 Overview The product specifies permissions for a security-critical resource in a way that allows that resource to...
CVE Alert: CVE-2025-0756
Vulnerability Summary: CVE-2025-0756 Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts...
CVE Alert: CVE-2025-43704
Vulnerability Summary: CVE-2025-43704 Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use HTTP Basic Authentication to...
CVE Alert: CVE-2025-24910
Vulnerability Summary: CVE-2025-24910 Overview XML documents optionally contain a Document Type Definition (DTD), which, among other features, enables the definition...
CVE Alert: CVE-2025-24909
Vulnerability Summary: CVE-2025-24909 Overview The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output...
CVE Alert: CVE-2025-24908
Vulnerability Summary: CVE-2025-24908 Overview The product uses external input to construct a pathname that should be within a restricted directory,...
CVE Alert: CVE-2025-24911
Vulnerability Summary: CVE-2025-24911 Overview XML documents optionally contain a Document Type Definition (DTD), which, among other features, enables the definition...
CVE Alert: CVE-2025-24907
Vulnerability Summary: CVE-2025-24907 Overview The product uses external input to construct a pathname that should be within a restricted directory,...
CVE Alert: CVE-2025-26730
Vulnerability Summary: CVE-2025-26730 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NotFound Macro Calculator with Admin...
CVE Alert: CVE-2025-22263
Vulnerability Summary: CVE-2025-22263 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Global Gallery allows Reflected...
CVE Alert: CVE-2025-26740
Vulnerability Summary: CVE-2025-26740 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in burgersoftware SpaBiz allows DOM-Based XSS....
CVE Alert: CVE-2025-22268
Vulnerability Summary: CVE-2025-22268 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for...
CVE Alert: CVE-2025-26746
Vulnerability Summary: CVE-2025-26746 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Advanced Custom Fields: Link...
CVE Alert: CVE-2025-24850
Vulnerability Summary: CVE-2025-24850 An attacker can export other users' plant information. Affected Endpoints: No affected endpoints listed. Published Date: 4/15/2025,...
CVE Alert: CVE-2025-26903
Vulnerability Summary: CVE-2025-26903 Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery allows Cross Site Request Forgery. This issue affects...
CVE Alert: CVE-2025-24315
Vulnerability Summary: CVE-2025-24315 Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary...
CVE Alert: CVE-2025-26906
Vulnerability Summary: CVE-2025-26906 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User...
CVE Alert: CVE-2025-25276
Vulnerability Summary: CVE-2025-25276 An unauthenticated attacker can hijack other users' devices and potentially control them. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-26749
Vulnerability Summary: CVE-2025-26749 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs...
CVE Alert: CVE-2025-26880
Vulnerability Summary: CVE-2025-26880 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Skill Bar allows...
CVE Alert: CVE-2025-26857
Vulnerability Summary: CVE-2025-26857 Unauthenticated attackers can rename arbitrary devices of arbitrary users (i.e., EV chargers). Affected Endpoints: No affected endpoints...
