CVE Alert: CVE-2024-53569
Vulnerability Summary: CVE-2024-53569 A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg Personal Management System...
CVE
CVE Alert: CVE-2025-23253
Vulnerability Summary: CVE-2025-23253 NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could...
CVE Alert: CVE-2025-29743
Vulnerability Summary: CVE-2025-29743 D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-29621
Vulnerability Summary: CVE-2025-29621 Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under...
CVE Alert: CVE-2025-31328
Vulnerability Summary: CVE-2025-31328 SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user...
CVE Alert: CVE-2025-26159
Vulnerability Summary: CVE-2025-26159 Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting (XSS) in the tags feature. Any user with...
CVE Alert: CVE-2025-31327
Vulnerability Summary: CVE-2025-31327 SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which...
CVE Alert: CVE-2025-43966
Vulnerability Summary: CVE-2025-43966 libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-43967
Vulnerability Summary: CVE-2025-43967 libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can...
CVE Alert: CVE-2025-43961
Vulnerability Summary: CVE-2025-43961 In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. Affected Endpoints:...
CVE Alert: CVE-2025-43973
Vulnerability Summary: CVE-2025-43973 An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds...
CVE Alert: CVE-2025-43963
Vulnerability Summary: CVE-2025-43963 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not...
CVE Alert: CVE-2025-43964
Vulnerability Summary: CVE-2025-43964 In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and...
CVE Alert: CVE-2025-43972
Vulnerability Summary: CVE-2025-43972 An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go...
CVE Alert: CVE-2025-43962
Vulnerability Summary: CVE-2025-43962 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large...
CVE Alert: CVE-2025-43970
Vulnerability Summary: CVE-2025-43970 An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.,...
CVE Alert: CVE-2024-41446
Vulnerability Summary: CVE-2024-41446 A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts...
CVE Alert: CVE-2025-32408
Vulnerability Summary: CVE-2025-32408 In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled. Affected Endpoints: No...
CVE Alert: CVE-2025-43971
Vulnerability Summary: CVE-2025-43971 An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a...
CVE Alert: CVE-2025-43916
Vulnerability Summary: CVE-2025-43916 Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the...
CVE Alert: CVE-2024-42699
Vulnerability Summary: CVE-2024-42699 Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject...
CVE Alert: CVE-2025-28121
Vulnerability Summary: CVE-2025-28121 code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the...
CVE Alert: CVE-2025-29659
Vulnerability Summary: CVE-2025-29659 Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the...
CVE Alert: CVE-2025-29287
Vulnerability Summary: CVE-2025-29287 An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary...
