CVE Alert: CVE-2025-32952
Vulnerability Summary: CVE-2025-32952 Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In...
CVE
CVE Alert: CVE-2025-32960
Vulnerability Summary: CVE-2025-32960 The CUBA REST API add-on performs operations on data and entities. Prior to version 7.2.7, the input...
CVE Alert: CVE-2025-32959
Vulnerability Summary: CVE-2025-32959 CUBA Platform is a high level framework for enterprise applications development. Prior to version 7.2.23, the local...
CVE Alert: CVE-2025-43948
Vulnerability Summary: CVE-2025-43948 Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value...
CVE Alert: CVE-2025-43947
Vulnerability Summary: CVE-2025-43947 Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all...
CVE Alert: CVE-2025-43952
Vulnerability Summary: CVE-2025-43952 A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440)....
CVE Alert: CVE-2024-53569
Vulnerability Summary: CVE-2024-53569 A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg Personal Management System...
CVE Alert: CVE-2025-23253
Vulnerability Summary: CVE-2025-23253 NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could...
CVE Alert: CVE-2025-29743
Vulnerability Summary: CVE-2025-29743 D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-29621
Vulnerability Summary: CVE-2025-29621 Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under...
CVE Alert: CVE-2025-31328
Vulnerability Summary: CVE-2025-31328 SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user...
CVE Alert: CVE-2025-26159
Vulnerability Summary: CVE-2025-26159 Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting (XSS) in the tags feature. Any user with...
CVE Alert: CVE-2025-31327
Vulnerability Summary: CVE-2025-31327 SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which...
CVE Alert: CVE-2025-43966
Vulnerability Summary: CVE-2025-43966 libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-43967
Vulnerability Summary: CVE-2025-43967 libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can...
CVE Alert: CVE-2025-43961
Vulnerability Summary: CVE-2025-43961 In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. Affected Endpoints:...
CVE Alert: CVE-2025-43964
Vulnerability Summary: CVE-2025-43964 In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and...
CVE Alert: CVE-2025-43973
Vulnerability Summary: CVE-2025-43973 An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds...
CVE Alert: CVE-2025-43963
Vulnerability Summary: CVE-2025-43963 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not...
CVE Alert: CVE-2025-43972
Vulnerability Summary: CVE-2025-43972 An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go...
CVE Alert: CVE-2025-43962
Vulnerability Summary: CVE-2025-43962 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large...
CVE Alert: CVE-2025-43970
Vulnerability Summary: CVE-2025-43970 An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.,...
CVE Alert: CVE-2024-41446
Vulnerability Summary: CVE-2024-41446 A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts...
CVE Alert: CVE-2025-32408
Vulnerability Summary: CVE-2025-32408 In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled. Affected Endpoints: No...
