CVE Alert: CVE-2025-26850
Vulnerability Summary: CVE-2025-26850 The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1.19 potentially allows...
CVE
CVE Alert: CVE-2025-53603
Vulnerability Summary: CVE-2025-53603 In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via...
CVE Alert: CVE-2025-53604
Vulnerability Summary: CVE-2025-53604 The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in...
CVE Alert: CVE-2025-47227
Vulnerability Summary: CVE-2025-47227 In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is...
CVE Alert: CVE-2025-7074
Vulnerability Summary: CVE-2025-7074 A vulnerability classified as problematic has been found in vercel hyper up to 3.4.1. This affects the...
CVE Alert: CVE-2023-50786
Vulnerability Summary: CVE-2023-50786 Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of forcing the use of embedded...
CVE Alert: CVE-2025-47228
Vulnerability Summary: CVE-2025-47228 In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection...
CVE Alert: CVE-2025-32311
Vulnerability Summary: CVE-2025-32311 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Pressroom - News Magazine...
CVE Alert: CVE-2025-49247
Vulnerability Summary: CVE-2025-49247 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Team Showcase allows DOM-Based...
CVE Alert: CVE-2025-47565
Vulnerability Summary: CVE-2025-47565 Missing Authorization vulnerability in ashanjay EventON allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-39487
Vulnerability Summary: CVE-2025-39487 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ValvePress Rankie allows Reflected XSS....
CVE Alert: CVE-2025-47479
Vulnerability Summary: CVE-2025-47479 Weak Authentication vulnerability in AresIT WP Compress allows Authentication Abuse. This issue affects WP Compress: from n/a...
CVE Alert: CVE-2025-49414
Vulnerability Summary: CVE-2025-49414 Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery allows Using Malicious Files....
CVE Alert: CVE-2025-49245
Vulnerability Summary: CVE-2025-49245 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Testimonials Showcase allows Reflected...
CVE Alert: CVE-2025-48231
Vulnerability Summary: CVE-2025-48231 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Booking Calendar Contact Form...
CVE Alert: CVE-2025-47634
Vulnerability Summary: CVE-2025-47634 Missing Authorization vulnerability in Keylor Mendoza WC Pickup Store allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-49070
Vulnerability Summary: CVE-2025-49070 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme...
CVE Alert: CVE-2025-49302
Vulnerability Summary: CVE-2025-49302 Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy Stripe allows Remote Code...
CVE Alert: CVE-2025-49303
Vulnerability Summary: CVE-2025-49303 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Shabti Kaplan Frontend Admin...
CVE Alert: CVE-2025-49274
Vulnerability Summary: CVE-2025-49274 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awplife Neom Blog allows Reflected...
CVE Alert: CVE-2025-49431
Vulnerability Summary: CVE-2025-49431 Missing Authorization vulnerability in Gnuget MF Plus WPML allows Exploiting Incorrectly Configured Access Control Security Levels. This...
CVE Alert: CVE-2025-49866
Vulnerability Summary: CVE-2025-49866 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikel Beautiful Cookie Consent Banner...
CVE Alert: CVE-2025-49870
Vulnerability Summary: CVE-2025-49870 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Paid Member...
CVE Alert: CVE-2025-50032
Vulnerability Summary: CVE-2025-50032 Missing Authorization vulnerability in Paytiko - Payment Orchestration Platform Paytiko for WooCommerce allows Exploiting Incorrectly Configured Access...
