| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter (reflected DOM XSS). |
| A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability. |
| Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vulnerability. During installation, the installer runs with elevated privileges and loads Windows DLLs using an uncontrolled search path, which can cause a malicious DLL placed alongside the installer to be loaded instead of the intended system library. A local attacker who can convince a victim to run the installer from a directory containing the attacker-supplied DLL can achieve arbitrary code execution with administrator privileges. |
| A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks. |
| MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject malicious executables and escalate privileges. |
| Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allows attackers to inject malicious scripts through the 'path' parameter. Attackers can craft a payload with script tags to execute arbitrary JavaScript in the context of administrative users viewing the nodejs configuration page. |
| IDT PC Audio 1.0.6499.0 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the STacSV service to inject malicious code that would execute with LocalSystem account permissions during service startup. |
| Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like '<script>alert(document.cookie)</script>' to execute arbitrary JavaScript when the profile is viewed by other users. |
| A flaw was found in KubeVirt Containerized Data Importer (CDI). This vulnerability allows a user to clone PersistentVolumeClaims (PVCs) from unauthorized namespaces, resulting in unauthorized access to data via the DataImportCron PVC source mechanism. |
| Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character length via crafted input in the browser developer console, possibly leading to service disruption or full compromise. |
| Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security. |
| A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection. |
| Tanium addressed an improper input validation vulnerability in Discover. |
| A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. |
| There is a Cross Site Scripting issue in Esri ArcGIS Pro versions 3.6.0 and earlier. A local attacker could supply malicious strings into ArcGIS Pro which may execute when a specific dialog is opened. This issue is fixed in ArcGIS Pro 3.6.1. |
| Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack.
The vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints, and could lead to server crashes, out-of-memory exceptions or excessive CPU usage; depending on the vulnerable code path being exercised, the application configuration and application code.
Strongly consider upgrading to the latest package versions to reduce risk and prevent availability issues in applications using React Server Components. |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) implement an insecure Cross-Origin Resource Sharing (CORS) policy on authenticated administrative endpoints. The device sets Access-Control-Allow-Origin: * in combination with Access-Control-Allow-Credentials: true, allowing attacker-controlled origins to issue credentialed cross-origin requests. |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) fail to include the X-Content-Type-Options: nosniff response header on web management interfaces. As a result, browsers that perform MIME sniffing may incorrectly interpret attacker-influenced responses as executable script. |
| HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problem_import_qduoj.php and problem_import_hoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file containing files with path traversal sequences (e.g., ../../shell.php). When extracted by the server, this allows writing files to arbitrary locations in the web root, leading to Remote Code Execution (RCE). Version 26.01.24 contains a fix for the issue. |
| SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted. |
