Total
16 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-3855 | 1 Fairsketch | 1 Rise Ultimate Project Manager | 2025-08-01 | N/A | 4.3 MEDIUM |
| A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php/team_members/save_profile_image/ of the component Profile Picture Handler. The manipulation of the argument profile_image_file leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-6602 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-20 | N/A | 5.3 MEDIUM |
| A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists. | |||||
| CVE-2023-6603 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-20 | N/A | 7.5 HIGH |
| A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization. | |||||
| CVE-2025-2410 | 2025-05-23 | N/A | N/A | ||
| Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP port access if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. | |||||
| CVE-2025-3405 | 2025-04-08 | N/A | 4.3 MEDIUM | ||
| A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /rest/cliente/ObterPedido/ of the component HTTP GET Request Handler. The manipulation of the argument ORDER_ID leads to improper control of resource identifiers. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-2125 | 1 Assaabloy | 1 Control Id Rhid | 2025-03-24 | N/A | 4.3 MEDIUM |
| A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovante_marcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of resource identifiers. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-1642 | 1 Modernasistemas | 1 Modernanet | 2025-02-28 | N/A | 7.5 HIGH |
| A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooId=1. The manipulation of the argument fooId leads to improper control of resource identifiers. The attack can be initiated remotely. Upgrading to version 1.1.1 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2025-1645 | 2025-02-25 | N/A | 6.3 MEDIUM | ||
| A vulnerability classified as critical was found in Benner Connecta 1.0.5330. Affected by this vulnerability is an unknown functionality of the file /Usuarios/Usuario/EditarLogado/. The manipulation of the argument Handle leads to improper control of resource identifiers. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-1575 | 2025-02-23 | N/A | 4.3 MEDIUM | ||
| A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function of the file /diagsystem/PACS/atualatendimento_jpeg.php. The manipulation of the argument cod/codexame leads to improper control of resource identifiers. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2022-39369 | 2 Apereo, Fedoraproject | 2 Phpcas, Fedora | 2023-11-07 | N/A | 8.0 HIGH |
| phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a valid ticket granted for any authorized service in the same SSO realm (CAS server) to authenticate to the service protected by phpCAS. Depending on the settings of the CAS server service registry in worst case this may be any other service URL (if the allowed URLs are configured to "^(https)://.*") or may be strictly limited to known and authorized services in the same SSO federation if proper URL service validation is applied. This vulnerability may allow an attacker to gain access to a victim's account on a vulnerable CASified service without victim's knowledge, when the victim visits attacker's website while being logged in to the same CAS server. phpCAS 1.6.0 is a major version upgrade that starts enforcing service URL discovery validation, because there is unfortunately no 100% safe default config to use in PHP. Starting this version, it is required to pass in an additional service base URL argument when constructing the client class. For more information, please refer to the upgrading doc. This vulnerability only impacts the CAS client that the phpCAS library protects against. The problematic service URL discovery behavior in phpCAS < 1.6.0 will only be disabled, and thus you are not impacted from it, if the phpCAS configuration has the following setup: 1. `phpCAS::setUrl()` is called (a reminder that you have to pass in the full URL of the current page, rather than your service base URL), and 2. `phpCAS::setCallbackURL()` is called, only when the proxy mode is enabled. 3. If your PHP's HTTP header input `X-Forwarded-Host`, `X-Forwarded-Server`, `Host`, `X-Forwarded-Proto`, `X-Forwarded-Protocol` is sanitized before reaching PHP (by a reverse proxy, for example), you will not be impacted by this vulnerability either. If your CAS server service registry is configured to only allow known and trusted service URLs the severity of the vulnerability is reduced substantially in its severity since an attacker must be in control of another authorized service. Otherwise, you should upgrade the library to get the safe service discovery behavior. | |||||
| CVE-2016-8615 | 1 Haxx | 1 Curl | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. | |||||
| CVE-2022-3774 | 1 Train Scheduler App Project | 1 Train Scheduler App | 2022-11-01 | N/A | 9.1 CRITICAL |
| A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /train_scheduler_app/?action=delete. The manipulation of the argument id leads to improper control of resource identifiers. The attack may be launched remotely. The identifier of this vulnerability is VDB-212504. | |||||
| CVE-2022-27670 | 1 Sap | 1 Sql Anywhere | 2022-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use indirect identifiers. | |||||
| CVE-2021-42360 | 1 Brainstormforce | 1 Starter Templates | 2021-11-19 | 3.5 LOW | 5.4 MEDIUM |
| On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page using the astra-page-elementor-batch-process AJAX action. An attacker could craft and host a block containing malicious JavaScript on a server they controlled, and then use it to overwrite any post or page by sending an AJAX request with the action set to astra-page-elementor-batch-process and the url parameter pointed to their remotely-hosted malicious block, as well as an id parameter containing the post or page to overwrite. Any post or page that had been built with Elementor, including published pages, could be overwritten by the imported block, and the malicious JavaScript in the imported block would then be executed in the browser of any visitors to that page. | |||||
| CVE-2017-5159 | 1 Phoenixcontact | 1 Mguard Firmware | 2021-08-31 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. When updating an mGuard device to Version 8.4.0 via the update-upload facility, the update will succeed, but it will reset the password of the admin user to its default value. | |||||
| CVE-2019-1860 | 1 Cisco | 1 Unified Intelligence Center | 2019-05-17 | 4.0 MEDIUM | 5.9 MEDIUM |
| A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a user’s browser and Cisco Unified Intelligence Center. The vulnerability is due to the lack of gadget validation. An attacker could exploit this vulnerability by forcing a user to load a malicious gadget. A successful exploit could allow the attacker to obtain sensitive information, such as current user credentials, or manipulate data between the user’s browser and Cisco Unified Intelligence Center in the context of the malicious gadget. | |||||