Skip to main content
CVE-2025-1782 CRITICAL Act Now

Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. No vendor patch available.

Red Hat Code Injection RCE
NVD VulDB
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-22371 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SicommNet BASEC (SaaS Service) login page allows an unauthenticated remote attacker to Bypass. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD
CVSS 4.0
9.3
EPSS
0.5%
CVE-2025-22372 CRITICAL Act Now

Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
9.3
EPSS
0.1%
CVE-2025-32931 CRITICAL Act Now

DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is used, allows authenticated administrators to execute arbitrary OS commands via a specific php artisan command. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PHP
NVD GitHub
CVSS 3.1
9.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy