Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.
CVE-2025-6942 is a security vulnerability (CVSS 3.8) that allows an attacker. Remediation should follow standard vulnerability management procedures.
A security vulnerability in Soumettre.fr (CVSS 3.7). Remediation should follow standard vulnerability management procedures.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2.
CVE-2025-24334 is a security vulnerability (CVSS 3.3). Remediation should follow standard vulnerability management procedures.
Cross-site request forgery vulnerability exists in Active! mail 6 BuildInfo: 6.60.06008562 and earlier. If this vulnerability is exploited, unintended E-mail may be sent when a user accesses a specially crafted URL while being logged in.
Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for this flaw. However, the issue has been corrected starting from release 24R1-SR 2.1 MP by adding sufficient input validation for received SOAP requests, effectively mitigating the reported issue.