A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform 甘肃省危险品库监控平台 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in TRENDnet TEW-822DRE FW103B02. Rated high severity (CVSS 7.3). No vendor patch available.
A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Rated high severity (CVSS 7.3). No vendor patch available.
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06.php?language=en&nv=upload of the component Module Handler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android.xml of the component com.ricepo.app. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical was found in CesiumLab Web up to 4.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
SSRF vulnerability in FreeMarker templates in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in TRENDnet TN-200 1.02b02. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Rated low severity (CVSS 2.0). No vendor patch available.
A vulnerability was found in Ruijie EG306MG 3.0(1)B11P309. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test This fixes the tx timeout issue seen while running a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic.java of the component com.macro.mall.portal.controller. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via its lightbox rendering code in all versions up to, and including, 12.6.0 due to insufficient input sanitization and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Tiny-Scientist is a lightweight framework for automating the entire lifecycle of scientific research-from ideation to implementation, writing, and review. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.
The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
Frappe Learning is a learning system that helps users structure their content. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
oak is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Craft is a platform for creating digital experiences. Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
Kernel software installed and running inside an untrusted/rich execution environment (REE) could leak information from the trusted execution environment (TEE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL pointer dereference kernel exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.