A server-side template injection vulnerability (CWE-1336) with CVSS 9.8 allows remote attackers to execute arbitrary code through crafted template expressions.
XDocReport v0.9.2 through v2.0.3 has an XML External Entity (XXE) vulnerability that allows attackers to read arbitrary files, perform SSRF, and potentially achieve remote code execution.
Orval, a TypeScript API client generator, has a command injection vulnerability that allows code execution through malicious OpenAPI specifications.
Google Chrome prior to 144.0.7559.59 has insufficient policy enforcement in Network that allows attackers who obtained a network position to access sensitive data.
Authentication bypass in CRMEB up to version 5.6.3 allows unauthenticated remote attackers to manipulate the openId parameter in the Apple login function, gaining unauthorized access without valid credentials. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. The flaw affects the LoginController.php authentication mechanism and carries a CVSS score of 7.3 with confirmed impact to confidentiality, integrity, and availability.
Remote denial of service in Oracle Java SE, GraalVM for JDK, and GraalVM Enterprise Edition allows unauthenticated attackers to trigger application hangs or crashes via network-accessible protocols. Multiple Java versions including JDK 8u471, 11.0.29, 17.0.17, 21.0.9, and 25.0.1 are affected through a flaw in the Security component. No patch is currently available for this high-severity vulnerability.
Imagemagick versions up to 7.1.2-13 is affected by loop with unreachable exit condition (infinite loop) (CVSS 5.5).
Graalvm versions up to 21.3.16 contains a vulnerability that allows attackers to unauthorized creation, deletion or modification access to critical data or all O (CVSS 7.4).
Information disclosure in MineAdmin 1.x/2.x through an exposed Swagger component allows unauthenticated remote attackers to access sensitive data over the network. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.
Node.js has a permissions model bypass that allows attackers to circumvent --allow-fs-read and --allow-fs-write restrictions using alternate path representations.
Heap corruption in Google Chrome's ANGLE graphics library prior to version 144.0.7559.59 can be triggered through a crafted HTML page, enabling remote attackers to execute arbitrary code without user interaction beyond visiting a malicious website. The vulnerability stems from a use-after-free memory flaw that affects all Chrome users, though no patch is currently available. With a CVSS score of 8.8 and minimal exploit complexity, this presents a significant risk to the browser's security model.
Out-of-bounds memory read in Chrome's V8 JavaScript engine prior to version 144.0.7559.59 enables remote attackers to leak sensitive information through maliciously crafted web pages requiring only user interaction. The vulnerability affects all Chrome users and exposes high-impact confidentiality and integrity risks with no available patch at this time.
Object corruption in Google Chrome's V8 engine prior to version 144.0.7559.59 can be triggered by remote attackers through malicious HTML pages, potentially leading to complete system compromise including unauthorized access, data modification, and denial of service. The vulnerability requires user interaction to exploit but does not require authentication or special privileges. No patch is currently available for affected users.
Out-of-bounds memory access in Chrome's V8 engine (versions prior to 144.0.7559.59) enables remote attackers to corrupt objects and potentially achieve code execution by delivering a malicious HTML page to users. The vulnerability requires user interaction but poses significant risk due to its high CVSS score (8.8) and impact on confidentiality, integrity, and availability. No patch is currently available.
Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploited by remote attackers via selective network delays (e.g. [CVSS 4.8 MEDIUM]
Concert versions up to 2.1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
The Creator LMS - The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the get_items_permissions_check function in all versions up to, and including, 1.1.12. [CVSS 8.8 HIGH]
Hospitality Opera 5 versions up to 5.6.19.23 contains a vulnerability that allows attackers to unauthorized access to critical data or complete access to all Oracle Hospitalit (CVSS 8.6).
IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image. [CVSS 8.4 HIGH]
Direct for UNIX Container 6.3.0.0 versions up to 6.3.0.6 is affected by use of hard-coded credentials (CVSS 8.4).
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. [CVSS 8.2 HIGH]
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. [CVSS 8.2 HIGH]
Vm Virtualbox versions up to 7.1.14 contains a vulnerability that allows attackers to takeover of Oracle VM VirtualBox (CVSS 8.2).
Vm Virtualbox versions up to 7.1.14 contains a vulnerability that allows attackers to takeover of Oracle VM VirtualBox (CVSS 8.2).
Vm Virtualbox versions up to 7.1.14 contains a vulnerability that allows attackers to takeover of Oracle VM VirtualBox (CVSS 8.2).
PHP object injection in the Nexter Extension plugin for WordPress (versions up to 4.4.6) allows unauthenticated remote attackers to deserialize untrusted data, potentially enabling arbitrary code execution, file deletion, or data theft if a compatible POP chain exists in other installed plugins or themes. The vulnerability has a high CVSS score of 8.1 but currently lacks a public exploit chain in the vulnerable software itself. No patch is currently available.
Flexcube Investor Servicing versions up to 14.5.0.15.0 contains a vulnerability that allows attackers to unauthorized creation, deletion or modification access to critical data or all O (CVSS 8.1).
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution - Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.2.4 via the `/wp-json/dokan/v1/settings` REST API endpoint due to missing validation on a user-controlled key. [CVSS 8.1 HIGH]
Vm Virtualbox versions up to 7.1.14 contains a vulnerability that allows attackers to unauthorized creation, deletion or modification access to critical data or all O (CVSS 8.1).
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server through commit 5e6f19a (newer commit after version 28.2) allows remote attackers to cause a Denial of Service. [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP and CIP grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive limited storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. [CVSS 7.5 HIGH]
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. [CVSS 7.5 HIGH]
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. [CVSS 7.5 HIGH]
A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to UTF-8 without freeing the allocated buffer. [CVSS 7.5 HIGH]
Unauthenticated attackers can access sensitive data in Oracle Agile PLM 9.3.6 through an HTTP network request targeting the User and User Group component, potentially exposing all accessible information within the application. This easily exploitable vulnerability requires no user interaction and affects Oracle Supply Chain Products Suite deployments. No patch is currently available.
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. [CVSS 7.5 HIGH]
Siebel Customer Relationship Management Deployment contains a vulnerability that allows attackers to unauthorized ability to cause a hang or frequently repeatable crash (complete DO (CVSS 7.5).
A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the server. [CVSS 7.5 HIGH]
Node.js TLS servers using PSK or ALPN callbacks are vulnerable to denial of service when these callbacks throw unhandled synchronous exceptions during the TLS handshake. Remote attackers can exploit this by sending specially crafted TLS handshake requests to trigger resource exhaustion or process crashes, either through immediate termination or silent file descriptor leaks. No patch is currently available for this vulnerability.
Imagedirector Capture versions up to 7.6.3.25808. is affected by insufficiently protected credentials (CVSS 7.5).
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive. [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot. [CVSS 7.5 HIGH]
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible. [CVSS 7.5 HIGH]
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. [CVSS 7.5 HIGH]