Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to `ss…
Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the und…
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipul…
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such…
A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component …
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A stored cross-site scripting (XSS) vulnerability in the Sumex invoice view allows an authenticated…
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability exists in InvoicePlane (latest version) that allo…
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability exists in InvoicePlane 1.7.0 via the Product Unit…
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability exists in InvoicePlane 1.7.0 via the Invoice Numb…
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability exists in InvoicePlane 1.7.0 via the Family Name …
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A critical Remote Code Execution (RCE) vulnerability exists in InvoicePlane 1.7.0 through a chained…
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability occurs in the upload Login Logo functions of Invo…
Orthanc versions before 1.12.10 are affected by an authorisation logic flaw in the application's HTTP Basic Authentication implementation. Successful exploitation could result in Privilege Escalati…
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Delinea Inc. Cloud Suite and Privileged Access Service. Remediation: This issue is fixed in Cloud Suite: 25.1
Improper Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in Delinea Inc. Cloud Suite and Privileged Access Service. If you're not using the latest Server Suite agents, this f…
A security flaw has been discovered in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is the function Download of the file /Search/Subject/downLoad. Pe…
A vulnerability was identified in Advantech WISE-6610 1.2.1_20251110. Affected is an unknown function of the file /cgi-bin/luci/admin/openvpn_apply of the component Background Management. Such manipu…
A vulnerability was determined in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This impacts an unknown function of the file /dm/dispatch/user/delete of the component Us…
Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)