Latest CVE Feed
-
2.9
LOWCVE-2025-57837
Tileservice module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.... Read more
Affected Products :- Published: Oct. 20, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Information Disclosure
-
9.3
CRITICALCVE-2025-41028
A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx... Read more
Affected Products :- Published: Oct. 20, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Injection
-
4.0
MEDIUMCVE-2025-57839
Photo module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.... Read more
Affected Products : magicos- Published: Oct. 20, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Information Disclosure
-
6.0
MEDIUMCVE-2025-62522
Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by s... Read more
Affected Products : vite- Published: Oct. 20, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Misconfiguration
-
6.1
MEDIUMCVE-2025-10612
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in giSoft Information Technologies City Guide allows Reflected XSS.This issue affects City Guide: before 1.4.45.... Read more
Affected Products :- Published: Oct. 21, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Cross-Site Scripting