Latest CVE Feed
-
8.7
HIGHCVE-2025-54370
PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is read and displayed in the browser. The vulnerability lie... Read more
Affected Products : phpspreadsheet- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Server-Side Request Forgery
-
5.3
MEDIUMCVE-2025-9409
A security flaw has been discovered in lostvip-com ruoyi-go up to 2.1. Impacted is the function DownloadTmp/DownloadUpload of the file modules/system/controller/CommonController.go. Performing manipulation of the argument fileName results in path traversa... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Path Traversal
-
6.5
MEDIUMCVE-2025-9412
A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be laun... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Injection
-
4.8
MEDIUMCVE-2025-9416
A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results in cross site scripting. The attack may be performed from... Read more
Affected Products : samarium- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Cross-Site Scripting