9.1
CVE-2025-57794 - Unrestricted File Upload Vulnerability in Explorance Blue
Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administrative interface. The application does not adequately restrict uploaded file types, allowing malicious files to be uploaded and executed by the server. This condition enables remoβ¦
10
CVE-2025-57792 - SQL Injection Vulnerability in Explorance Blue
Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user input in a web application endpoint. An attacker can supply crafted input that is executed as part of backend database queries. The issue is exploitable without authentication, sβ¦
5.5
CVE-2025-46306 - Bounds Check Failure in Keynote Allows Memory Disclosure
The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing a maliciously crafted Keynote file may disclose memory contents.
4.3
CVE-2025-46316 - OutβofβBounds Read in Apple Pages and Apple OS Leading to Application Crash or Memory Disclosure
An out-of-bounds read was addressed with improved input validation. This issue is fixed in Pages 15.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory.
8.6
CVE-2025-57793 - SQL Injection Vulnerability in Explorance Blue
Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly eβ¦
9.4
CVE-2026-24685 - OpenProject has Argument Injection on Repository module that allows Arbitrary File Write
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProjectβs repository diff download endpoint (`/projects/:project_id/repository/diff.diff`) when rendering a single revision via git show. By suβ¦
4.4
CVE-2025-13919 - Component Object Model (COM) Hijacking in Symantec Endpoint Protection Windows Client
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry.
6.7
CVE-2025-13918 - Elevation of Privileges in Symantec Endpoint Protection Windows Client
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normallβ¦
6.9
CVE-2026-1522 - Open5GS SGWC s5c-handler.c sgwc_s5c_handle_modify_bearer_response denial of service
A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwc_s5c_handle_modify_bearer_response of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The exploit haβ¦
7
CVE-2025-13917 - Elevation of Privileges in Web Security Services (WSS) Agent
WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.