0.0

CVE-2025-30022 -

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the DATANASC parameter.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 3:15 a.m.

0.0

CVE-2025-26163 -

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the CPF parameter.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 3:15 a.m.

7.8

CVSS3.1

CVE-2025-24855 -

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 2:15 a.m.

3.3

CVSS3.1

CVE-2025-27496 - Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption ma…

πŸ“… Published: March 13, 2025, 7:01 p.m. πŸ”„ Last Modified: March 13, 2025, 7:51 p.m.

8.5

CVSS4.0

CVE-2025-2229 - Philips Intellispace Cardiovascular (ISCV) Use of Weak Credentials

A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations.

πŸ“… Published: March 13, 2025, 6:17 p.m. πŸ”„ Last Modified: March 13, 2025, 7:30 p.m.

8.5

CVSS4.0

CVE-2025-2230 - Philips Intellispace Cardiovascular (ISCV) Improper Authentication

A flaw exists in the Windows login flow where an AuthContext token can be exploited for replay attacks and authentication bypass.

πŸ“… Published: March 13, 2025, 6:14 p.m. πŸ”„ Last Modified: March 13, 2025, 7:34 p.m.

3.3

CVSS3.1

CVE-2025-2157 - foreman: Disclosure of Executed Commands and Outputs in Foreman / Red Hat Satellite

A flaw was found in Foreman/Red Hat Satellite. Improper file permissions allow low-privileged OS users to monitor and access temporary files under /var/tmp, exposing sensitive command outputs, such as /etc/shadow. This issue can lead to information disclosure and privilege escalation if exploited e…

πŸ“… Published: March 13, 2025, 5:58 p.m. πŸ”„ Last Modified: March 13, 2025, 5:58 p.m.

4.3

CVSS3.1

CVE-2024-30143 - A path traversal vulnerability in HCL AppScan Traffic Recorder

HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is runnin…

πŸ“… Published: March 13, 2025, 5:34 p.m. πŸ”„ Last Modified: March 13, 2025, 6:15 p.m.

7.2

CVSS3.1

CVE-2025-24053 - Microsoft Dataverse Elevation of Privilege Vulnerability

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

πŸ“… Published: March 13, 2025, 5:25 p.m. πŸ”„ Last Modified: March 13, 2025, 6:26 p.m.

5.8

CVSS3.1

CVE-2025-29773 - Froxlor allows Multiple Accounts to Share the Same Email Address Leading to Potential Privilege Esc…

Froxlor is open-source server administration software. A vulnerability in versions prior to 2.2.6 allows users (such as resellers or customers) to create accounts with the same email address as an existing account. This creates potential issues with account identification and security. This vulnera…

πŸ“… Published: March 13, 2025, 5:07 p.m. πŸ”„ Last Modified: March 13, 2025, 7:15 p.m.
Total resulsts: 285227
Page 2 of 28,523
Β« previous page Β» next page
Filters