5.4

CVSS3.1

CVE-2025-46102 -

Cross Site Scripting vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM) version V.5.4.3 allows a remote attacker to obtain sensitive information via the URL parameter

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

0.0

CVE-2024-32323 -

SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a remote attacker to obtain sensitive information via the if parameter in hcit.project.rte.agents.UploadImages.class.

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

0.0

CVE-2023-41566 -

OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sys_ui_extend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions.

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

0.0

CVE-2025-53867 -

Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

0.0

CVE-2025-51497 -

An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari accessed when the plugin was active. These logs went into the MacOS general logs for any unsandboxed process to read. This may be disabled in version 1.11.22.

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

9.8

CVSS3.1

CVE-2025-50240 -

nbcio-boot v1.0.3 was discovered to contain a SQL injection vulnerability via the userIds parameter at /sys/user/deleteRecycleBin.

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

9.8

CVSS3.1

CVE-2025-51630 -

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules.

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 18, 2025, 5:25 p.m.

0.0

CVE-2023-47356 -

Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameter at /log/fw_security.mds.

๐Ÿ“… Published: July 17, 2025, midnight ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

9.3

CVSS4.0

CVE-2025-34132 - LILIN DVR Command Injection via NTPUpdate in dvr_box

A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to inject and execute โ€ฆ

๐Ÿ“… Published: July 16, 2025, 9:26 p.m. ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

8.7

CVSS4.0

CVE-2025-34130 - LILIN DVR Arbitrary File Read via net_html.cgi

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used โ€ฆ

๐Ÿ“… Published: July 16, 2025, 9:26 p.m. ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.
Total resulsts: 302446
Page 24 of 30,245
ยซ previous page ยป next page
Filters