4.4

CVSS3.1

CVE-2025-46602 -

Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

πŸ“… Published: Oct. 27, 2025, 6:41 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 2:49 p.m.

7.8

CVSS3.1

CVE-2025-36007 - IBM QRadar SIEM incorrect privilege assignment

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.

πŸ“… Published: Oct. 27, 2025, 6:40 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 4:57 p.m.

6.9

CVSS4.0

CVE-2025-12306 - code-projects Nero Social Networking Site acceptoffres.php sql injection

A vulnerability was determined in code-projects Nero Social Networking Site 1.0. Affected is an unknown function of the file /acceptoffres.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and m…

πŸ“… Published: Oct. 27, 2025, 6:32 p.m. πŸ”„ Last Modified: Nov. 3, 2025, 4:54 p.m.

5.3

CVSS4.0

CVE-2025-12305 - quequnlong shiyi-blog Job SysJobController.java deserialization

A vulnerability was found in quequnlong shiyi-blog up to 1.2.1. This impacts an unknown function of the file src/main/java/com/mojian/controller/SysJobController.java of the component Job Handler. The manipulation results in deserialization. The attack can be executed remotely. The exploit has been…

πŸ“… Published: Oct. 27, 2025, 6:32 p.m. πŸ”„ Last Modified: Nov. 5, 2025, 8:30 p.m.

5.3

CVSS4.0

CVE-2025-12304 - dulaiduwang003 TIME-SEA-PLUS Order Status PayController.java alipayIsSucceed improper authorization

A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of the…

πŸ“… Published: Oct. 27, 2025, 6:32 p.m. πŸ”„ Last Modified: Oct. 30, 2025, 3:05 p.m.

6.9

CVSS4.0

CVE-2025-12365 - Error Messages Wrapped In HTTP Header

Error Messages Wrapped In HTTP Header.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Oct. 27, 2025, 6:12 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:54 p.m.

10

CVSS4.0

CVE-2025-12364 - Weak Password Policy

Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Oct. 27, 2025, 6:09 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:54 p.m.

10

CVSS4.0

CVE-2025-12363 - Email Password Disclosure

Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Oct. 27, 2025, 6:04 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:54 p.m.

4.8

CVSS4.0

CVE-2025-12303 - PHPGurukul Curfew e-Pass Management System admin-profile.php cross site scripting

A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. The impacted element is an unknown function of the file admin-profile.php. Executing a manipulation of the argument adminname/email can lead to cross site scripting. The attack may be launched remotely. The exploit has been pu…

πŸ“… Published: Oct. 27, 2025, 6:02 p.m. πŸ”„ Last Modified: Feb. 24, 2026, 8:16 a.m.

5.3

CVSS4.0

CVE-2025-12302 - code-projects Simple Food Ordering System editproduct.php cross site scripting

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. The affected element is an unknown function of the file /editproduct.php. Performing manipulation of the argument pname/category/price results in cross site scripting. The attack may be initiated remotely. The exploit is…

πŸ“… Published: Oct. 27, 2025, 6:02 p.m. πŸ”„ Last Modified: Nov. 3, 2025, 4:58 p.m.
Total resulsts: 344126
Page 2751 of 34,413
Β« previous page Β» next page
Filters