6.1

CVSS3.1

CVE-2025-7715 - Block Attributes - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-090

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Attributes allows Cross-Site Scripting (XSS).This issue affects Block Attributes: from 0.0.0 before 1.1.0, from 2.0.0 before 2.0.1.

πŸ“… Published: July 21, 2025, 4:36 p.m. πŸ”„ Last Modified: Aug. 26, 2025, 8:50 p.m.

6.1

CVSS3.1

CVE-2025-7392 - Cookies Addons - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-087

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Cookies Addons allows Cross-Site Scripting (XSS).This issue affects Cookies Addons: from 1.0.0 before 1.2.4.

πŸ“… Published: July 21, 2025, 4:36 p.m. πŸ”„ Last Modified: Aug. 27, 2025, 2:23 p.m.

9.8

CVSS3.1

CVE-2025-7393 - Mail Login - Critical - Access bypass - SA-CONTRIB-2025-088

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from 3.0.0 before 3.2.0, from 4.0.0 before 4.2.0.

πŸ“… Published: July 21, 2025, 4:35 p.m. πŸ”„ Last Modified: Aug. 27, 2025, 2:22 p.m.

4.4

CVSS3.1

CVE-2025-30477 -

Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

πŸ“… Published: July 21, 2025, 4:32 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 2:33 p.m.

6.9

CVSS4.0

CVE-2025-7931 - code-projects Church Donation System admin_pic.php unrestricted upload

A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. Th…

πŸ“… Published: July 21, 2025, 4:32 p.m. πŸ”„ Last Modified: July 29, 2025, 8:44 p.m.

6.6

CVSS3.1

CVE-2025-32744 -

Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.

πŸ“… Published: July 21, 2025, 4:25 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 5:50 p.m.

8.1

CVSS4.0

CVE-2025-54082 - nova-tiptap has an Unauthenticated Arbitrary File Upload Vulnerability

marshmallow-packages/nova-tiptap is a rich text editor for Laravel Nova based on tiptap. Prior to 5.7.0, a vulnerability was discovered in the marshmallow-packages/nova-tiptap Laravel Nova package that allows unauthenticated users to upload arbitrary files to any Laravel disk configured in the appl…

πŸ“… Published: July 21, 2025, 4:25 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.2

CVSS3.1

CVE-2025-36603 -

Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.

πŸ“… Published: July 21, 2025, 4:20 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 2:30 p.m.

0.0

CVE-2025-54371 -

This CVE is a duplicate of another CVE.

πŸ“… Published: July 21, 2025, 4:12 p.m. πŸ”„ Last Modified: July 23, 2025, 9:15 p.m.

6.9

CVSS4.0

CVE-2025-7930 - code-projects Church Donation System add_members.php sql injection

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/add_members.php. The manipulation of the argument mobile leads to sql injection. The attack can be launched remote…

πŸ“… Published: July 21, 2025, 4:02 p.m. πŸ”„ Last Modified: July 29, 2025, 8:44 p.m.
Total resulsts: 346649
Page 4317 of 34,665
Β« previous page Β» next page
Filters