8.7

CVSS4.0

CVE-2025-6732 - UTT HiPER 840G API setSysAdm strcpy buffer overflow

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely.…

πŸ“… Published: June 26, 2025, 9:31 p.m. πŸ”„ Last Modified: Jan. 8, 2026, 7:45 p.m.

5.3

CVSS4.0

CVE-2025-6731 - yzcheng90 X-SpringBoot APK File apk uploadApk path traversal

A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched rem…

πŸ“… Published: June 26, 2025, 9:31 p.m. πŸ”„ Last Modified: June 30, 2025, 6:38 p.m.

5.5

CVSS3.1

CVE-2025-5731 - Infinispan: credential leakage in infinispan cli

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.

πŸ“… Published: June 26, 2025, 9:24 p.m. πŸ”„ Last Modified: Jan. 8, 2026, 4:15 a.m.

3.9

CVSS3.1

CVE-2015-0849 -

pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability.

πŸ“… Published: June 26, 2025, 9:15 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 3:48 p.m.

9.8

CVSS3.1

CVE-2015-0843 -

yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf.

πŸ“… Published: June 26, 2025, 9:11 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 3:39 p.m.

9.8

CVSS3.1

CVE-2015-0842 -

yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass.

πŸ“… Published: June 26, 2025, 9:10 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 3:38 p.m.

7.5

CVSS3.1

CVE-2014-6274 - S3 and Glacier remotes creds embedded in the git repo were not encrypted

git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored in the git repository in (effectively) plaintext, not encrypted as they were supposed to be. This issue affects git…

πŸ“… Published: June 26, 2025, 8:59 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:36 p.m.

9.8

CVSS3.1

CVE-2014-7210 -

pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected.

πŸ“… Published: June 26, 2025, 8:52 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:38 p.m.

9.8

CVSS3.1

CVE-2014-0468 -

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

πŸ“… Published: June 26, 2025, 8:39 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:34 p.m.

5.6

CVSS3.1

CVE-2013-1424 - matplotlib: Matplotlib buffer overflow

Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787.

πŸ“… Published: June 26, 2025, 8:02 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:29 p.m.
Total resulsts: 343879
Page 4344 of 34,388
Β« previous page Β» next page
Filters