5.3

CVSS4.0

CVE-2025-6731 - yzcheng90 X-SpringBoot APK File apk uploadApk path traversal

A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched rem…

πŸ“… Published: June 26, 2025, 9:31 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2025-5731 - Infinispan: credential leakage in infinispan cli

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.

πŸ“… Published: June 26, 2025, 9:24 p.m. πŸ”„ Last Modified: Jan. 8, 2026, 4:15 a.m.

3.9

CVSS3.1

CVE-2015-0849 -

pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability.

πŸ“… Published: June 26, 2025, 9:15 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 3:48 p.m.

9.8

CVSS3.1

CVE-2015-0843 -

yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf.

πŸ“… Published: June 26, 2025, 9:11 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 3:39 p.m.

9.8

CVSS3.1

CVE-2015-0842 -

yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass.

πŸ“… Published: June 26, 2025, 9:10 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 3:38 p.m.

7.5

CVSS3.1

CVE-2014-6274 - S3 and Glacier remotes creds embedded in the git repo were not encrypted

git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored in the git repository in (effectively) plaintext, not encrypted as they were supposed to be. This issue affects git…

πŸ“… Published: June 26, 2025, 8:59 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:36 p.m.

9.8

CVSS3.1

CVE-2014-7210 -

pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected.

πŸ“… Published: June 26, 2025, 8:52 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:38 p.m.

9.8

CVSS3.1

CVE-2014-0468 -

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

πŸ“… Published: June 26, 2025, 8:39 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:34 p.m.

5.6

CVSS3.1

CVE-2013-1424 - matplotlib: Matplotlib buffer overflow

Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787.

πŸ“… Published: June 26, 2025, 8:02 p.m. πŸ”„ Last Modified: Aug. 6, 2025, 4:29 p.m.

6.9

CVSS4.0

CVE-2025-53122 - SQLi in OpenNMS Horizon and Meridian

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenNMS Horizon and Meridian applications allows SQL Injection.Β  Users should upgrade to Meridian 2024.2.6 or newer, or Horizon 33.16 or newer. Meridian and Horizon installation instructions state…

πŸ“… Published: June 26, 2025, 7:49 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 4874 of 34,919
Β« previous page Β» next page
Filters