5.1
CVE-2025-1993 - IBM App Connect Enterprise Certified Container information disclosure
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cβ¦
6.9
CVE-2025-4481 - SourceCodester Apartment Visitor Management System search-result.php sql injection
A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. Thβ¦
4.8
CVE-2025-4480 - code-projects Simple College Management System Add New Student input stack-based overflow
A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to lauβ¦
6.5
CVE-2024-8973 - Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a malicious crafted payload.
6.8
CVE-2025-0549 - Authentication Bypass Using an Alternate Path or Channel in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.3 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. A security vulnerability allows attackers to bypass Device OAuth flow protections, enabling authorization form submission through minβ¦
5.3
CVE-2025-1278 - Insufficient Granularity of Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
7.8
CVE-2024-9524 - Privilege Escalation Vulnerability in Avira Prime Version 1.1.96.2
Link Following Local Privilege Escalation Vulnerability in System Speedup Service in Avira Operations GmbH Avira Prime Version 1.1.96.2 on Windows 10 x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a Tβ¦
7.8
CVE-2024-13962 - Link Following Local Privilege Escalation Vulnerability in Avast Cleanup Premium Version 24.2.16593β¦
Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Gen Digital Inc. Avast Cleanup Premium Version 24.2.16593.17810 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveragingβ¦
7.8
CVE-2024-13961 - Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability
Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Avast Cleanup Premium Version 24.2.16593.17810 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-β¦
7.8
CVE-2024-13960 - Link Following Local Privilege Escalation Vulnerability in AVG TuneUp Version 23.4
Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version 23.4 (build 15592) on Windows 10 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to β¦