2.4
CVE-2025-0895 - IBM Cognos Mobile information disclosure
IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from debugging code log messages.
4.8
CVE-2025-1817 - Mini-Tmall Admin Name admin cross site scripting
A vulnerability classified as problematic was found in Mini-Tmall up to 20250211. This vulnerability affects unknown code of the file /admin of the component Admin Name Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to tβ¦
5.3
CVE-2025-1816 - FFmpeg IAMF File iamf_parse.c audio_element_obu memory leak
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audio_element_obu of the file libavformat/iamf_parse.c of the component IAMF File Handler. The manipulation of the argument num_parameters leads to memory leaβ¦
6.9
CVE-2025-1815 - pbrong hrms resource.go HrmsDB improper authorization
A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \resource\resource.go. The manipulation of the argument user_cookie leads to improper authorization. It is possible to initiate the attack remotely. The exploit has β¦
8.7
CVE-2025-1814 - Tenda AC6 WifiExtraSet stack-based overflow
A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be launched remotelyβ¦
5.3
CVE-2025-1813 - zj1983 zz cross-site request forgery
A vulnerability classified as problematic was found in zj1983 zz up to 2024-08. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The veβ¦
5.3
CVE-2025-1812 - zj1983 zz SuperZ.java GetUserOrg sql injection
A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Affected is the function GetUserOrg of the file com/futvan/z/framework/core/SuperZ.java. The manipulation of the argument userId leads to sql injection. It is possible to launch the attack remotely. The exploit has beβ¦
6.9
CVE-2025-1811 - AT Software Solutions ATSVD Login Endpoint login.aspx sql injection
A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.aspx of the component Login Endpoint. The manipulation of the argument txtUsuario leads to sql injection. The attack β¦
5.3
CVE-2025-1810 - Pixsoft Vivaz Login Endpoint servlet cross site scripting
A vulnerability was found in Pixsoft Vivaz 6.0.11. It has been classified as problematic. Affected is an unknown function of the file /servlet?act=login&submit=1&evento=0&pixrnd=0125021817031859360231 of the component Login Endpoint. The manipulation of the argument sistema leads to cross site scriβ¦
6.9
CVE-2025-1809 - Pixsoft Sol Login Endpoint servlet sql injection
A vulnerability was found in Pixsoft Sol up to 7.6.6c and classified as critical. This issue affects some unknown processing of the file /pix_projetos/servlet?act=login&submit=1&evento=0&pixrnd=0125021816444195731041 of the component Login Endpoint. The manipulation of the argument txtUsuario leadsβ¦