9.8
CVE-2024-48445 -
An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.
8.5
CVE-2025-1003 - HP Anyware Agent for Linux β Potential Authentication Bypass
A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. HP is releasing a software update to mitigate this potential vulnerability.
2.6
CVE-2025-0148 - Zoom Jenkins Marketplace plugin - Missing Password Field Masking
Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access.
9.4
CVE-2025-24901 - SQL Injection endpoint 'deletar_permissao.php' parameter 'c', 'a', 'r' in WeGIA
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `deletar_permissao.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive informatiβ¦
9.4
CVE-2025-24902 - SQL Injection endpoint 'salvar_cargo.php' parameter 'id_cargo' in WeGIA
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_cargo.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. Tβ¦
10
CVE-2025-24905 - SQL Injection endpoint 'get_codigobarras_cobranca.php' parameter 'codigo' in WeGIA
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_codigobarras_cobranca.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive iβ¦
10
CVE-2025-24906 - SQL Injection endpoint 'get_detalhes_cobranca.php' parameter 'codigo' in WeGIA
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_detalhes_cobranca.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive inforβ¦
10
CVE-2025-24957 - SQL Injection endpoint 'get_detalhes_socio.php' parameter 'id_socio' in WeGIA
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_detalhes_socio.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive informatβ¦
9.4
CVE-2025-24958 - SQL Injection endpoint 'salvar_tag.php' parameter 'id_tag' in WeGIA
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_tag.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. Thiβ¦
7.8
CVE-2024-35177 - Improper Access Control in wazuh-agent
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability dβ¦