5.3
CVE-2025-0483 - Fanli2012 native-php-cms jump.php cross site scripting
A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic. This vulnerability affects unknown code of the file /fladmin/jump.php. The manipulation of the argument message/error leads to cross site scripting. The attack can be initiated remotely. The exploit has beβ¦
6.9
CVE-2025-0482 - Fanli2012 native-php-cms user_recoverpwd.php default credentials
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed tβ¦
6.9
CVE-2025-0481 - D-Link DIR-878 HTTP POST Request dllog.cgi information disclosure
A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been diβ¦
7.7
CVE-2025-0501 - Issue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
7.7
CVE-2025-0500 - Issue affecting Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amaβ¦
An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle.
6.9
CVE-2025-0502 - Transmission of Private Resources into a New Sphere in Crafter Engine
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.
7.5
CVE-2024-52005 - The sideband payload is passed unfiltered to the terminal in git
Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the stanβ¦
5.3
CVE-2025-0480 - wuzhicms config.php test server-side request forgery
A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the function test of the file coreframe/app/search/admin/config.php. The manipulation of the argument sphinxhost/sphinxport leads to server-side request forgery. It is possible to initiate the attack remotely. β¦
6.6
CVE-2025-23040 - Maliciously crafted remote URLs could lead to credential leak in GitHub Desktop
GitHub Desktop is an open-source Electron-based GitHub app designed for git development. An attacker convincing a user to clone a repository directly or through a submodule can allow the attacker access to the user's credentials through the use of maliciously crafted remote URL. GitHub Desktop reliβ¦
0.0
CVE-2025-0499 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.