6.1

CVSS3.1

CVE-2025-29690 -

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the outtype parameter at /address/AddrController.java.

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: May 29, 2025, 7:59 p.m.

5.4

CVSS3.1

CVE-2024-57273 -

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross-site scripting (XSS) in the Automatic Configuration Backup (ACB) service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized…

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: June 23, 2025, 2:50 p.m.

9.8

CVSS3.1

CVE-2025-32363 -

mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target system via deserialization of untrusted data.

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: May 16, 2025, 2:43 p.m.

5.5

CVSS3.1

CVE-2024-57096 -

An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file.

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: Oct. 30, 2025, 8:49 p.m.

7.5

CVSS3.1

CVE-2025-26785 -

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: June 25, 2025, 3:08 p.m.

8.1

CVSS3.1

CVE-2024-58101 -

Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity vuln…

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: May 16, 2025, 2:43 p.m.

5.4

CVSS3.1

CVE-2025-44186 -

SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: May 27, 2025, 2:19 p.m.

6.1

CVSS3.1

CVE-2025-29688 -

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /daymanager/daymanageabilitycontroller.java.

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: May 29, 2025, 7:59 p.m.

6.1

CVSS3.1

CVE-2025-29691 -

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: May 29, 2025, 7:33 p.m.

6.5

CVSS3.1

CVE-2024-56427 -

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed RRC packets to the tar…

πŸ“… Published: May 14, 2025, midnight πŸ”„ Last Modified: July 1, 2025, 3 p.m.
Total resulsts: 343040
Page 4804 of 34,304
Β« previous page Β» next page
Filters