Unauthenticated Cross Site Scripting (XSS) in SweetDate Core < 1.1.5 versions.
Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme
In overrideConfig of CarrierConfigLoader.java, there is a possible way to bypass UID check due to a permissions bypass. This could lead to local es...
In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote (p...
In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege wi...
In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privi...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EMV JobCareer allows Path Traversal. This issue af...
Unauthenticated PHP Object Injection in Plumbing
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. ...
Unauthenticated Local File Inclusion in Fortius
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
