In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], when "directory listing" is enabled, file and directory names are inserted into gene...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki Coo...
Missing Authorization in Collection Provider component in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, ...
Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor...
On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps.
Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator.
On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases.
A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements whe...
Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or ...
{“lastseen”:””,”description”:””,”published”:”2025-10-21T20:03:18.599Z”,R...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
