In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE ha...
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to ...
The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authe...
The User Submitted Posts WordPress plugin before 20260608 does not escape a submitted value before outputting it in an admin-configured display te...
The WS Form LITE WordPress plugin before 1.11.8 does not have a capability check on one of its settings-update actions, allowing authenticated use...
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a ze...
The WP Photo Album Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subtext' parameter in all versions up to, and in...
CVE-2025-24054 — Detection & Mitigation Lab Project log for a defensive security lab on CVE-2025-24054, the Windows New Technology LAN Manager NTLM...
Missing Authorization vulnerability in WofficeIO Woffice allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affec...
The MotoPress Appointment Booking plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and incl...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.