CVE Brief Security Intelligence

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend

The StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import() function in all versions up to, and including, 1

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the upload_function() function in all versions up to, and including, 7

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplp_gdpr_install_plugin_ajax_handler() function in all versions up to, and including, 3

Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2

A local attacker with low privileges on the Windows system where the software is installed can exploit this vulnerability to corrupt sensitive data

The Catch Dark Mode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write through a specially crafted input

A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges

A vulnerability was determined in PHPGurukul Online Discussion Forum 1

A vulnerability was identified in PHPGurukul Online Discussion Forum 1

A security flaw has been discovered in PHPGurukul User Management System 1

A vulnerability was found in PHPGurukul Online Course Registration 3

A vulnerability was determined in PHPGurukul Small CRM 4

A vulnerability in the HPE Aruba Networking SD-WAN Gateways could allow an unauthenticated remote attacker to bypass firewall protections

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host

A vulnerability in the cryptographic logic used by HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to gain shell access

A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS (ECOS)

Apache::AuthAny::Cookie v0

The CBIS/NCS Manager API is vulnerable to an authentication bypass

Ashlar-Vellum Cobalt LI File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt AR File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt VC6 File Parsing Integer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt LI File Parsing Use-After-Free Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt LI File Parsing Type Confusion Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Memory Corruption Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server

The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint

A Use After Free vulnerability affecting the PAR file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 could allow an attacker to execute arbitrary code while opening a specially crafted PAR file

Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON

A security flaw has been discovered in D-Link DIR-825 up to 2

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the device

In JetBrains Junie before 252

Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication

In LemonLDAP::NG before 2

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue

An adjacent attacker without authentication can exploit this vulnerability to retrieve a set of user-privileged credentials

An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly available software

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties

An Out-Of-Bounds Read vulnerability affecting the PAR file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 could allow an attacker to execute arbitrary code while opening a specially crafted PAR file

A Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 could allow an attacker to execute arbitrary code while opening a specially crafted JT file

A vulnerability was found in whuan132 AIBattery up to 1

In JetBrains TeamCity before 2025

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication

Dragonfly is an open source P2P-based file distribution and image acceleration system

Dragonfly is an open source P2P-based file distribution and image acceleration system

A vulnerability was found in SourceCodester Online Exam Form Submission 1

A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464

A vulnerability was identified in SourceCodester Pet Grooming Management Software 1

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1

A flaw has been found in SourceCodester Online Exam Form Submission 1

A vulnerability has been found in SourceCodester Online Exam Form Submission 1

A vulnerability was determined in SourceCodester Hotel Reservation System 1

A vulnerability was identified in SourceCodester Hotel Reservation System 1

A weakness has been identified in itsourcecode Online Discussion Forum 1

A security vulnerability has been detected in itsourcecode Online Discussion Forum 1

A flaw has been found in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1

A vulnerability was determined in itsourcecode Student Information Management System 1

An issue in ClipBucket 5

A vulnerability was found in SourceCodester Responsive E-Learning System 1

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1

LinkAce is a self-hosted archive to collect website links

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in WN-7D36QR and WN-7D36QR/UE

Improper Validation of Specified Type of Input vulnerability in ABB FLXEON

Improper Validation of Specified Type of Input vulnerability in ABB FLXEON

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology E-Commerce Web Design Product allows XSS Through HTTP Headers

Use of Hard-coded Credentials vulnerability in ABB FLXEON