CVE Brief Security Intelligence

Nagios Fusion v2024R1

indieka900 online-shopping-system-php 1

A lack of rate limiting in the OTP verification component of Nagios Fusion v2024R1

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 (week 36/2025), which allows an attacker to read arbitrary files from the Windows operating system

Relative Path Traversal vulnerability in Apache Tomcat

A security vulnerability has been detected in CLTPHP 3

A flaw has been found in Abdullah-Hasan-Sajjad Online-School up to f09dda77b4c29aa083ff57f4b1eb991b98b68883

A vulnerability has been found in dnsmasq up to 2

A remote unauthenticated attacker may use the unauthenticated C++ API to access or modify sensitive data and disrupt services

Cross-Site Request Forgery (CSRF) vulnerability in Clifton Griffin Simple Content Templates for Blog Posts & Pages simple-post-template allows Cross Site Request Forgery

Cross-Site Request Forgery (CSRF) vulnerability in Andrea Landonio CloudSearch cloud-search allows Stored XSS

Missing Authorization vulnerability in MDZ Persian Admnin Fonts persian-admin-fonts allows Exploiting Incorrectly Configured Access Control Security Levels

A vulnerability was determined in Tenda O3 1

A vulnerability was identified in Tenda O3 1

A security flaw has been discovered in Tenda O3 1

A weakness has been identified in Tenda O3 1

A security vulnerability has been detected in Tenda O3 1

A vulnerability was detected in Tenda O3 1

A vulnerability has been found in Tenda AC6 15

A vulnerability was detected in Tenda CH22 1

A flaw has been found in Tenda CH22 1

A vulnerability has been found in Tenda CH22 1

A vulnerability was determined in Tenda CH22 1

A weakness has been identified in TOTOLINK A3300R 17

A security vulnerability has been detected in TOTOLINK A3300R 17

A vulnerability was detected in TOTOLINK A3300R 17

A vulnerability was detected in TOTOLINK A3300R 17

A flaw has been found in TOTOLINK A3300R 17

A vulnerability has been found in TOTOLINK A3300R 17

A weakness has been identified in Tenda CH22 1

A vulnerability was identified in Tenda CH22 1

A security flaw has been discovered in Tenda CH22 1

A weakness has been identified in Tenda CH22 1

A security vulnerability has been detected in Tenda CH22 1

A flaw has been found in Tenda CH22 1

A SQL injection vulnerability exists in the langchain-ai/langchain repository, specifically in the LangGraph's SQLite store implementation

TRUfusion Enterprise through 7

Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application

Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels

A vulnerability was found in Tenda CH22 1

An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1

IBM QRadar SIEM 7

A private key disclosure vulnerability exists in ZTE's ZXMP M721 product

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access

StarCharge Artemis AC Charger 7-22 kW v1

TRUfusion Enterprise through 7

A vulnerability was found in SourceCodester Best House Rental Management System 1

A flaw has been found in projectworlds Online Shopping System 1

A vulnerability was identified in projectworlds Advanced Library Management System 1

A vulnerability was determined in AMTT Hotel Broadband Operation System 1

A security vulnerability has been detected in SourceCodester Online Student Result System 1

A vulnerability was determined in SourceCodester Point of Sales 1

A vulnerability was identified in SourceCodester Point of Sales 1

A security vulnerability has been detected in code-projects Simple Food Ordering System 1

A vulnerability was determined in code-projects Nero Social Networking Site 1

A vulnerability was identified in code-projects Nero Social Networking Site 1

A security flaw has been discovered in code-projects Nero Social Networking Site 1

A weakness has been identified in code-projects Nero Social Networking Site 1

A vulnerability was identified in code-projects Courier Management System 1

A vulnerability has been found in SourceCodester Best Salon Management System 1

A vulnerability was found in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5

Missing Authorization vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Exploiting Incorrectly Configured Access Control Security Levels

Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v

Cross-Site Request Forgery (CSRF) vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS

A weakness has been identified in Hasleo Backup Suite up to 5

A weakness has been identified in VeePN up to 1