Filter
-Infinity
0

Trending

Last week
Last month
Last year

Cloud Foundry User Account and Authentication (UAA)– UAA Private Key Exposure

low
3
First published (updated )
CVE-2025-22246

SAP Supplier Relationship ManagementMultiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

low
3.9
First published (updated )
CVE-2025-30012

KanboardKanboard has stored Cross-site Scripting vulnerability in project name

low
1.3
First published (updated )
CVE-2025-46825

CVE-2025-46748Unverified Password Change

low
2.7
First published (updated )
CVE-2025-46748

CVE-2025-46744Improper Privilege Management

low
2.7
First published (updated )
CVE-2025-46744

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

ToolHiveToolHive stores secrets in the state store with no encryption

low
2.4
First published (updated )
CVE-2025-47274

sudo-rssudo-rs Allows Low Privilege Users to Enumerate Privileges of Others

low
3.3
First published (updated )
CVE-2025-46718

sudo-rssudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders

low
3.3
First published (updated )
CVE-2025-46717

phpDVDProfilerphpDVDProfiler Cross-site Scripting vulnerability

low
2.1
EPSS
0.04%
First published (updated )
CVE-2025-46729

Freeebird Hotel 酒店管理系统 APIFreeebird Hotel 酒店管理系统 API SessionInterceptor.java cross-domain policy

low
3.1
EPSS
0.01%
First published (updated )
CVE-2025-4542

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

RuoYi-Vueyangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie

low
3.1
EPSS
0.02%
First published (updated )
CVE-2025-4537

GNU PSPPlibpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxml_parse_…

low
2.9
EPSS
0.01%
First published (updated )
CVE-2025-47816

rust/wgpRace Condition

low
2.9
First published (updated )
GHSA-2w4w-4385-vh4h

rust/libsql-sqlite3-parserSQL Injection

low
2.9
First published (updated )
GHSA-8m95-fffc-h4c5

rust/trailerlib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.

low
2.9
First published (updated )
GHSA-6x45-r4pr-5362

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

libsqlSQL Injection

low
2.9
EPSS
0.01%
First published (updated )
CVE-2025-47736

Trailer Trailer Cratelib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.

low
2.9
EPSS
0.01%
First published (updated )
CVE-2025-47737

rust/wgpRace Condition

low
2.9
EPSS
0.01%
First published (updated )
CVE-2025-47735

Erlang/OTPErlang/OTP SSH Has Strict KEX Violations

low
3.7
EPSS
0.03%
First published (updated )
CVE-2025-46712

pip/ironicPath Traversal

low
2.8
First published (updated )
GHSA-q3m2-crgq-5p3q

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Rapid7 Corporate WebsiteUnvalidated Redirect Vulnerability on Rapid7.com

low
3.1
EPSS
0.03%
First published (updated )
CVE-2025-4132

npm/trixTrix vulnerable to Cross-site Scripting on copy & paste

low
2
EPSS
0.05%
First published (updated )
CVE-2025-46812

TeleMessage TM SGNLTeleMessage TM SGNL Hidden Functionality Vulnerability

low
1.9
Exploited
EPSS
0.01%
First published (updated )
CVE-2025-47729

pip/ironicOSSA-2025-001 / CVE-2025-44021: OpenStack Ironic fails to strict paths used for file:// image URLs

low
2.8
EPSS
0.01%
Trending
Month
First published (updated )
CVE-2025-44021

i-Educari-Educar Stored Cross-Site Scripting vulnerability

low
2
First published (updated )
CVE-2024-55651

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

INSA Rouen insa-authinsa-auth Open-Redirect on provided CAS server login endpoint

low
1.3
EPSS
0.07%
First published (updated )
CVE-2025-46826

Discourse Code Review PluginDiscourse Code Review Plugin vulnerable to XSS via auto link commits

low
3.1
EPSS
0.03%
First published (updated )
CVE-2025-46824

Samsung NotesUse of implicit intent for sensitive communication in translation in Samsung Notes prior to version …

low
3.3
First published (updated )
CVE-2025-20977

libplctagOut-of-bounds Read in libplctag library

low
3.1
First published (updated )
CVE-2025-1400

libplctagOut-of-bounds Read in libplctag library

low
3.1
First published (updated )
CVE-2025-1399

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203