-Infinity
0

Cloud Foundry User Account and Authentication (UAA)– UAA Private Key Exposure

First published (updated )

SAP Supplier Relationship ManagementMultiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

3.9
First published (updated )

KanboardKanboard has stored Cross-site Scripting vulnerability in project name

1.3
First published (updated )

CVE-2025-46748Unverified Password Change

2.7
First published (updated )

CVE-2025-46744Improper Privilege Management

2.7
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ToolHiveToolHive stores secrets in the state store with no encryption

2.4
First published (updated )

sudo-rssudo-rs Allows Low Privilege Users to Enumerate Privileges of Others

3.3
First published (updated )

sudo-rssudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders

3.3
First published (updated )

phpDVDProfilerphpDVDProfiler Cross-site Scripting vulnerability

2.1
EPSS
0.04%
First published (updated )

Freeebird Hotel 酒店管理系统 APIFreeebird Hotel 酒店管理系统 API SessionInterceptor.java cross-domain policy

3.1
EPSS
0.01%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

RuoYi-Vueyangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie

3.1
EPSS
0.02%
First published (updated )

GNU PSPPlibpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxml_parse_…

2.9
EPSS
0.01%
First published (updated )

rust/wgpRace Condition

2.9
First published (updated )

rust/libsql-sqlite3-parserSQL Injection

2.9
First published (updated )

rust/trailerlib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.

2.9
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

libsqlSQL Injection

2.9
EPSS
0.01%
First published (updated )

Trailer Trailer Cratelib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.

2.9
EPSS
0.01%
First published (updated )

rust/wgpRace Condition

2.9
EPSS
0.01%
First published (updated )

Erlang/OTPErlang/OTP SSH Has Strict KEX Violations

3.7
EPSS
0.03%
First published (updated )

pip/ironicPath Traversal

2.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Rapid7 Corporate WebsiteUnvalidated Redirect Vulnerability on Rapid7.com

3.1
EPSS
0.03%
First published (updated )

npm/trixTrix vulnerable to Cross-site Scripting on copy & paste

EPSS
0.05%
First published (updated )

TeleMessage TM SGNLTeleMessage TM SGNL Hidden Functionality Vulnerability

1.9
EPSS
0.01%
First published (updated )

pip/ironicOSSA-2025-001 / CVE-2025-44021: OpenStack Ironic fails to strict paths used for file:// image URLs

2.8
EPSS
0.01%
First published (updated )

i-Educari-Educar Stored Cross-Site Scripting vulnerability

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

INSA Rouen insa-authinsa-auth Open-Redirect on provided CAS server login endpoint

1.3
EPSS
0.07%
First published (updated )

Discourse Code Review PluginDiscourse Code Review Plugin vulnerable to XSS via auto link commits

3.1
EPSS
0.03%
First published (updated )

Samsung NotesUse of implicit intent for sensitive communication in translation in Samsung Notes prior to version …

3.3
First published (updated )

libplctagOut-of-bounds Read in libplctag library

3.1
First published (updated )

libplctagOut-of-bounds Read in libplctag library

3.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203