Category: Bulletins

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info FlowiseAI–Flowise Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution.…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Logo Software–Diva Authorization Bypass Through User-Controlled SQL Primary Key, CWE – 89 – Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Adobe–Acrobat Reader Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000projects–Beauty Parlour Management System A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000projects–Online Project Report Submission and Evaluation System A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 7ritn–VaulTLS VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Sales Management System A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. The manipulation of the argument…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Adobe–Adobe Experience Manager Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 0x676e67–vproxy vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–ABC Courier Management System A vulnerability has been found in 1000 Projects ABC Courier Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info aapanel–aapanel WP Toolkit The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the auto_login() function in versions 1.0 to 1.1.…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Radiflow–iSAP Smart Collector The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). Exploiting OS command injection through these…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info ABB–RMC-100 Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network,…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 70mai–M300 A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet Service. The…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info _CreativeMedia_–Elite Video Player Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in _CreativeMedia_ Elite Video Player allows Stored XSS. This issue affects Elite Video Player: from…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info _CreativeMedia_–Elite Video Player Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in _CreativeMedia_ Elite Video Player allows Stored XSS. This issue affects Elite Video Player: from…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Acer–ControlCenter Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–ABC Courier Management System A vulnerability, which was classified as critical, was found in 1000 Projects ABC Courier Management System 1.0. Affected is an unknown function of the…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–ABC Courier Management System A vulnerability, which was classified as critical, was found in 1000 Projects ABC Courier Management System 1.0. Affected is an unknown function of the…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Daily College Class Work Report Book A vulnerability classified as critical has been found in 1000 Projects Daily College Class Work Report Book 1.0. Affected is an unknown…

Read more →