Tag: Bulletins

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info ABB–System 800xA  A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.  An attacker who successfully exploited the vulnerability could, in…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info ABB–System 800xA  A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.  An attacker who successfully exploited the vulnerability could, in…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info .TUBE gTLD–.TUBE Video Curator  Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in .TUBE gTLD .TUBE Video Curator allows Reflected XSS. This issue affects .TUBE Video…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 0xPolygonZero–plonky2  Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floor(num_routed_wires / 3) always include the…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info aEnrich Technology–a+HRD  The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. 2025-01-20…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Campaign Management System Platform for Women  A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been declared as critical. Affected by…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Campaign Management System Platform for Women  A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been declared as critical. Affected by…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 5centsCDN–5centsCDN  Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 5centsCDN 5centsCDN allows Reflected XSS.This issue affects 5centsCDN: from n/a through 24.8.16. 2025-01-07 7.1 CVE-2025-22326 a3rev–Compare…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 10CentMail–10CentMail  Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 10CentMail allows Reflected XSS.This issue affects 10CentMail: from n/a through 2.1.50. 2025-01-02 7.1 CVE-2024-56030 2100 Technology…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Attendance Tracking Management System  A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Attendance Tracking Management System  A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info n/a — n/a   The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a…

Read more →

High Vulnerabilities PrimaryVendor — Product Description8 Published CVSS Score Source Info SailPoint Technologies–IdentityIQ  IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Portfolio Management System MCA  A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Beauty Parlour Management System  A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info acnoo — flutter_api  Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Admin–Verbalize WP  Unrestricted Upload of File with Dangerous Type vulnerability in Admin Verbalize WP Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Acespritech Solutions Pvt. Ltd.–Social Link Groups  Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Acespritech Solutions Pvt. Ltd. Social Link Groups…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info adobe — animate  Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context…

Read more →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info n/a–n/a  An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is…

Read more →