|
761
|
- |
|
-
|
-
|
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing u…
|
-
|
CVE-2024-57056
|
2025-02-19 07:15 |
2025-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
762
|
7.8 |
HIGH
Local
|
tungstenautomation
|
power_pdf
|
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations o…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-12551
|
2025-02-19 06:41 |
2025-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
763
|
6.1 |
MEDIUM
Network
|
paessler
|
prtg_network_monitor
|
Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12833
|
2025-02-19 06:39 |
2025-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
764
|
9.8 |
CRITICAL
Network
logsign
|
unified_secops_platform
|
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. …
|
NVD-CWE-noinfo
|
CVE-2025-1044
|
2025-02-19 06:34 |
2025-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
765
|
8.8 |
HIGH
Network
|
mintty_project
|
mintty
|
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. Us…
|
CWE-787
Out-of-bounds Write
|
CVE-2025-1052
|
2025-02-19 06:32 |
2025-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
766
|
4.3 |
MEDIUM
Network
|
majesticsupport
|
majestic_support
|
The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.5 via the …
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-13601
|
2025-02-19 06:31 |
2025-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
767
|
8.8 |
HIGH
Network
|
lcweb
|
global_gallery
|
The The Global Gallery - WordPress Responsive Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 9.1.5. This is due to the software allo…
|
CWE-94
Code Injection
|
CVE-2024-13814
|
2025-02-19 06:30 |
2025-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
768
|
7.8 |
HIGH
Local
|
code-projects
|
police_fir_record_management_system
|
A vulnerability classified as critical was found in code-projects Police FIR Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Delete Record Ha…
|
CWE-787
Out-of-bounds Write
|
CVE-2025-1187
|
2025-02-19 06:28 |
2025-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
769
|
- |
|
-
|
-
|
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `historico_paciente.php` endpoin…
|
CWE-89
CWE-284
SQL Injection
Improper Access Control
|
CVE-2025-26617
|
2025-02-19 06:15 |
2025-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
770
|
- |
|
-
|
-
|
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Path Traversal vulnerability was discovered in the WeGIA application, `exportar_dump.php` endpoint. T…
|
CWE-22
CWE-284
Path Traversal
Improper Access Control
|
CVE-2025-26616
|
2025-02-19 06:15 |
2025-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
