|
641
|
- |
|
-
|
-
|
MicroDicom DICOM Viewer version 2024.03
fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traff…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2025-1002
|
2025-02-11 06:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
642
|
- |
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. This affects an unknown part of the file /stores of the component Your Location Search. The manipulation leads…
New
|
-
|
CVE-2025-1155
|
2025-02-11 06:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
643
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in xxyopen Novel up to 3.4.1. Affected by this issue is some unknown functionality of the file /api/front/search/books. The manipulat…
New
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-1154
|
2025-02-11 05:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
644
|
- |
|
-
|
-
|
An SQL injection vulnerability exists in Stock-Forecaster <=01-04-2020. By sending a specially crafted 'stock-symbol' parameter to the portofolio() endpoint, it is possible to trigger an SQL injectio…
New
|
-
|
CVE-2024-57178
|
2025-02-11 05:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
645
|
- |
|
-
|
-
|
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for …
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-24016
|
2025-02-11 05:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
646
|
3.1 |
LOW
Network
|
-
|
-
|
A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory cor…
New
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2025-1153
|
2025-02-11 04:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
647
|
9.8 |
CRITICAL
Network
-
|
-
|
The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'upload_publisher_profile_image' function in versions up to, and includi…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-13011
|
2025-02-11 04:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
648
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on the 'search_…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-13010
|
2025-02-11 04:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
649
|
- |
|
-
|
-
|
Hickory DNS is a Rust based DNS client, server, and resolver. A vulnerability present starting in version 0.8.0 and prior to versions 0.24.3 and 0.25.0-alpha.5 impacts Hickory DNS users relying on DN…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2025-25188
|
2025-02-11 03:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
650
|
3.1 |
LOW
Network
|
-
|
-
|
A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is…
New
|
CWE-404
CWE-401
Improper Resource Shutdown or Release
Missing Release of Memory after Effective Lifetime
|
CVE-2025-1152
|
2025-02-11 03:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
