|
821
|
9.8 |
CRITICAL
Network
-
|
-
|
Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in to the system as any user.
|
CWE-1390
Weak Authentication
|
CVE-2025-1387
|
2025-02-17 13:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
822
|
3.3 |
LOW
Local
|
-
|
-
|
A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The ma…
|
CWE-476
CWE-404
NULL Pointer Dereference
Improper Resource Shutdown or Release
|
CVE-2025-1373
|
2025-02-17 13:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
823
|
- |
|
-
|
-
|
Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2025-26700
|
2025-02-17 12:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
824
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the c…
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2025-1372
|
2025-02-17 12:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
825
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2025-1366
|
2025-02-17 10:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
826
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the…
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2025-1365
|
2025-02-17 09:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
827
|
- |
|
-
|
-
|
Out-of-bounds Read vulnerability (CWE-125) was found in CX-Programmer. Attackers may be able to read sensitive information or cause an application crash by abusing this vulnerability.
|
-
|
CVE-2025-0591
|
2025-02-17 09:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
828
|
- |
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Fahad Mahmood Keep Backup Daily allows Path Traversal. This issue affects Keep Backup Daily: from n/a t…
|
CWE-22
Path Traversal
|
CVE-2025-26779
|
2025-02-17 08:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
829
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in what3words what3words Address Field allows Stored XSS. This issue affects what3words Address Field: from n/a through 4.0.15.
|
CWE-352
Origin Validation Error
|
CVE-2025-26768
|
2025-02-17 08:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
830
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Qubely – Advanced Gutenberg Blocks allows Stored XSS. This issue affects Qubely – Advance…
|
CWE-79
Cross-site Scripting
|
CVE-2025-26767
|
2025-02-17 08:15 |
2025-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
