NA - CVE-2025-50125 - CWE-918: Server-Side Request Forgery (SSRF)...
CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledge of hidden URLs and...
NA - CVE-2025-6788 - CWE-668: Exposure of Resource to Wrong Sphere...
CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that exposes TGML diagram resources to the wrong control sphere, providing other authenticated users with potentially...
Low - CVE-2025-53861 - A flaw was found in Ansible. Sensitive cookies...
A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks allowing attackers to...
Low - CVE-2025-53862 - A flaw was found in Ansible. Three API...
A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information.
NA - CVE-2025-51591 - A Server-Side Request Forgery (SSRF) in JGM...
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe.
NA - CVE-2023-38327 - An issue was discovered in eGroupWare...
An issue was discovered in eGroupWare 17.1.20190111. A User Enumeration vulnerability exists under calendar/freebusy.php, which allows unauthenticated remote attackers to enumerate the users of web...
NA - CVE-2023-38329 - An issue was discovered in eGroupWare...
An issue was discovered in eGroupWare 17.1.20190111. A cross-site scripting Reflected (XSS) vulnerability exists in calendar/freebusy.php, which allows unauthenticated remote attackers to inject...
High - CVE-2025-30661 - An Incorrect Permission Assignment for Critical...
An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low-privileged user to install scripts to be...
NA - CVE-2025-48924 - Uncontrolled Recursion vulnerability in Apache...
Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3...
NA - CVE-2025-52089 - A hidden remote support feature protected by a...
A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges.