NA - CVE-2025-38173 - In the Linux kernel, the following...
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just...
Medium - CVE-2024-5647 - Multiple plugins for WordPress are vulnerable...
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Magnific Popups library (version 1.1.0) in various versions due to insufficient input...
NA - CVE-2025-0885 - Incorrect Authorization vulnerability in...
Incorrect Authorization vulnerability in OpenText™ GroupWise allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow unauthorized access to calendar...
NA - CVE-2025-6587 - System environment variables are recorded in...
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys,...
NA - CVE-2025-1710 - The maxView Storage Manager does not implement...
The maxView Storage Manager does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.
NA - CVE-2025-27447 - The web application is susceptible to...
The web application is susceptible to cross-site-scripting attacks. An attacker can create a prepared URL, which injects JavaScript code into the website. The code is executed in the victim’s...
NA - CVE-2025-27448 - The web application is susceptible to...
The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboards can inject JavaScript code into the dashboard name which will be executed when the...