NA - CVE-2025-27254 - Improper Authentication vulnerability in GE...
Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can be disabled by altering a Windows registry...
NA - CVE-2025-27255 - Use of Hard-coded Credentials vulnerability in...
Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker...
NA - CVE-2025-27256 - Missing Authentication for Critical Function...
Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. Since the client...
NA - CVE-2025-27257 - Insufficient Verification of Data Authenticity...
Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user to install a modified firmware. The firmware signature verification is...
NA - CVE-2024-13918 - The Laravel framework versions between 11.9.0...
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page.
NA - CVE-2024-13919 - The Laravel framework versions between 11.9.0...
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page.
NA - CVE-2025-24387 - A vulnerability in OTRS Application Server...
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible...
Medium - CVE-2025-2147 - A vulnerability was found in Beijing Zhide...
A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. It has been classified as problematic. Affected is an unknown...
NA - CVE-2025-1944 - picklescan before 0.0.23 is vulnerable to a ZIP...
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP...
NA - CVE-2025-1945 - picklescan before 0.0.23 fails to detect...
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an...