For individuals | HunCERT group

7 Jul 2025

Riasztás

High - CVE-2025-7117 - A vulnerability classified as critical was...

A vulnerability classified as critical was found in UTT HiPER 840G up to 3.1.1-190328. This vulnerability affects unknown code of the file /goform/websWhiteList. The manipulation of the argument...

security-database.com

7 Jul 2025

Riasztás

High - CVE-2025-7118 - A vulnerability, which was classified as...

A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects some unknown processing of the file /goform/formPictureUrl. The...

security-database.com

7 Jul 2025

Riasztás

High - CVE-2025-7119 - A vulnerability has been found in Campcodes...

A vulnerability has been found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /users/index.php. The...

security-database.com

7 Jul 2025

Riasztás

NA - CVE-2025-3920 - A vulnerability was identified in SUR-FBD CMMS...

A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software....

security-database.com

7 Jul 2025

Riasztás

High - CVE-2025-7120 - A vulnerability was found in Campcodes...

A vulnerability was found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /users/check_availability.php....

security-database.com

7 Jul 2025

Riasztás

Medium - CVE-2025-7121 - A vulnerability was found in Campcodes...

A vulnerability was found in Campcodes Complaint Management System 1.0. It has been classified as critical. This affects an unknown part of the file /users/complaint-details.php. The manipulation...

security-database.com

7 Jul 2025

Riasztás

NA - CVE-2024-43334 - Improper Neutralization of Input During Web...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gavias Halpes allows Reflected XSS.This issue affects Halpes: from n/a before 1.2.5.

security-database.com

7 Jul 2025

Riasztás

NA - CVE-2025-3044 - A vulnerability in the ArxivReader class of the...

A vulnerability in the ArxivReader class of the run-llama/llama_index repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This...

security-database.com

7 Jul 2025

Riasztás

NA - CVE-2025-3046 - A vulnerability in the `ObsidianReader` class...

A vulnerability in the `ObsidianReader` class of the run-llama/llama_index repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The `ObsidianReader` fails...

security-database.com

7 Jul 2025

Riasztás

NA - CVE-2025-3225 - An XML Entity Expansion vulnerability, also...

An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llama_index repository, specifically affecting version...

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.