Low - CVE-2024-4028 - A vulnerability was found in Keycloak. This...
A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin...
NA - CVE-2024-50608 - An issue was discovered in Fluent Bit 3.1.9....
An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it...
NA - CVE-2024-50609 - An issue was discovered in Fluent Bit 3.1.9....
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the...
NA - CVE-2024-56882 - Sage DPW before 2024_12_000 is vulnerable to...
Sage DPW before 2024_12_000 is vulnerable to Cross Site Scripting (XSS). Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo...
NA - CVE-2024-56883 - Sage DPW before 2024_12_001 is vulnerable to...
Sage DPW before 2024_12_001 is vulnerable to Incorrect Access Control. The implemented role-based access controls are not always enforced on the server side. Low-privileged Sage users with employee...
NA - CVE-2025-25300 - smartbanner.js is a customizable smart app...
smartbanner.js is a customizable smart app banner for iOS and Android. Prior to version 1.14.1, clicking on smartbanner `View` link and navigating to 3rd party page leaves `window.opener` exposed....
NA - CVE-2025-26058 - Webkul QloApps v1.6.1 exposes authentication...
Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens...
NA - CVE-2025-26620 - Duende.AccessTokenManagement is a set of .NET...
Duende.AccessTokenManagement is a set of .NET libraries that manage OAuth and OpenId Connect access tokens. Duende.AccessTokenManagement contains a race condition when requesting access tokens...
Medium - CVE-2024-45774 - A flaw was found in grub2. A specially crafted...
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The...