Medium - CVE-2024-56827 - A flaw was found in the OpenJPEG project. A...
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an...
High - CVE-2025-0306 - A vulnerability was found in Ruby. The Ruby...
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by...
NA - CVE-2025-0328 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, has been found in KaiYuanTong ECT Platform up to 2.0.0. Affected by this issue is some unknown functionality of the file...
NA - CVE-2025-0331 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of...
NA - CVE-2025-0333 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads...
NA - CVE-2024-10815 - The PostLists WordPress plugin through 2.0.2...
The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site...
NA - CVE-2024-12714 - The Backlink Monitoring Manager WordPress...
The Backlink Monitoring Manager WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which...
NA - CVE-2024-12715 - The Asgard Security Scanner WordPress plugin...
The Asgard Security Scanner WordPress plugin through 0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be...
NA - CVE-2024-12717 - The Aklamator INfeed WordPress plugin through...
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...
NA - CVE-2024-12731 - The Aklamator INfeed WordPress plugin through...
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used...