NA - CVE-2025-23211 - Tandoor Recipes is an application for managing...
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute commands on the server. In the case of...
NA - CVE-2025-23212 - Tandoor Recipes is an application for managing...
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The external storage feature allows any user to enumerate the name and content of files on the...
NA - CVE-2025-23213 - Tandoor Recipes is an application for managing...
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The file upload feature allows to upload arbitrary files, including html and svg. Both can...
NA - CVE-2025-23385 - In JetBrains ReSharper before 2024.3.4,...
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local...
NA - CVE-2025-24800 - Hyperbridge is a hyper-scalable coprocessor for...
Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily...
NA - CVE-2017-13317 - In HeifDecoderImpl::getScanline of...
In HeifDecoderImpl::getScanline of HeifDecoderImpl.cpp, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional...
NA - CVE-2017-13318 - In HeifDataSource::readAt of...
In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution...
NA - CVE-2018-9373 - In TdlsexRxFrameHandle of the MTK WLAN driver,...
In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution...
NA - CVE-2018-9378 - In BnAudioPolicyService::onTransact of...
In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no...
NA - CVE-2024-8401 - CWE-79: Improper Neutralization of Input During...
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists when an authenticated attacker modifies folder names within the context of the...