NA - CVE-2024-55592 - An incorrect authorization vulnerability...
An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all...
NA - CVE-2024-55597 - A improper limitation of a pathname to a...
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiWeb versions 7.0.0 through 7.6.0 allows attacker to execute unauthorized code or commands...
NA - CVE-2025-22454 - Insufficiently restrictive permissions in...
Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.
NA - CVE-2025-27403 - Ratify is a verification engine as a binary...
Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies the...
NA - CVE-2025-25680 - LSC Smart Connect LSC Indoor PTZ Camera 7.6.32...
LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution...
NA - CVE-2025-25747 - Cross Site Scripting vulnerability in...
Cross Site Scripting vulnerability in DigitalDruid HotelDruid v.3.0.7 allows an attacker to execute arbitrary code and obtain sensitive information via the ripristina_backup parameter in the...
NA - CVE-2025-27601 - Umbraco is a free and open source .NET content...
Umbraco is a free and open source .NET content management system. An improper API access control issue has been identified Umbraco's API management package prior to versions 15.2.3 and 14.3.3,...
NA - CVE-2025-27602 - Umbraco is a free and open source .NET content...
Umbraco is a free and open source .NET content management system. In versions of Umbraco's web backoffice program prior to versions 10.8.9 and 13.7.1, via manipulation of backoffice API URLs,...
NA - CVE-2025-27617 - Pimcore is an open source data and experience...
Pimcore is an open source data and experience management platform. Prior to version 11.5.4, authenticated users can craft a filter string used to cause a SQL injection. Version 11.5.4 fixes the issue.
Medium - CVE-2024-56338 - IBM Sterling B2B Integrator Standard Edition...
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed...