A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/user_permission.php of the co
A vulnerability classified as critical has been found in 299Ko CMS 2.0.0. This affects an unknown part of the file /admin/filemanager/view of the component File Management. The manipulation leads to u
A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorizatio
A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. U
A vulnerability in Intrexx Portal Server 12.0.2 and earlier which was classified as problematic potentially allows users with particular permissions under certain conditions to see potentially sensiti
Insertion of Sensitive Information Into Sent Data vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through <= 1.7.28.
A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges c
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument fileP
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the fil
A vulnerability, which was classified as critical, has been found in quequnlong shiyi-blog up to 1.2.1. This issue affects some unknown processing of the file /dev api/app/album/photos/. The manipulat
A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument __proto__ causes improperly contr
CVE-2025-54085 is a vulnerability in the management console
of Absolute Secure Access prior to version 13.56. Attackers with administrative
access to the console and who have been assigned a certain s
A vulnerability, which was classified as critical, was found in LitmusChaos Litmus up to 3.19.0. This affects an unknown part of the file /auth/login. The manipulation of the argument projectID leads
A vulnerability was found in TCS BaNCS 10. It has been classified as problematic. This affects an unknown part of the file /REPORTS/REPORTS_SHOW_FILE.jsp. The manipulation of the argument FilePath lea
A vulnerability, which was classified as critical, has been found in Wangshen SecGate 3600 2024. This issue affects some unknown processing of the file ?g=obj_area_export_save. The manipulation of the
A vulnerability classified as critical has been found in quequnlong shiyi-blog up to 1.2.1. This affects an unknown part of the file /api/file/upload. The manipulation of the argument file/source lead
There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMemFileHandle() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary cod
A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an administrative user to access system files with the file p
A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Pag
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.4 and 8.6.17, a stored cross-site scripting (XSS) vulnerability allows any