Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user...
MEDIUM Published: 2025-08-29Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow...
MEDIUM Published: 2025-08-26Git contains a link following vulnerability that stems from Git’s inconsistent handling of carriag...
MEDIUM Published: 2025-08-25Citrix Session Recording contains an improper privilege management vulnerability that could allow fo...
MEDIUM Published: 2025-08-25Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limi...
MEDIUM Published: 2025-08-25Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework...
MEDIUM Published: 2025-08-21Trend Micro Apex One Management Console (on-premise) contains an OS command injection vulnerability...
MEDIUM Published: 2025-08-18N-able N-Central contains a command injection vulnerability via improper sanitization of user input....
MEDIUM Published: 2025-08-13N-able N-Central contains an insecure deserialization vulnerability that could lead to command execu...
MEDIUM Published: 2025-08-13RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This...
MEDIUM Published: 2025-08-12Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a s...
MEDIUM Published: 2025-08-12Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code e...
MEDIUM Published: 2025-08-12D-Link DCS-2530L and DCS-2670L devices contains an unspecified vulnerability that could allow for re...
MEDIUM Published: 2025-08-05D-Link DCS-2530L and DCS-2670L devices contains a command injection vulnerability in the cgi-bin/ddn...
MEDIUM Published: 2025-08-05D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow a...
MEDIUM Published: 2025-08-05PaperCut NG/MF contains a cross-site request forgery (CSRF) vulnerability, which, under specific con...
MEDIUM Published: 2025-07-28Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE an...
MEDIUM Published: 2025-07-28Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE an...
MEDIUM Published: 2025-07-28SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in th...
MEDIUM Published: 2025-07-22SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in th...
MEDIUM Published: 2025-07-22Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerabi...
MEDIUM Published: 2025-07-22CrushFTP contains an unprotected alternate channel vulnerability. When the DMZ proxy feature is not...
MEDIUM Published: 2025-07-22Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker...
MEDIUM Published: 2025-07-22Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized att...
MEDIUM Published: 2025-07-22Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability t...
MEDIUM Published: 2025-07-20Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker...
MEDIUM Published: 2025-07-18Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that...
MEDIUM Published: 2025-07-14Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient inp...
MEDIUM Published: 2025-07-10Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery (SSRF) vulnerability...
MEDIUM Published: 2025-07-07Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept...
MEDIUM Published: 2025-07-07PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied inpu...
MEDIUM Published: 2025-07-07Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote a...
MEDIUM Published: 2025-07-07Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to per...
MEDIUM Published: 2025-07-02TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnera...
MEDIUM Published: 2025-07-01TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability....
MEDIUM Published: 2025-07-01Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended contr...
MEDIUM Published: 2025-06-30Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker...
MEDIUM Published: 2025-06-25D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the compone...
MEDIUM Published: 2025-06-25AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Inte...
MEDIUM Published: 2025-06-25Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to t...
MEDIUM Published: 2025-06-17TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerabi...
MEDIUM Published: 2025-06-16Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processin...
MEDIUM Published: 2025-06-16Microsoft Windows contains an external control of file name or path vulnerability that could allow a...
MEDIUM Published: 2025-06-10Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code executi...
MEDIUM Published: 2025-06-10RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a re...
MEDIUM Published: 2025-06-09Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability....
MEDIUM Published: 2025-06-09Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote...
MEDIUM Published: 2025-06-05Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allo...
MEDIUM Published: 2025-06-03Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allo...
MEDIUM Published: 2025-06-03Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for mem...
MEDIUM Published: 2025-06-03