CVE Alerts
@cve.skyfleet.blue
Unofficial account to notify You about new CVE id's
CVE is a program that identifies, defines, and catalogs publicly disclosed cybersecurity vulnerabilities.
check out @infosec.skyfleet.blue
🆘 @skyfleet.blue
CVE is a program that identifies, defines, and catalogs publicly disclosed cybersecurity vulnerabilities.
check out @infosec.skyfleet.blue
🆘 @skyfleet.blue
CVE-2025-36462 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36462
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE ID : CVE-2025-36462
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE-2025-36462 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. …
cvefeed.io
November 18, 2025 at 1:31 AM
CVE-2025-36462 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36462
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE ID : CVE-2025-36462
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE-2025-13230 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability
CVE ID : CVE-2025-13230
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potential...
CVE ID : CVE-2025-13230
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potential...
CVE-2025-13230 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
cvefeed.io
November 18, 2025 at 1:27 AM
CVE-2025-13230 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability
CVE ID : CVE-2025-13230
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potential...
CVE ID : CVE-2025-13230
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potential...
CVE-2025-13228 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13228
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE ID : CVE-2025-13228
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE-2025-13228 - Google Chrome V8 Type Confusion Heap Corruption
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
cvefeed.io
November 18, 2025 at 1:23 AM
CVE-2025-13228 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13228
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE ID : CVE-2025-13228
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE-2025-13227 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13227
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE ID : CVE-2025-13227
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE-2025-13227 - Google Chrome V8 Type Confusion Heap Corruption
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
cvefeed.io
November 18, 2025 at 1:20 AM
CVE-2025-13227 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13227
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE ID : CVE-2025-13227
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE-2025-36460 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36460
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE ID : CVE-2025-36460
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE-2025-36460 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. …
cvefeed.io
November 18, 2025 at 1:18 AM
CVE-2025-36460 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36460
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE ID : CVE-2025-36460
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE-2025-31361 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability
CVE ID : CVE-2025-31361
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A privilege escalation vulnerability exists in th...
CVE ID : CVE-2025-31361
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A privilege escalation vulnerability exists in th...
CVE-2025-31361 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability
A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue an api call to trigger this vulnerability.
cvefeed.io
November 18, 2025 at 1:15 AM
CVE-2025-31361 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability
CVE ID : CVE-2025-31361
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A privilege escalation vulnerability exists in th...
CVE ID : CVE-2025-31361
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A privilege escalation vulnerability exists in th...
CVE-2025-36463 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36463
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE ID : CVE-2025-36463
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE-2025-36463 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. …
cvefeed.io
November 18, 2025 at 1:13 AM
CVE-2025-36463 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36463
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE ID : CVE-2025-36463
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilit...
CVE-2025-31649 - Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability
CVE ID : CVE-2025-31649
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A hard-coded password vulnerability exists in the ControlVault WBDI Driver ...
CVE ID : CVE-2025-31649
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A hard-coded password vulnerability exists in the ControlVault WBDI Driver ...
CVE-2025-31649 - Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability
A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability.
cvefeed.io
November 18, 2025 at 1:11 AM
CVE-2025-31649 - Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability
CVE ID : CVE-2025-31649
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A hard-coded password vulnerability exists in the ControlVault WBDI Driver ...
CVE ID : CVE-2025-31649
Published : Nov. 17, 2025, 11:15 p.m. | 1 hour, 49 minutes ago
Description : A hard-coded password vulnerability exists in the ControlVault WBDI Driver ...
CVE-2025-13226 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13226
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE ID : CVE-2025-13226
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE-2025-13226 - Google Chrome V8 Type Confusion Heap Corruption
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
cvefeed.io
November 18, 2025 at 1:09 AM
CVE-2025-13226 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13226
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE ID : CVE-2025-13226
Published : Nov. 18, 2025, 12:15 a.m. | 49 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit hea...
CVE-2025-13300 - itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection
CVE ID : CVE-2025-13300
Published : Nov. 17, 2025, 8:32 p.m. | 32 minutes ago
Description : A vulnerability has been found in itsourcecode Web-Based Internet Labora...
CVE ID : CVE-2025-13300
Published : Nov. 17, 2025, 8:32 p.m. | 32 minutes ago
Description : A vulnerability has been found in itsourcecode Web-Based Internet Labora...
CVE-2025-13300 - itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection
A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
cvefeed.io
November 17, 2025 at 10:09 PM
CVE-2025-13300 - itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection
CVE ID : CVE-2025-13300
Published : Nov. 17, 2025, 8:32 p.m. | 32 minutes ago
Description : A vulnerability has been found in itsourcecode Web-Based Internet Labora...
CVE ID : CVE-2025-13300
Published : Nov. 17, 2025, 8:32 p.m. | 32 minutes ago
Description : A vulnerability has been found in itsourcecode Web-Based Internet Labora...
CVE-2025-36357 - IBM Planning Analytics Local Directory Traversal
CVE ID : CVE-2025-36357
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories...
CVE ID : CVE-2025-36357
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories...
CVE-2025-36357 - IBM Planning Analytics Local Directory Traversal
IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system.
cvefeed.io
November 17, 2025 at 10:04 PM
CVE-2025-36357 - IBM Planning Analytics Local Directory Traversal
CVE ID : CVE-2025-36357
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories...
CVE ID : CVE-2025-36357
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories...
CVE-2024-44655 - PHPGurukul Complaint Management System Cross Site Scripting (XSS)
CVE ID : CVE-2024-44655
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) v...
CVE ID : CVE-2024-44655
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) v...
CVE-2024-44655 - PHPGurukul Complaint Management System Cross Site Scripting (XSS)
PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) via the search parameter in user-search.php.
cvefeed.io
November 17, 2025 at 9:59 PM
CVE-2024-44655 - PHPGurukul Complaint Management System Cross Site Scripting (XSS)
CVE ID : CVE-2024-44655
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) v...
CVE ID : CVE-2024-44655
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) v...
CVE-2025-36299 - IBM Planning Analytics Information Disclosure
CVE ID : CVE-2025-36299
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in furth...
CVE ID : CVE-2025-36299
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in furth...
CVE-2025-36299 - IBM Planning Analytics Information Disclosure
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system.
cvefeed.io
November 17, 2025 at 9:54 PM
CVE-2025-36299 - IBM Planning Analytics Information Disclosure
CVE ID : CVE-2025-36299
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in furth...
CVE ID : CVE-2025-36299
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in furth...
CVE-2024-44664 - PHPGurukul Online Shopping Portal SQL Injection Vulnerability
CVE ID : CVE-2024-44664
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, ...
CVE ID : CVE-2024-44664
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, ...
CVE-2024-44664 - PHPGurukul Online Shopping Portal SQL Injection Vulnerability
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php.
cvefeed.io
November 17, 2025 at 9:49 PM
CVE-2024-44664 - PHPGurukul Online Shopping Portal SQL Injection Vulnerability
CVE ID : CVE-2024-44664
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, ...
CVE ID : CVE-2024-44664
Published : Nov. 17, 2025, 8:15 p.m. | 49 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, ...
CVE-2025-36118 - IBM Storage Virtualize Information Disclosure
CVE ID : CVE-2025-36118
Published : Nov. 17, 2025, 8:47 p.m. | 17 minutes ago
Description : IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive infor...
CVE ID : CVE-2025-36118
Published : Nov. 17, 2025, 8:47 p.m. | 17 minutes ago
Description : IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive infor...
CVE-2025-36118 - IBM Storage Virtualize Information Disclosure
IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request.
cvefeed.io
November 17, 2025 at 9:44 PM
CVE-2025-36118 - IBM Storage Virtualize Information Disclosure
CVE ID : CVE-2025-36118
Published : Nov. 17, 2025, 8:47 p.m. | 17 minutes ago
Description : IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive infor...
CVE ID : CVE-2025-36118
Published : Nov. 17, 2025, 8:47 p.m. | 17 minutes ago
Description : IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive infor...
CVE-2024-46335 - PHPGurukul Complaint Management System Cross Site Scripting (XSS)
CVE ID : CVE-2024-46335
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) vi...
CVE ID : CVE-2024-46335
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) vi...
CVE-2024-46335 - PHPGurukul Complaint Management System Cross Site Scripting (XSS)
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userreport.php.
cvefeed.io
November 17, 2025 at 9:40 PM
CVE-2024-46335 - PHPGurukul Complaint Management System Cross Site Scripting (XSS)
CVE ID : CVE-2024-46335
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) vi...
CVE ID : CVE-2024-46335
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) vi...
CVE-2025-64758 - @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message
CVE ID : CVE-2025-64758
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : @dependencytrack/frontend is a Single Page Application (SPA) ...
CVE ID : CVE-2025-64758
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : @dependencytrack/frontend is a Single Page Application (SPA) ...
CVE-2025-64758 - @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message
@dependencytrack/frontend is a Single Page Application (SPA) used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Since version 4.12.0, Dependency-Track users with the SYSTEM_CONFIGURATION permission can configure a "welcome message", which is HTML that is to be …
cvefeed.io
November 17, 2025 at 9:36 PM
CVE-2025-64758 - @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message
CVE ID : CVE-2025-64758
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : @dependencytrack/frontend is a Single Page Application (SPA) ...
CVE ID : CVE-2025-64758
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : @dependencytrack/frontend is a Single Page Application (SPA) ...
CVE-2025-64756 - glob CLI: Command injection via -c/--cmd executes matches with shell:true
CVE ID : CVE-2025-64756
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0....
CVE ID : CVE-2025-64756
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0....
CVE-2025-64756 - glob CLI: Command injection via -c/--cmd executes matches with shell:true
Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0.3, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are used, matched filenames are passed to a shell …
cvefeed.io
November 17, 2025 at 9:33 PM
CVE-2025-64756 - glob CLI: Command injection via -c/--cmd executes matches with shell:true
CVE ID : CVE-2025-64756
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0....
CVE ID : CVE-2025-64756
Published : Nov. 17, 2025, 6:15 p.m. | 2 hours, 48 minutes ago
Description : Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0....
CVE-2024-44660 - PHPGurukul Online Shopping Portal SQL Injection
CVE ID : CVE-2024-44660
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contac...
CVE ID : CVE-2024-44660
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contac...
CVE-2024-44660 - PHPGurukul Online Shopping Portal SQL Injection
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php.
cvefeed.io
November 17, 2025 at 9:30 PM
CVE-2024-44660 - PHPGurukul Online Shopping Portal SQL Injection
CVE ID : CVE-2024-44660
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contac...
CVE ID : CVE-2024-44660
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contac...
CVE-2025-13216 - Apache HTTP Server Remote Code Execution
CVE ID : CVE-2025-13216
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes...
CVE ID : CVE-2025-13216
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes...
CVE-2025-13216 - Apache HTTP Server Remote Code Execution
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
cvefeed.io
November 17, 2025 at 9:27 PM
CVE-2025-13216 - Apache HTTP Server Remote Code Execution
CVE ID : CVE-2025-13216
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes...
CVE ID : CVE-2025-13216
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes...
CVE-2025-63292 - Freebox Exposes Subscribers' IMSI Identifiers in Plaintext
CVE ID : CVE-2025-63292
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolutio...
CVE ID : CVE-2025-63292
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolutio...
CVE-2025-63292 - Freebox Exposes Subscribers' IMSI Identifiers in Plaintext
Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM authentication over the `FreeWifi_secure` …
cvefeed.io
November 17, 2025 at 9:25 PM
CVE-2025-63292 - Freebox Exposes Subscribers' IMSI Identifiers in Plaintext
CVE ID : CVE-2025-63292
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolutio...
CVE ID : CVE-2025-63292
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolutio...
CVE-2024-44663 - PHPGurukul Online Shopping Portal SQL Injection
CVE ID : CVE-2024-44663
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-r...
CVE ID : CVE-2024-44663
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-r...
CVE-2024-44663 - PHPGurukul Online Shopping Portal SQL Injection
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php.
cvefeed.io
November 17, 2025 at 9:24 PM
CVE-2024-44663 - PHPGurukul Online Shopping Portal SQL Injection
CVE ID : CVE-2024-44663
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-r...
CVE ID : CVE-2024-44663
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-r...
CVE-2024-44662 - PHPGurukul Online Shopping Portal SQL Injection
CVE ID : CVE-2024-44662
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the adm...
CVE ID : CVE-2024-44662
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the adm...
CVE-2024-44662 - PHPGurukul Online Shopping Portal SQL Injection
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the admin page.
cvefeed.io
November 17, 2025 at 9:19 PM
CVE-2024-44662 - PHPGurukul Online Shopping Portal SQL Injection
CVE ID : CVE-2024-44662
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the adm...
CVE ID : CVE-2024-44662
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the adm...
CVE-2024-44658 - PHPGurukul Complaint Management System SQL Injection
CVE ID : CVE-2024-44658
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and cat...
CVE ID : CVE-2024-44658
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and cat...
CVE-2024-44658 - PHPGurukul Complaint Management System SQL Injection
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and category parameters in subcategory.php.
cvefeed.io
November 17, 2025 at 9:14 PM
CVE-2024-44658 - PHPGurukul Complaint Management System SQL Injection
CVE ID : CVE-2024-44658
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and cat...
CVE ID : CVE-2024-44658
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and cat...
CVE-2024-44654 - PHPGurukul Complaint Management System SQL Injection Vulnerability
CVE ID : CVE-2024-44654
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email...
CVE ID : CVE-2024-44654
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email...
CVE-2024-44654 - PHPGurukul Complaint Management System SQL Injection Vulnerability
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email and mobileno parameters in reset-password.php.
cvefeed.io
November 17, 2025 at 9:09 PM
CVE-2024-44654 - PHPGurukul Complaint Management System SQL Injection Vulnerability
CVE ID : CVE-2024-44654
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email...
CVE ID : CVE-2024-44654
Published : Nov. 17, 2025, 7:16 p.m. | 1 hour, 48 minutes ago
Description : PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email...