Latest Vulnerabilities

Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows... (CVE-2024-38909)	2025-03-14 19:40:21 UTC (2 days ago)
RegEx Denial of Service in domain-suffix 1.0.8 allows attackers to crash the application via crafted input to the parse function. (CVE-2024-25354)	2025-03-14 19:40:21 UTC (2 days ago)
A cross-site scripting (XSS) vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted... (CVE-2024-25226)	2025-03-14 19:40:20 UTC (2 days ago)
VMSA-2024-0017: VMware Aria Automation updates address SQL-injection vulnerability (CVE-2024-22280) (CVE-2024-22280)	2025-03-14 19:40:20 UTC (2 days ago)
Blind SQL Injection in Logout (CVE-2024-12245)	2025-03-14 19:40:20 UTC (2 days ago)
Reflected Cross-Site Scripting (XSS) (CVE-2024-12020)	2025-03-14 19:40:20 UTC (2 days ago)
Arbitrary File Read via Document API (CVE-2024-12019)	2025-03-14 19:40:20 UTC (2 days ago)
In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This... (CVE-2024-0015)	2025-03-14 19:40:20 UTC (2 days ago)
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations (CVE-2025-29780)	2025-03-14 18:40:25 UTC (2 days ago)
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Inadequate Fault Injection Countermeasures in `secure_redundant_execution` (CVE-2025-29779)	2025-03-14 18:40:25 UTC (2 days ago)