CVE ID : CVE-2025-24787 Published : Feb. 6, 2025, 7:15 p.m. | 50 minutes ago Description : WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The…

CVE ID : CVE-2025-24981 Published : Feb. 6, 2025, 6:15 p.m. | 1 hour, 50 minutes ago Description : MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. In affected versions unsafe parsing logic of the URL from markdown can lead to arbitrary JavaScript code due to a bypass…

CVE ID : CVE-2025-24786 Published : Feb. 6, 2025, 7:15 p.m. | 50 minutes ago Description : WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory `/db`, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present…

CVE ID : CVE-2023-5878 Published : Feb. 6, 2025, 3:15 p.m. | 4 hours, 50 minutes ago Description : Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who is authenticated could use the firmware update process to potentially exploit the vulnerability, leading…

CVE ID : CVE-2024-39272 Published : Feb. 6, 2025, 5:15 p.m. | 2 hours, 50 minutes ago Description : A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to…

CVE ID : CVE-2024-37358 Published : Feb. 6, 2025, 12:15 p.m. | 7 hours, 50 minutes ago Description : Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6…

CVE ID : CVE-2022-31764 Published : Feb. 6, 2025, 3:15 p.m. | 4 hours, 50 minutes ago Description : The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed…

CVE ID : CVE-2025-20094 Published : Feb. 6, 2025, 8:15 a.m. | 11 hours, 50 minutes ago Description : Unprotected Windows messaging channel (‘Shatter’) issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code…

CVE ID : CVE-2025-23236 Published : Feb. 6, 2025, 8:15 a.m. | 11 hours, 50 minutes ago Description : Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained. Severity: 8.8 | HIGH Visit…

CVE ID : CVE-2024-51450 Published : Feb. 6, 2025, 1:15 a.m. | 18 hours, 50 minutes ago Description : IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. Severity: 9.1 | CRITICAL Visit the link for more details, such as…