-
CVE-2025-22145 – Carbon PHP DateTime Remote File Include Vulnerability
CVE ID : CVE-2025-22145 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include…
-
CVE-2024-53995 – SickChill Open Redirect Vulnerability
CVE ID : CVE-2024-53995 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint’s `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open…
-
CVE-2024-52869 – Teradata SUSE Enterprise Linux Server Elevated Privilege Group Misassignment
CVE ID : CVE-2024-52869 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux Server (SLES) 12 Service Pack (SP) 2 or 3 to SLES 15 SP2…
-
CVE-2025-22143 – WeGIA Web Manager Reflected Cross-Site Scripting
CVE ID : CVE-2025-22143 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This vulnerability…
-
CVE-2025-0194 – GitLab Information Disclosure
CVE ID : CVE-2025-0194 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.1, starting from 17.6 prior to 17.6.1, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged…
-
CVE-2024-45345 – Cisco WebEx Data Placeholder Command Injection Vulnerability
CVE ID : CVE-2024-45345 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : Rejected reason: reserved but not needed Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2024-45344 – Apache HTTPd Denial of Service
CVE ID : CVE-2024-45344 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : Rejected reason: reserved but not needed Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2024-45343 – Adobe Flash PathTraversal
CVE ID : CVE-2024-45343 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : Rejected reason: reserved but not needed Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2024-45342 – Cisco Router Denial of Service
CVE ID : CVE-2024-45342 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : Rejected reason: reserved but not needed Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source