-
CVE-2025-22140 – WeGIA SQL Injection Vulnerability (Authenticated)
CVE ID : CVE-2025-22140 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependente_listar_um.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability…
-
CVE-2025-0291 – Google Chrome Type Confusion Vulnerability
CVE ID : CVE-2025-0291 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Severity: 8.3 | HIGH Visit the link for…
-
CVE-2024-54818 – SourceCodester Computer Laboratory Management System Unauthenticated Remote OS Command Injection
CVE ID : CVE-2024-54818 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2024-51442 – Minidlna Command Injection Vulnerability
CVE ID : CVE-2024-51442 Published : Jan. 8, 2025, 6:15 p.m. | 3 hours, 28 minutes ago Description : Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected…
-
CVE-2025-22137 – Pingvin Share File Traversal
CVE ID : CVE-2025-22137 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : Pingvin Share is a self-hosted file sharing platform and an alternative for WeTransfer. This vulnerability allows an authenticated or unauthenticated (if anonymous shares are allowed) user to overwrite arbitrary files on the server, including sensitive system files, via…
-
CVE-2024-55656 – Redis RedisBloom Probabilistic Data Structures Integer Overflow Information Leak Out-of-Bounds Write
CVE ID : CVE-2024-55656 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the…
-
CVE-2024-55517 – Polaris FT Intellect Core Banking SQL Injection
CVE ID : CVE-2024-55517 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated…
-
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall urges admins to patch exploitable SSLVPN bug immediately SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual ex … Read more Published Date: Jan 08, 2025 (2 hours, 27 minutes ago) Vulnerabilities has been mentioned in this…