Vulnerability Summary for the Week of March 10, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info 1E--1E Client  Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior…

Comments Off on Vulnerability Summary for the Week of March 10, 2025

Vulnerability Summary for the Week of March 3, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info n/a--n/a  Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via…

Comments Off on Vulnerability Summary for the Week of March 3, 2025

Vulnerability Summary for the Week of February 24, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info jupyterhub--ltiauthenticator  `jupyterhub-ltiauthenticator` is a JupyterHub authenticator for learning tools interoperability (LTI). LTI13Authenticator that was introduced in `jupyterhub-ltiauthenticator` 1.3.0 wasn't…

Comments Off on Vulnerability Summary for the Week of February 24, 2025

Vulnerability Summary for the Week of February 17, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info a1post--A1POST.BG Shipping for Woo  Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This…

Comments Off on Vulnerability Summary for the Week of February 17, 2025

Vulnerability Summary for the Week of February 10, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info ABB--System 800xA  A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is…

Comments Off on Vulnerability Summary for the Week of February 10, 2025

Vulnerability Summary for the Week of February 3, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info .TUBE gTLD--.TUBE Video Curator  Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in .TUBE gTLD .TUBE…

Comments Off on Vulnerability Summary for the Week of February 3, 2025

Vulnerability Summary for the Week of January 27, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info 0xPolygonZero--plonky2  Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not…

Comments Off on Vulnerability Summary for the Week of January 27, 2025

Vulnerability Summary for the Week of January 20, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info aEnrich Technology--a+HRD  The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary…

Comments Off on Vulnerability Summary for the Week of January 20, 2025

Vulnerability Summary for the Week of January 13, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info 1000 Projects--Campaign Management System Platform for Women  A vulnerability was found in 1000 Projects Campaign Management System Platform for…

Comments Off on Vulnerability Summary for the Week of January 13, 2025

Vulnerability Summary for the Week of January 6, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info 5centsCDN--5centsCDN  Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 5centsCDN 5centsCDN allows Reflected XSS.This issue…

Comments Off on Vulnerability Summary for the Week of January 6, 2025