Total
56 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3536 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-03-05 | N/A | 8.8 HIGH |
|
Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
|
|||||
| CVE-2026-3538 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-03-05 | N/A | 8.8 HIGH |
|
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
|
|||||
| CVE-2026-2649 | 1 Google | 1 Chrome | 2026-02-19 | N/A | 8.8 HIGH |
|
Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2025-14750 | 2026-01-26 | N/A | N/A | ||
|
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges.
|
|||||
| CVE-2025-54832 | 1 Opexustech | 1 Foiaxpress Public Access Link | 2026-01-23 | N/A | 4.3 MEDIUM |
|
OPEXUS FOIAXpress Public Access Link (PAL), version v11.1.0, allows an authenticated user to add entries to the list of states and territories.
|
|||||
| CVE-2024-22049 | 3 Debian, Fedoraproject, Jnunemaker | 3 Debian Linux, Fedora, Httparty | 2026-01-07 | N/A | 5.3 MEDIUM |
|
httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. A remote and unauthenticated attacker can provide a crafted filename parameter during multipart/form-data uploads which could result in attacker controlled filenames being written.
|
|||||
| CVE-2025-67846 | 1 Mintlify | 1 Mintlify | 2026-01-02 | N/A | 4.9 MEDIUM |
|
The Deployment Infrastructure in Mintlify Platform before 2025-11-15 allows remote attackers to bypass security patches and execute downgrade attacks via predictable deployment identifiers on the Vercel preview domain. An attacker can identify the URL structure of a previous deployment that contains unpatched vulnerabilities. By browsing directly to the specific git-ref or deployment-id subdomain, the attacker can force the application to load the vulnerable version.
|
|||||
| CVE-2025-66385 | 2025-12-01 | N/A | N/A | ||
|
UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a higher role such as admin) via the user-edit endpoint by supplying or modifying role_id or organisation_id fields in the edit request.
|
|||||
| CVE-2024-9123 | 1 Google | 1 Chrome | 2025-11-20 | N/A | 8.8 HIGH |
|
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2025-35939 | 1 Craftcms | 1 Craft Cms | 2025-10-24 | N/A | 5.3 MEDIUM |
|
Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at '/var/lib/php/sessions'. Such session files are named 'sess_[session_value]', where '[session_value]' is provided to the client in a 'Set-Cookie' response header. Craft CMS stores the return URL request ...
Show More |
|||||
| CVE-2024-50703 | 1 Teampass | 1 Teampass | 2025-09-29 | N/A | 5.4 MEDIUM |
|
TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.
|
|||||
| CVE-2025-10891 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-25 | N/A | 8.8 HIGH |
|
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2025-10892 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-25 | N/A | 8.8 HIGH |
|
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2024-25153 | 1 Fortra | 1 Filecatalyst Workflow | 2025-09-19 | N/A | 9.8 CRITICAL |
|
A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.
|
|||||
| CVE-2025-54551 | 2025-08-20 | N/A | 4.3 MEDIUM | ||
|
Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the search function.
|
|||||
| CVE-2025-27893 | 1 Archerirm | 1 Archer | 2025-08-08 | N/A | 1.8 LOW |
|
In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. NOTE: the Supplier analyzed the reported exploitation steps and found that, although the user can modify the immutable field, upon switching to View mode the field is reverted to its original value, without anything being saved to the database (and con ...
Show More |
|||||
| CVE-2025-8198 | 2025-07-29 | N/A | 7.5 HIGH | ||
|
The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.9.0. This is due to an insufficient check on quantity values when changing quantities in the cart. This makes it possible for unauthenticated attackers to add items to the cart and adjust the quantity to a fractional amount, causing the price to change based on the fractional amount. The vulnerability cannot be exploited if WooCommerce vers ...
Show More |
|||||
| CVE-2025-7656 | 1 Google | 1 Chrome | 2025-07-16 | N/A | 8.8 HIGH |
|
Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2025-43933 | 2025-07-08 | N/A | 9.8 CRITICAL | ||
|
fblog through 983bede allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.
|
|||||
| CVE-2025-43930 | 2025-07-08 | N/A | 9.8 CRITICAL | ||
|
Hashview 0.8.1 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.
|
|||||
| CVE-2025-6191 | 1 Google | 1 Chrome | 2025-07-03 | N/A | 8.8 HIGH |
|
Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2025-25382 | 1 Ikm | 1 Sanchaya | 2025-06-23 | N/A | 7.5 HIGH |
|
An issue in the Property Tax Payment Portal in Information Kerala Mission SANCHAYA v3.0.4 allows attackers to arbitrarily modify payment amounts via a crafted request.
|
|||||
| CVE-2025-22384 | 1 Optimizely | 1 Configured Commerce | 2025-05-20 | N/A | 7.5 HIGH |
|
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server.
|
|||||
| CVE-2025-43002 | 2025-05-13 | N/A | 4.3 MEDIUM | ||
|
SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted.
|
|||||
| CVE-2025-47817 | 2025-05-12 | N/A | 8.8 HIGH | ||
|
In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter.
|
|||||
| CVE-2025-47245 | 2025-05-05 | N/A | 8.1 HIGH | ||
|
In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role.
|
|||||
| CVE-2025-3743 | 2025-04-29 | N/A | 5.3 MEDIUM | ||
|
The Upsell Funnel Builder for WooCommerce plugin for WordPress is vulnerable to order manipulation in all versions up to, and including, 3.0.0. This is due to the plugin allowing the additional product ID and discount field to be manipulated prior to processing via the 'add_offer_in_cart' function. This makes it possible for unauthenticated attackers to arbitrarily update the product associated with any order bump, and arbitrarily update the discount applied to any order bump item, when adding i ...
Show More |
|||||
| CVE-2025-3530 | 2025-04-23 | N/A | 7.5 HIGH | ||
|
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw involving the inconsistent use of parameters during the cart addition process. The plugin uses the parameter 'product_tmp_two' for computing a security hash against price tampering while using 'wspsc_product' to display the product, allowing an unauthenticated attacker to substitute details from a cheaper product and bypass p ...
Show More |
|||||
| CVE-2025-31327 | 2025-04-23 | N/A | 4.3 MEDIUM | ||
|
SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability are not impacted.
|
|||||
| CVE-2025-0436 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
|
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2017-5261 | 1 Cambiumnetworks | 10 Cnpilot E400, Cnpilot E400 Firmware, Cnpilot E410 and 7 more | 2025-04-20 | 4.0 MEDIUM | 8.8 HIGH |
|
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to all authenticated users.
|
|||||
| CVE-2017-5260 | 1 Cambiumnetworks | 10 Cnpilot E400, Cnpilot E400 Firmware, Cnpilot E410 and 7 more | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
|
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' account, the configuration file is accessible via direct object reference (DRO) at http://<device-ip-or-hostname>/goform/down_cfg_file by this otherwise low privilege 'user' account.
|
|||||
| CVE-2025-32816 | 2025-04-11 | N/A | 3.1 LOW | ||
|
CodeLit CourseLit before 0.57.5 allows Parameter Tampering via a payment plan associated with the wrong entity.
|
|||||
| CVE-2025-31333 | 2025-04-08 | N/A | 4.3 MEDIUM | ||
|
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted.
|
|||||
| CVE-2023-24373 | 1 Wpdevart | 1 Booking Calendar | 2025-03-21 | N/A | 3.7 LOW |
|
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3.
|
|||||
| CVE-2025-30152 | 2025-03-19 | N/A | 6.5 MEDIUM | ||
|
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. Prior to 1.6.2, 1.7.2, and 2.0.2, a discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal transaction from a product page or the cart page and then returns to the order summary page, they can still manipulate the cart contents before finalizing the order. As a result, the order amount in Syli ...
Show More |
|||||
| CVE-2025-30236 | 2025-03-19 | N/A | 8.6 HIGH | ||
|
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter.
|
|||||
| CVE-2025-26312 | 2025-03-17 | N/A | N/A | ||
|
SendQuick Entera devices before 11HF5 are vulnerable to CAPTCHA bypass by removing the Captcha parameter.
|
|||||
| CVE-2025-29788 | 2025-03-17 | N/A | 6.5 MEDIUM | ||
|
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after initiating the PayPal Express Checkout process, PayPal will not receive the updated total amount. As a result, PayPal captures only the initially transmitted amount, while Sylius incorrectly considers the ord ...
Show More |
|||||
| CVE-2023-28512 | 1 Ibm | 1 Watson Cp4d Data Stores | 2025-01-29 | N/A | 5.9 MEDIUM |
|
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge about the system to manipulate data due to improper input validation. IBM X-Force ID: 250396.
|
|||||