research machine exchange

Data Platform Services
 
  • Log In

Forgot Password research machine exchange

Reset Password

MCO Security Alerts Advisories

  • This handy NordVPN tool flags scam calls on Android – even before you answer
    NordVPN's Scam Call Protection can now help you decide whether to pick up the phone. Here's how to set it up. ... read more
  • Why I recommend this Lenovo tablet over competing Google and Samsung models
    Lenovo's Yoga Tab Plus is a 13-inch Android tablet that combines a brilliant display with nice battery and booming speakers. ... read more
  • What Zuckerberg's 'personal superintelligence' sales pitch leaves out
    Meta CEO Mark Zuckerberg doesn't know how superintelligence will unfold, but still wants you to trust his utopic, AI-powered vision. ... read more
  • Traveling soon? Think twice about using airport Wi-Fi and charging ports – here's why
    According to the TSA, there are safer ways to charge your phone and use Wi-Fi at an airport. ... read more
  • Nothing just launched a stylish $99 smartwatch – with a reported 13-day battery
    CMF, a sub-brand of Nothing, launched the Watch 3 Pro, a sleek smartwatch with up to two weeks of battery life and host of health tracking features. ... read more
  • CVE-2022-44710 | Microsoft Windows 11 22H2 DirectX Graphics Kernel privileges management (EUVD-2022-47644)
    A vulnerability classified as critical was found in Microsoft Windows 11 22H2. Affected by this vulnerability is an unknown functionality of the component DirectX Graphics Kernel. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2022-44710. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this ... read more
  • CVE-2022-48961 | Linux Kernel up to 5.15.82/6.0.12 of_node_get/of_node_put reference count (16854177745a/a5c6de1a6656/cb37617687f2 / Nessus ID 216030)
    A vulnerability was found in Linux Kernel up to 5.15.82/6.0.12. It has been declared as critical. Affected by this vulnerability is the function of_node_get/of_node_put. The manipulation leads to improper update of reference count. This vulnerability is known as CVE-2022-48961. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the ... read more
  • CVE-2022-44689 | Microsoft Windows up to Subsystem Subsystem for Linux privilege escalation (EUVD-2022-47623)
    A vulnerability was found in Microsoft Windows. It has been classified as critical. Affected is an unknown function of the component Subsystem for Linux. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2022-44689. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue. ... read more
  • CVE-2017-17672 | vBulletin up to 5.3.x cacheTemplates unserialize templateidlist deserialization (EDB-43362 / ID 860994)
    A vulnerability was found in vBulletin up to 5.3.x. It has been declared as critical. Affected by this vulnerability is the function unserialize in the library vB_Library_Template's of the file ajax/api/template/cacheTemplates. The manipulation of the argument templateidlist as part of Parameter leads to deserialization. This vulnerability is known as CVE-2017-17672. The attack can be launched remotely. Furthermore, there is an ... read more
  • CVE-2025-46119 | CommScope Management Endpoint /admin/_cmdstat.jsp information disclosure (EUVD-2025-22090)
    A vulnerability was found in CommScope Ruckus Unleashed. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/_cmdstat.jsp of the component Management Endpoint. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-46119. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component. ... read more
  • CVE-2022-41074 | Microsoft Windows up to Server 2022 Datacenter Azure Edition Graphics information disclosure (EUVD-2022-44318)
    A vulnerability classified as problematic was found in Microsoft Windows. Affected by this vulnerability is an unknown functionality of the component Graphics. The manipulation leads to information disclosure. This vulnerability is known as CVE-2022-41074. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue. ... read more
  • CVE-2022-44687 | Microsoft Raw Image Extension Remote Code Execution (EUVD-2022-47621)
    A vulnerability was found in Microsoft Raw Image Extension and classified as critical. This issue affects some unknown processing. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2022-44687. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue. ... read more
  • CVE-2022-48960 | Linux Kernel up to 6.0.12 hix5hd2_rx use after free (Nessus ID 210933 / WID-SEC-2024-3251)
    A vulnerability was found in Linux Kernel up to 6.0.12. It has been classified as critical. Affected is the function hix5hd2_rx. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-48960. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component. ... read more
  • CVE-2022-44713 | Microsoft Office 2019/LTSC 2021 on macOS Outlook (EUVD-2022-47647)
    A vulnerability, which was classified as critical, has been found in Microsoft Office 2019/LTSC 2021 on macOS. Affected by this issue is some unknown functionality of the component Outlook. The manipulation leads to an unknown weakness. This vulnerability is handled as CVE-2022-44713. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch ... read more
  • CVE-2022-47211 | Microsoft Office 365 Apps for Enterprise Graphics Remote Code Execution (EUVD-2022-49986)
    A vulnerability, which was classified as critical, was found in Microsoft Office 365 Apps for Enterprise. This affects an unknown part of the component Graphics. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2022-47211. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to ... read more
  • CVE-2022-47212 | Microsoft Office 365 Apps for Enterprise Graphics Remote Code Execution (EUVD-2022-49987)
    A vulnerability has been found in Microsoft Office 365 Apps for Enterprise and classified as critical. This vulnerability affects unknown code of the component Graphics. The manipulation leads to Remote Code Execution. This vulnerability was named CVE-2022-47212. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue. ... read more
  • CVE-2022-47213 | Microsoft Office 365 Apps for Enterprise Graphics Remote Code Execution (EUVD-2022-49988)
    A vulnerability was found in Microsoft Office 365 Apps for Enterprise and classified as critical. This issue affects some unknown processing of the component Graphics. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2022-47213. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this ... read more
  • CVE-2022-44699 | Microsoft Azure Network Watcher VM Extension authorization (EUVD-2022-47633)
    A vulnerability was found in Microsoft Azure Network Watcher VM Extension. It has been classified as problematic. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2022-44699. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue. ... read more
  • Multiples vulnérabilités dans les produits Fortinet (09 juillet 2025)
    De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données. ... read more
  • Multiples vulnérabilités dans Microsoft Office (09 juillet 2025)
    De multiples vulnérabilités ont été découvertes dans Microsoft Office. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données. ... read more
  • CVE-2025-47103 | Adobe InDesign Desktop up to 19.5.3 heap-based overflow (apsb25-60 / EUVD-2025-20747)
    A vulnerability, which was classified as critical, was found in Adobe InDesign Desktop up to 19.5.3. This affects an unknown part. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-47103. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component. ... read more
  • CVE-2025-7197 | code-projects Jonnys Liquor 1.0 /admin/delete-row.php ID sql injection (EUVD-2025-20753)
    A vulnerability classified as critical has been found in code-projects Jonnys Liquor 1.0. This affects an unknown part of the file /admin/delete-row.php. The manipulation of the argument ID leads to sql injection. This vulnerability is uniquely identified as CVE-2025-7197. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. ... read more
  • CVE-2025-32918 | Checkmk fino 2.1.0/2.2.0p43/2.3.0p34/2.4.0p5 Autocomplete Endpoint escalazione di privilegi
    In Checkmk fino 2.1.0/2.2.0p43/2.3.0p34/2.4.0p5 è stato trovato un punto critico di livello critico. É interessato una funzione sconosciuta del componente Autocomplete Endpoint. Mediante la manipolazione di un input sconosciuto conseguenza di una vulerabilità di classe escalazione di privilegi. L'advisory è scaricabile da checkmk.com. CVE-2025-32918 è identificato come punto debole. L'attacco si effettua con la rete. Il miglior modo suggerito per ... read more
  • CVE-2025-53367 | DjvuNet DjVuLibre up to 3.5.28 MMRDecoder::scanruns out-of-bounds write (GHSL-2025-055 / EUVD-2025-19908)
    A vulnerability, which was classified as critical, has been found in DjvuNet DjVuLibre up to 3.5.28. This issue affects the function MMRDecoder::scanruns. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2025-53367. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component. ... read more
  • CVE-2025-6762 | diyhi bbs bis 6.8 HTTP Header /admin/login getUrl Host erweiterte Rechte
    Es wurde eine Schwachstelle in diyhi bbs bis 6.8 entdeckt. Sie wurde als kritisch eingestuft. Dabei betrifft es die Funktion getUrl der Datei /admin/login der Komponente HTTP Header Handler. Dank Manipulation des Arguments Host mit unbekannten Daten kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. Bereitgestellt wird das Advisory unter github.com. Die Identifikation der Schwachstelle wird mit CVE-2025-6762 vorgenommen. Die Umsetzung des ... read more
  • CVE-2025-6768 | sfturing hosp_order bis 627f426331da8086ce8fff2017d65b1ddef384f8 HospitalServiceImpl.java findAllHosByCondition hospitalName SQL Injection (Issue 110)
    Es wurde eine kritische Schwachstelle in sfturing hosp_order bis 627f426331da8086ce8fff2017d65b1ddef384f8 entdeckt. Es geht dabei um die Funktion findAllHosByCondition der Datei HospitalServiceImpl.java. Durch Beeinflussen des Arguments hospitalName mit unbekannten Daten kann eine SQL Injection-Schwachstelle ausgenutzt werden. Auf github.com kann das Advisory eingesehen werden. Die Verwundbarkeit wird unter CVE-2025-6768 geführt. Der Angriff kann über das Netzwerk passieren. Desweiteren ist ein Exploit verfügbar. ... read more
  • CVE-2025-6765 | Intelbras InControl 2.21.60.9 HTTP PUT Request /v1/operador/ erweiterte Rechte
    Eine Schwachstelle wurde in Intelbras InControl 2.21.60.9 entdeckt. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei /v1/operador/ der Komponente HTTP PUT Request Handler. Durch die Manipulation mit unbekannten Daten kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. Die Verwundbarkeit wird mit der eindeutigen Identifikation CVE-2025-6765 gehandelt. Der Angriff kann über das Netzwerk erfolgen. Desweiteren ist ein Exploit verfügbar. ... read more
  • CVE-2025-6761 | Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0 Freemarker Engine DynamicForm 4 Action.class plugin.buildMobilePopHtml Remote Code Execution (KDPSIRT-2025-00090)
    Eine kritische Schwachstelle wurde in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0 ausgemacht. Dies betrifft die Funktion plugin.buildMobilePopHtml der Datei k3o2oboswebappactionDynamicForm 4 Action.class der Komponente Freemarker Engine. Dank der Manipulation mit unbekannten Daten kann eine Remote Code Execution-Schwachstelle ausgenutzt werden. Das Advisory kann von wx.mail.qq.com heruntergeladen werden. Die Identifikation der Schwachstelle findet als CVE-2025-6761 statt. Der Angriff kann über das Netzwerk passieren. ... read more
  • CVE-2025-6767 | sfturing hosp_order bis 627f426331da8086ce8fff2017d65b1ddef384f8 DoctorServiceImpl.java findDoctorByCondition hospitalName SQL Injection (Issue 109)
    Eine Schwachstelle wurde in sfturing hosp_order bis 627f426331da8086ce8fff2017d65b1ddef384f8 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um die Funktion findDoctorByCondition der Datei DoctorServiceImpl.java. Durch das Beeinflussen des Arguments hospitalName mit unbekannten Daten kann eine SQL Injection-Schwachstelle ausgenutzt werden. Bereitgestellt wird das Advisory unter github.com. Die Verwundbarkeit wird mit der eindeutigen Identifikation CVE-2025-6767 gehandelt. Der Angriff kann über das Netzwerk ... read more
  • CVE-2025-6766 | sfturing hosp_order bis 627f426331da8086ce8fff2017d65b1ddef384f8 OfficeServiceImpl.java getOfficeName officesName SQL Injection (Issue 108)
    In sfturing hosp_order bis 627f426331da8086ce8fff2017d65b1ddef384f8 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Es geht um die Funktion getOfficeName der Datei OfficeServiceImpl.java. Durch Manipulieren des Arguments officesName mit unbekannten Daten kann eine SQL Injection-Schwachstelle ausgenutzt werden. Das Advisory kann von github.com heruntergeladen werden. Eine eindeutige Identifikation der Schwachstelle wird mit CVE-2025-6766 vorgenommen. Der Angriff kann über das Netzwerk erfolgen. ... read more
  • CVE-2025-6522 | TrendMakers Sight Bulb Pro Service Port 16668 erweiterte Rechte (icsa-25-177-02)
    Es wurde eine Schwachstelle in TrendMakers Sight Bulb Pro ausgemacht. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Komponente Service Port 16668. Durch das Manipulieren mit unbekannten Daten kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. Das Advisory findet sich auf cisa.gov. Die Identifikation der Schwachstelle wird mit CVE-2025-6522 vorgenommen. Umgesetzt werden kann der Angriff im lokalen Netzwerk. ... read more
  • CVE-2025-6521 | TrendMakers Sight Bulb Pro AES Key Exchange schwache Verschlüsselung (icsa-25-177-02)
    Eine Schwachstelle wurde in TrendMakers Sight Bulb Pro gefunden. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Komponente AES Key Exchange. Mittels Manipulieren mit unbekannten Daten kann eine schwache Verschlüsselung-Schwachstelle ausgenutzt werden. Auf cisa.gov kann das Advisory eingesehen werden. Die Identifikation der Schwachstelle findet als CVE-2025-6521 statt. Die Umsetzung des Angriffs kann dabei im lokalen Netzwerk ... read more
  • CVE-2025-36529 | TB-eye XRN-410SN erweiterte Rechte
    Es wurde eine Schwachstelle in TB-eye XRN-410SN, XRN-810SN, XRN-1610SN, PRN-4011N, HRX-421FN, HRX-821, HRX-1621, HRX-435FN, HRX-835, HRX-1635, XRN-425SFN, XRN-426S, XRN-820S, XRN-1620S, XRN-3210R, XRN-6410R and XRN-6410DR gefunden. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock. Durch Manipulation mit unbekannten Daten kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. Das Advisory kann von tbeye.com heruntergeladen werden. Die Verwundbarkeit wird unter CVE-2025-36529 geführt. ... read more
  • CVE-2025-41418 | TB-eye XRN-410SN CGI Process Pufferüberlauf
    In TB-eye XRN-410SN, XRN-810SN, XRN-1610SN, PRN-4011N, HRX-421FN, HRX-821, HRX-1621, HRX-435FN, HRX-835, HRX-1635, XRN-425SFN, XRN-426S, XRN-820S, XRN-1620S, XRN-3210R, XRN-6410R and XRN-6410DR wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Komponente CGI Process. Mittels dem Manipulieren mit unbekannten Daten kann eine Pufferüberlauf-Schwachstelle ausgenutzt werden. Bereitgestellt wird das Advisory unter tbeye.com. Die Verwundbarkeit wird als CVE-2025-41418 ... read more
  • CVE-2025-6763 | Comet System H3531 1.60 Web-based Management Interface /setupA.cfg schwache Authentisierung
    In Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /setupA.cfg der Komponente Web-based Management Interface. Mit der Manipulation mit unbekannten Daten kann eine schwache Authentisierung-Schwachstelle ausgenutzt werden. Auf github.com kann das Advisory eingesehen werden. Eine eindeutige Identifikation der ... read more
  • CVE-2025-6765 | Intelbras InControl 2.21.60.9 HTTP PUT Request /v1/operador/ permission
    A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The identification of this vulnerability is CVE-2025-6765. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted ... read more
  • CVE-2025-6767 | sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8 DoctorServiceImpl.java findDoctorByCondition hospitalName sql injection (Issue 109)
    A vulnerability was found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. It has been rated as critical. This issue affects the function findDoctorByCondition of the file DoctorServiceImpl.java. The manipulation of the argument hospitalName leads to sql injection. The identification of this vulnerability is CVE-2025-6767. The attack may be initiated remotely. Furthermore, there is an exploit available. This product takes the approach ... read more
  • CVE-2025-6766 | sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8 OfficeServiceImpl.java getOfficeName officesName sql injection (Issue 108)
    A vulnerability was found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. It has been declared as critical. This vulnerability affects the function getOfficeName of the file OfficeServiceImpl.java. The manipulation of the argument officesName leads to sql injection. This vulnerability was named CVE-2025-6766. The attack can be initiated remotely. Furthermore, there is an exploit available. This product is using a rolling release ... read more
  • CVE-2025-6522 | TrendMakers Sight Bulb Pro Service Port 16668 command injection (icsa-25-177-02)
    A vulnerability was found in TrendMakers Sight Bulb Pro. It has been classified as critical. This affects an unknown part of the component Service Port 16668. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2025-6522. The attack needs to be done within the local network. There is no exploit available. ... read more
  • CVE-2025-6521 | TrendMakers Sight Bulb Pro AES Key Exchange risky encryption (icsa-25-177-02)
    A vulnerability was found in TrendMakers Sight Bulb Pro and classified as problematic. Affected by this issue is some unknown functionality of the component AES Key Exchange. The manipulation leads to risky cryptographic algorithm. This vulnerability is handled as CVE-2025-6521. The attack can only be initiated within the local network. There is no exploit available. ... read more
  • CVE-2025-36529 | TB-eye XRN-410SN os command injection
    A vulnerability, which was classified as critical, was found in TB-eye XRN-410SN, XRN-810SN, XRN-1610SN, PRN-4011N, HRX-421FN, HRX-821, HRX-1621, HRX-435FN, HRX-835, HRX-1635, XRN-425SFN, XRN-426S, XRN-820S, XRN-1620S, XRN-3210R, XRN-6410R and XRN-6410DR. Affected is an unknown function. The manipulation leads to os command injection. This vulnerability is traded as CVE-2025-36529. It is possible to launch the attack remotely. There is no exploit available. ... read more
  • CVE-2025-41418 | TB-eye XRN-410SN CGI Process buffer overflow
    A vulnerability has been found in TB-eye XRN-410SN, XRN-810SN, XRN-1610SN, PRN-4011N, HRX-421FN, HRX-821, HRX-1621, HRX-435FN, HRX-835, HRX-1635, XRN-425SFN, XRN-426S, XRN-820S, XRN-1620S, XRN-3210R, XRN-6410R and XRN-6410DR and classified as critical. Affected by this vulnerability is an unknown functionality of the component CGI Process. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-41418. The attack can be launched remotely. ... read more
  • CVE-2025-6763 | Comet System H3531 1.60 Web-based Management Interface /setupA.cfg missing authentication
    A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. This vulnerability affects unknown code of the file /setupA.cfg of the component Web-based Management Interface. The manipulation leads to missing authentication. This vulnerability was named CVE-2025-6763. Access to the local network is required for this attack. Furthermore, there ... read more
  • CVE-2025-6768 | sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8 HospitalServiceImpl.java findAllHosByCondition hospitalName sql injection (Issue 110)
    A vulnerability classified as critical has been found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. Affected is the function findAllHosByCondition of the file HospitalServiceImpl.java. The manipulation of the argument hospitalName leads to sql injection. This vulnerability is traded as CVE-2025-6768. It is possible to launch the attack remotely. Furthermore, there is an exploit available. Continious delivery with rolling releases is used ... read more
  • CVE-2025-26844 | Znuny up to 7.1.3 cookie httponly flag
    A vulnerability was found in Znuny up to 7.1.3. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cookie without 'httponly' flag. This vulnerability is traded as CVE-2025-26844. It is possible to launch the attack remotely. There is no exploit available. ... read more
  • CVE-2025-1791 | Zorlan SkyCaiji 2.9 Tool.php fileAction save_data unrestricted upload
    A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads to unrestricted upload. This vulnerability was named CVE-2025-1791. The attack can be initiated remotely. Furthermore, there is an exploit available. ... read more
  • CVE-2025-28201 | Victure RX1800 1.0.0_r12_110933 code injection (EUVD-2025-14215)
    A vulnerability classified as critical was found in Victure RX1800 1.0.0_r12_110933. This vulnerability affects unknown code. The manipulation leads to code injection. This vulnerability was named CVE-2025-28201. It is possible to launch the attack on the physical device. There is no exploit available. ... read more
  • CVE-2025-45238 | FoxCMS 1.2.5 delRestoreSerie denial of service
    A vulnerability was found in FoxCMS 1.2.5. It has been rated as problematic. This issue affects the function delRestoreSerie. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2025-45238. The attack can only be done within the local network. There is no exploit available. ... read more
  • CVE-2025-45240 | FoxCMS 1.2.5 DataBackup.php executeCommand sql injection (EUVD-2025-13452)
    A vulnerability, which was classified as critical, was found in FoxCMS 1.2.5. This affects the function executeCommand of the file DataBackup.php. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2025-45240. It is possible to initiate the attack remotely. There is no exploit available. ... read more
  • CVE-2024-8050 | Custom Author Base Plugin up to 1.1.1 on WordPress Setting cross-site request forgery
    A vulnerability, which was classified as problematic, has been found in Custom Author Base Plugin up to 1.1.1 on WordPress. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-8050. The attack may be initiated remotely. There is no exploit available. ... read more

integratus systems @2019

KAVI RMX iCOMMEX Platform v 02.25 Sunday, August 3, 2025

Login

Login to research machine exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

Security Briefing Search

PDF Library Search

Search

Reset Password

Reset Password

You have no permission to access this content