Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-27 CVE-2025-24177 NULL Pointer Dereference vulnerability in Apple Ipados
A null pointer dereference was addressed with improved input validation.
network
low complexity
apple CWE-476
7.5
7.5
2025-01-27 CVE-2025-0753 Heap-based Buffer Overflow vulnerability in Axiosys Bento4
A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0.
network
low complexity
axiosys CWE-122
6.5
6.5
2025-01-27 CVE-2025-0751 Heap-based Buffer Overflow vulnerability in Axiosys Bento4
A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0.
network
low complexity
axiosys CWE-122
6.5
6.5
2025-01-27 CVE-2025-0734 A vulnerability has been found in y_project RuoYi up to 4.8.0 and classified as critical.
network
low complexity
CWE-502
4.7
4.7
2025-01-27 CVE-2025-0732 A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on Windows.
local
high complexity
CWE-426
4.5
4.5
2025-01-27 CVE-2025-0733 A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows.
local
high complexity
CWE-426
4.5
4.5
2025-01-27 CVE-2024-54145 SQL Injection vulnerability in Cacti
Cacti is an open source performance and fault management framework.
network
low complexity
cacti CWE-89
8.8
8.8
2025-01-27 CVE-2024-54146 SQL Injection vulnerability in Cacti
Cacti is an open source performance and fault management framework.
network
low complexity
cacti CWE-89
8.8
8.8
2025-01-27 CVE-2024-55227 Cross-site Scripting vulnerability in Dolibarr Erp/Crm 21.0.0
A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
network
low complexity
dolibarr CWE-79
critical
 9.0
9.0
2025-01-27 CVE-2024-55228 Cross-site Scripting vulnerability in Dolibarr Erp/Crm 21.0.0
A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
network
low complexity
dolibarr CWE-79
critical
 9.0
9.0