Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-10	CVE-2025-1497	Command Injection vulnerability in Mljar Plotai A vulnerability, that could result in Remote Code Execution (RCE), has been found in PlotAI. network low complexity mljar CWE-77 critical	9.8
2025-03-10	CVE-2025-25615	Unspecified vulnerability in Changeweb Unifiedtransform 2.0 Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections. network low complexity changeweb	2.7
2025-03-10	CVE-2025-25616	Unspecified vulnerability in Changeweb Unifiedtransform 2.0 Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. network low complexity changeweb	4.3
2025-03-10	CVE-2025-2152	Heap-based Buffer Overflow vulnerability in Assimp 5.4.3 A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. network low complexity assimp CWE-122 critical	9.8
2025-03-10	CVE-2025-2153	Heap-based Buffer Overflow vulnerability in Hdfgroup Hdf5 1.14.6 A vulnerability, which was classified as critical, was found in HDF5 1.14.6. network high complexity hdfgroup CWE-122	8.1
2025-03-10	CVE-2025-2151	Out-of-bounds Write vulnerability in Assimp 5.4.3 A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. network low complexity assimp CWE-787	8.8
2025-03-10	CVE-2025-1944	Unspecified vulnerability in Mmaitre314 Picklescan picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. network low complexity mmaitre314	6.5
2025-03-10	CVE-2025-1945	Unspecified vulnerability in Mmaitre314 Picklescan picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. network low complexity mmaitre314 critical	9.8
2025-03-10	CVE-2025-2147	Forced Browsing vulnerability in Caishixiong Modern Farm Digital Integrated Management System 1.0 A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. network low complexity caishixiong CWE-425	7.5
2025-03-10	CVE-2024-13918	Cross-site Scripting vulnerability in Laravel Framework The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page. network low complexity laravel CWE-79	6.1

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities