Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-02-25 CVE-2025-27139 Cross-site Scripting vulnerability in Combodo Itop
Combodo iTop is a web based IT service management tool.
network
low complexity
combodo CWE-79
5.4
2025-02-25 CVE-2025-27142 Path Traversal vulnerability in Localsend
LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection.
low complexity
localsend CWE-22
8.8
2025-02-25 CVE-2025-27146 Argument Injection or Modification vulnerability in Matrix IRC Bridge
matrix-appservice-irc is a Node.js IRC bridge for Matrix.
network
low complexity
matrix CWE-88
4.3
2025-02-25 CVE-2024-36259 Unspecified vulnerability in Odoo 17.0
Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensitive information via an oracle-based (yes/no response) crafted attack.
network
low complexity
odoo
6.5
2025-02-25 CVE-2025-27135 SQL Injection vulnerability in Infiniflow Ragflow
RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine.
network
low complexity
infiniflow CWE-89
critical
9.8
2025-02-25 CVE-2024-12368 Unspecified vulnerability in Odoo 15.0
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users.
network
low complexity
odoo
8.8
2025-02-25 CVE-2025-23046 Incorrect Implementation of Authentication Algorithm vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-303
7.5
2025-02-25 CVE-2025-25192 Information Exposure vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-200
6.5
2025-02-25 CVE-2024-11955 Open Redirect vulnerability in Glpi-Project Glpi
A vulnerability was found in GLPI up to 10.0.17.
network
low complexity
glpi-project CWE-601
6.1
2025-02-25 CVE-2025-21626 Information Exposure vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-200
6.5