| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saysis Computer Starcities allows Cross-Site Scripting (XSS).
This issue affects Starcities: before 1.1. |
| The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25 |
| University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2 |
| Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SDD Computer Software SDD-Baro allows SQL Injection.
This issue affects SDD-Baro: before 2.8.432. |
| SQL Injection vulnerability in Algan Software Prens Student Information System allows SQL Injection.
This issue affects Prens Student Information System: before 2.1.11. |
| Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection.
This issue affects Prens Student Information System: before 2.1.11. |
| Path Traversal vulnerability in Deytek Informatics FileOrbis File Management System allows Path Traversal.
This issue affects FileOrbis File Management System: from unspecified before 10.6.3. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mia Technology Mia-Med.
This issue affects Mia-Med: before 1.0.0.58. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GullsEye GullsEye terminal operating system allows SQL Injection.
This issue affects GullsEye terminal operating system: from unspecified before 5.0.13. |
| Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0 |
| B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347. |
| A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a different user. |
| NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service. |
| A Remote Code Execution vulnerability in P4 (Helix Core) Server's Command-Line Client, prior to the 2025.2 Patch 2, has been fixed to address potential security risks. |
| URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token. |
| NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. |
| The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_content_editor function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to create published Xpro templates. |
| NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure. |
| NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service. |
