CVE-2025-23737
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Network-F...

CVE-2025-23837
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound One Backe...

CVE-2025-23838
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Bauernreg...

CVE-2025-23839
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Sticky Bu...

CVE-2025-23885
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound MJ Contac...

CVE-2025-23888
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Pa...

CVE-2025-23889
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FooGaller...

CVE-2025-23427
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dovy Paukstys Redu...

CVE-2025-23522
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in humanmade limited,...

CVE-2025-23621
2025-01-24

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Causes – ...

CISA-2025:0124
2025-01-24

CISA Adds One Known Exploited Vulnerability to Catalog CISA Adds One Known Exploited Vulnerability to Catalog

CISA-2025:0123
2025-01-23

CISA Adds One Known Exploited Vulnerability to Catalog CISA Adds One Known Exploited Vulnerability to Catalog

RHSA-2025:0640
2025-01-23

important

redis:6 security update redis:6 security update

moderate

Cross site scripting in Silverpeas Core Cross site scripting in Silverpeas Core

moderate

Disabled permissions can be granted by Folder-based in Jenkins Authorization Strategy Plugin Disabled permissions can be granted by Folder-based in Jenkins Authorization Strategy Plugin

moderate

Missing permission checks in Jenkins Azure Service Fabric Plugin Missing permission checks in Jenkins Azure Service Fabric Plugin

moderate

CSRF vulnerability in Jenkins Azure Service Fabric Plugin CSRF vulnerability in Jenkins Azure Service Fabric Plugin

moderate

Cache confusion in Jenkins Eiffel Broadcaster Plugin Cache confusion in Jenkins Eiffel Broadcaster Plugin

high

Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin

high

Bitbucket Server Integration Plugin allows bypassing CSRF protection for any URL Bitbucket Server Integration Plugin allows bypassing CSRF protection for any URL

What's new in SecDB 24.12
What's new in SecDB 24.12

# SecDB # Security Advisory # CVE # SSVC # STIX # Badges # Charts

This new version of SecDB brings new features and improvements. Added support for CISA Vulnrichment and SSVC The CISA Vulnrichment project is the public repository of CISA's enrichment of public CVE records through CISA's ADP (Authorized Data Publisher) container. SecDB uses data from the Vulnric...

2024 CWE Top 25 Most Dangerous Software Weaknesses
2024 CWE Top 25 Most Dangerous Software Weaknesses

# CWE # Weakness # Top25

MITRE has published the 2024 CWE Top 25 Most Dangerous Software Weaknesses list (aka CWE™ Top 25), based on an analysis of 31,770 CVEs published in this year’s dataset. This year’s dataset included 31,770 CVE Records for vulnerabilities published between June 1, 2023 and June 1, 2024. Data was ini...

What's new in SecDB 24.8
What's new in SecDB 24.8

# SecDB # CVSS # Utility # Calculator # Docs # API # TelegramBot

This new version of SecDB brings new features and improvements. Added CVSS v4.0 support Last November 2023, the final specifications for CVSS v4.0 were released by FIRST and organizations and vendors began adopting the new standard for determining vulnerability severity. In late June 2024, NIST...

Loading...