tradefinance exchange - ATKearneyWill you Embrace AI Fast Enough – ATKearney

tradefinance exchange

Exchange Platform Services

Join Now-Sign Up
Log In

Will you Embrace AI Fast Enough – ATKearney

Blog
Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
IS Competitive Intelligence Briefings
IS Intelligence Work Group
IS Partners
IS Projects Work Group
IS Reports
IS Security Work Group
IS Working Group Briefings
Uncategorized

IS Security Alerts Advisories

93.03844
Modified (2)Adware/Agent!AndroidAdware/SpyLoan!Android ... read more
CVE-2025-26844 | Znuny up to 7.1.3 cookie httponly flag
A vulnerability was found in Znuny up to 7.1.3. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cookie without 'httponly' flag. This vulnerability ... read more
CVE-2025-1791 | Zorlan SkyCaiji 2.9 Tool.php fileAction save_data unrestricted upload
A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads ... read more
CVE-2025-28201 | Victure RX1800 1.0.0_r12_110933 code injection (EUVD-2025-14215)
A vulnerability classified as critical was found in Victure RX1800 1.0.0_r12_110933. This vulnerability affects unknown code. The manipulation leads to code injection. This vulnerability was named CVE-2025-28201. It is possible ... read more
CVE-2025-45238 | FoxCMS 1.2.5 delRestoreSerie denial of service
A vulnerability was found in FoxCMS 1.2.5. It has been rated as problematic. This issue affects the function delRestoreSerie. The manipulation leads to denial of service. The identification of this ... read more
CVE-2025-45240 | FoxCMS 1.2.5 DataBackup.php executeCommand sql injection (EUVD-2025-13452)
A vulnerability, which was classified as critical, was found in FoxCMS 1.2.5. This affects the function executeCommand of the file DataBackup.php. The manipulation leads to sql injection. This vulnerability is ... read more
CVE-2024-8050 | Custom Author Base Plugin up to 1.1.1 on WordPress Setting cross-site request forgery
A vulnerability, which was classified as problematic, has been found in Custom Author Base Plugin up to 1.1.1 on WordPress. This issue affects some unknown processing of the component Setting ... read more
CVE-2025-26842 | Znuny up to 7.1.3 SMIME Email log file
A vulnerability, which was classified as problematic, has been found in Znuny up to 7.1.3. Affected by this issue is some unknown functionality of the component SMIME Email Handler. The ... read more
CVE-2025-44073 | SeaCMS 13.3 admin_comment_news.php sql injection
A vulnerability was found in SeaCMS 13.3. It has been rated as critical. This issue affects some unknown processing of the file admin_comment_news.php. The manipulation leads to sql injection. The ... read more
CVE-2025-43926 | Znuny up to 6.5.14/7.1.6 AgentPreferences UpdateAJAX Subaction permission (EUVD-2025-14013)
A vulnerability, which was classified as critical, was found in Znuny up to 6.5.14/7.1.6. This affects an unknown part of the component AgentPreferences UpdateAJAX Subaction. The manipulation leads to permission ... read more
CVE-2025-25426 | yshopmall up to 1.9.0 Image Listing Interface sql injection (Issue 34 / EUVD-2025-6180)
A vulnerability, which was classified as critical, has been found in yshopmall up to 1.9.0. This issue affects some unknown processing of the component Image Listing Interface. The manipulation leads ... read more
CVE-2025-28202 | Victure RX1800 1.0.0_r12_110933 SSH/Telnet access control (EUVD-2025-14214)
A vulnerability was found in Victure RX1800 1.0.0_r12_110933 and classified as critical. This issue affects some unknown processing of the component SSH/Telnet. The manipulation leads to improper access controls. The ... read more
CVE-2025-28203 | Victure RX1800 1.0.0_r12_110933 command injection (EUVD-2025-14202)
A vulnerability, which was classified as critical, was found in Victure RX1800 1.0.0_r12_110933. This affects an unknown part. The manipulation leads to command injection. This vulnerability is uniquely identified as ... read more
CVE-2025-45239 | FoxCMS 2.0.6 Restore DataBackup.php path traversal
A vulnerability, which was classified as critical, was found in FoxCMS 2.0.6. Affected is an unknown function of the file DataBackup.php of the component Restore Handler. The manipulation leads to ... read more
CVE-2024-8032 | Smooth Gallery Replacement Plugin up to 1.0 on WordPress Setting cross-site request forgery
A vulnerability was found in Smooth Gallery Replacement Plugin up to 1.0 on WordPress and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The ... read more
CVE-2025-47815 | GNU PSPP up to 2.0.1 libpspp-core.a inflate_read heap-based overflow
A vulnerability was found in GNU PSPP up to 2.0.1. It has been rated as critical. This issue affects the function inflate_read of the file libpspp-core.a. The manipulation leads to ... read more
CVE-2024-11267 | JSP Store Locator Plugin up to 1.0 on WordPress sql injection
A vulnerability was found in JSP Store Locator Plugin up to 1.0 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation ... read more
CVE-2024-11266 | Geocache Stat Bar Widget Plugin up to 0.911 on WordPress cross site scripting
A vulnerability was found in Geocache Stat Bar Widget Plugin up to 0.911 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The ... read more
CVE-2024-11269 | AHAthat Plugin up to 1.6 on WordPress sql injection
A vulnerability, which was classified as critical, has been found in AHAthat Plugin up to 1.6 on WordPress. This issue affects some unknown processing. The manipulation leads to sql injection. ... read more
CVE-2025-47814 | GNU PSPP up to 2.0.1 libpspp-core.a inflate_read heap-based overflow
A vulnerability was found in GNU PSPP up to 2.0.1. It has been declared as critical. This vulnerability affects the function inflate_read of the file libpspp-core.a. The manipulation leads to ... read more
Microsoft Patch Tuesday for June 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.” In this month's release, none ... read more
CVE-2025-5443 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 wirelessAdvancedHidden ExtChSelector/24GSelector/5GSelector os command injection
A vulnerability, which was classified as critical, was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function wirelessAdvancedHidden of the file /goform/wirelessAdvancedHidden. The manipulation ... read more
CVE-2025-45755 | vTiger CRM Open Source Edition 8.3.0 Services Import Feature Service Name cross site scripting
A vulnerability was found in vTiger CRM Open Source Edition 8.3.0 and classified as problematic. This issue affects some unknown processing of the component Services Import Feature. The manipulation of ... read more
CVE-2025-31712 | Unisoc T9300 Cplog Service out-of-bounds write (EUVD-2025-16707)
A vulnerability classified as critical has been found in Unisoc SC7731E, SC9832E, SC9863A, T310, T606, T612, T616, T610, T618, T750, T765, T760, T770, T820, S8000, T8300 and T9300. Affected is ... read more
CVE-2025-5053 | FreeFloat FTP Server 1.0 MDIR Command buffer overflow
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component MDIR Command Handler. The ... read more
CVE-2025-5232 | PHPGurukul Student Study Center Management System 1.0 /admin/report.php fromdate/todate sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Student Study Center Management System 1.0. This issue affects some unknown processing of the file /admin/report.php. The manipulation ... read more
CVE-2025-5359 | Campcodes Online Hospital Management System 1.0 /appointment-history.php ID sql injection
A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /appointment-history.php. The manipulation of the argument ID ... read more
CVE-2025-5358 | PHPGurukul/Campcodes Cyber Cafe Management System 1.0 bwdates-reports-details.php fromdate/todate sql injection
A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php. The ... read more
CVE-2025-5444 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_UpgradeFWByBBS type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw os command injection
A vulnerability has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this vulnerability is the function RP_UpgradeFWByBBS of the file ... read more
CVE-2025-31710 | Unisoc T9300 Engineermode Service command injection (EUVD-2025-16709)
A vulnerability was found in Unisoc SC9863A, T606, T612, T616, T750, T765, T760, T770, T820, S8000, T8300 and T9300. It has been rated as critical. This issue affects some unknown ... read more
CVE-2025-48471 | freescout-help-desk freescout up to 1.8.178 unrestricted upload
A vulnerability, which was classified as critical, was found in freescout-help-desk freescout up to 1.8.178. Affected is an unknown function. The manipulation leads to unrestricted upload. This vulnerability is traded ... read more
CVE-2025-5445 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 /goform/RP_checkFWByBBS type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw os command injection
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this issue is the function RP_checkFWByBBS of the file /goform/RP_checkFWByBBS. ... read more
CVE-2025-31711 | Unisoc T9300 Cplog Service null pointer dereference (EUVD-2025-16708)
A vulnerability was found in Unisoc SC7731E, SC9832E, SC9863A, T310, T606, T612, T616, T610, T618, T750, T765, T760, T770, T820, S8000, T8300 and T9300. It has been rated as problematic. ... read more
CVE-2025-5119 | Emlog Pro 2.5.11 api_controller.php tag sql injection
A vulnerability has been found in Emlog Pro 2.5.11 and classified as critical. This vulnerability affects unknown code of the file /include/controller/api_controller.php. The manipulation of the argument tag leads to ... read more
CVE-2025-5328 | chshcms mccms 2.7 Backups.php restore_del dirs path traversal
A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restore_del of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs ... read more
CVE-2025-5327 | chshcms mccms 2.7 Gf.php index pic server-side request forgery
A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads ... read more
CVE-2025-5553 | PHPGurukul Rail Pass Management System 1.0 /download-pass.php searchdata sql injection (EUVD-2025-16800)
A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download-pass.php. The manipulation of the ... read more
CVE-2025-5554 | PHPGurukul Rail Pass Management System 1.0 pass-bwdates-reports-details.php fromdate/todate sql injection (EUVD-2025-16814)
A vulnerability, which was classified as critical, has been found in PHPGurukul Rail Pass Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pass-bwdates-reports-details.php. The ... read more
CVE-2014-5345 | Disqus Comment System up to 2.39 upgrade.php step cross site scripting (Comment 127847 / EDB-34336)
A vulnerability was found in Disqus Comment System up to 2.39. It has been declared as problematic. This vulnerability affects unknown code of the file upgrade.php. The manipulation of the ... read more
CVE-2025-5546 | PHPGurukul Daily Expense Tracker System 1.1 expense-reports-detailed.php fromdate/todate sql injection (EUVD-2025-16797)
A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads ... read more
CVE-2025-48797 | GIMP TGA Image Parser Pufferüberlauf
In GIMP wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht näher bekannte Funktion der Komponente TGA Image Parser. Durch Beeinflussen mit unbekannten Daten kann eine Pufferüberlauf-Schwachstelle ausgenutzt werden. ... read more
CVE-2025-48057 | Icinga icinga2 bis 2.12.11/2.13.11/2.14.5 VerifyCertificate Remote Code Execution
In Icinga icinga2 bis 2.12.11/2.13.11/2.14.5 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion VerifyCertificate. Durch Manipulieren mit unbekannten Daten kann eine Remote Code Execution-Schwachstelle ... read more
CVE-2025-3704 | DBAR Productions Volunteer Sign Up Sheets Plugin bis 5.5.4 auf WordPress Cross Site Scripting
Es wurde eine problematische Schwachstelle in DBAR Productions Volunteer Sign Up Sheets Plugin bis 5.5.4 für WordPress gefunden. Es geht dabei um eine nicht klar definierte Funktion. Dank Manipulation mit ... read more
CVE-2025-48796 | GIMP ANI File Parser ani_load_image Pufferüberlauf
Es wurde eine kritische Schwachstelle in GIMP entdeckt. Betroffen hiervon ist die Funktion ani_load_image der Komponente ANI File Parser. Durch das Beeinflussen mit unbekannten Daten kann eine Pufferüberlauf-Schwachstelle ausgenutzt werden. ... read more
CVE-2025-27701 | Google Android process_crypto_cmd ptrs Pufferüberlauf
Es wurde eine Schwachstelle in Google Android entdeckt. Sie wurde als kritisch eingestuft. Dabei betrifft es die Funktion process_crypto_cmd. Durch das Manipulieren des Arguments ptrs mit unbekannten Daten kann eine ... read more
CVE-2025-27700 | Google Android Local Privilege Escalation
Eine problematische Schwachstelle wurde in Google Android ausgemacht. Dies betrifft einen unbekannten Teil. Mittels Manipulieren mit unbekannten Daten kann eine Local Privilege Escalation-Schwachstelle ausgenutzt werden. Auf source.android.com kann das Advisory ... read more
CVE-2024-56193 | Google Android Bluetooth Adapter Information Disclosure
In Google Android wurde eine problematische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalität der Komponente Bluetooth Adapter. Mittels dem Manipulieren mit unbekannten Daten kann eine Information Disclosure-Schwachstelle ausgenutzt werden. Bereitgestellt ... read more
CVE-2025-48370 | auth-js bis 2.69.0 API schwache Authentisierung (GHSA-8r88-6cj9-9fh5)
Es wurde eine kritische Schwachstelle in auth-js bis 2.69.0 ausgemacht. Es betrifft die Funktion getUserById/deleteUser/updateUserById/listFactors/deleteFactor der Komponente API. Durch Manipulation mit unbekannten Daten kann eine schwache Authentisierung-Schwachstelle ausgenutzt werden. Das ... read more
CVE-2025-2236 | OpenText Advanced Authentication bis 6.4 Local Privilege Escalation
In OpenText Advanced Authentication bis 6.4 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion. Mit der Manipulation mit unbekannten Daten kann eine Local Privilege ... read more
CVE-2025-48383 | codingjoe django-select2 bis 8.4.0 auf Select2 ModelSelect2MultipleWidget/ModelSelect2Widget Remote Code Execution (GHSA-wjrh-hj83-3wh7)
Eine kritische Schwachstelle wurde in codingjoe django-select2 bis 8.4.0 für Select2 gefunden. Hierbei geht es um die Funktion ModelSelect2MultipleWidget/ModelSelect2Widget. Durch die Manipulation mit unbekannten Daten kann eine Remote Code Execution-Schwachstelle ... read more

integratus systems © 2025

KAVI IS iCOMMEX Platform v 02.25 Monday, June 30, 2025

Login

Login to trade finance exchange Platform Services

Forgot password?

Register Now

Hello

Your Account Type is
Your Mail Id is
Your Username is

Security Briefing Search

PDF Library Search

ATKearney Search

Reset Password

Reset Password

You have no permission to access this content