Category: Bulletins

Vulnerability Summary for the Week of September 8, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Adobe–Acrobat Reader Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of…

Read more →

Vulnerability Summary for the Week of September 1, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000projects–Beauty Parlour Management System A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument…

Read more →

Vulnerability Summary for the Week of August 25, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000projects–Online Project Report Submission and Evaluation System A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of…

Read more →

Vulnerability Summary for the Week of August 18, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 7ritn–VaulTLS VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL…

Read more →

Vulnerability Summary for the Week of August 11, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Sales Management System A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. The manipulation of the argument…

Read more →

Vulnerability Summary for the Week of August 4, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Adobe–Adobe Experience Manager Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability…

Read more →

Vulnerability Summary for the Week of July 28, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 0x676e67–vproxy vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into…

Read more →

Vulnerability Summary for the Week of July 21, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–ABC Courier Management System A vulnerability has been found in 1000 Projects ABC Courier Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown…

Read more →

Vulnerability Summary for the Week of July 14, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info aapanel–aapanel WP Toolkit The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the auto_login() function in versions 1.0 to 1.1.…

Read more →

Vulnerability Summary for the Week of July 7, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Radiflow–iSAP Smart Collector The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). Exploiting OS command injection through these…

Read more →