CVE ID : CVE-2024-44373
Published : Aug. 19, 2025, 7:15 p.m. | 5 hours, 37 minutes ago
Description : A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includes/save_file.php.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-55306
Published : Aug. 19, 2025, 7:15 p.m. | 5 hours, 37 minutes ago
Description : GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-55736
Published : Aug. 19, 2025, 7:15 p.m. | 5 hours, 37 minutes ago
Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, an arbitrary user can change his role to “admin”, giving its relative privileges (e.g. delete users, posts, comments etc.). The problem is in the routes/adminPanelUsers file.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-55733
Published : Aug. 19, 2025, 7:15 p.m. | 5 hours, 37 minutes ago
Description : DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they control. When a victim visits such a site or clicks on the link, the browser triggers the app’s custom URL handler (deepchat:), causing the DeepChat application to launch and process the URL, leading to remote code execution on the victim’s machine. This vulnerability is fixed in 0.3.1.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-55032
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks This vulnerability affects Focus for iOS
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-55033
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS attacks This vulnerability affects Focus for iOS
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8041
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8042
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8364
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack.
*Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9167
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9180
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : ‘Same-origin policy bypass in the Graphics: Canvas2D component.’ This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9179
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9184
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9181
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9182
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : ‘Denial-of-service due to out-of-memory in the Graphics: WebRender component.’ This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9183
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Spoofing issue in the Address Bar component. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9168
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9186
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9187
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9185
Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago
Description : Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…