Mastodawn

🚨 EUVD-2025-205451

📊 Score: 9.3/10 (CVSS v3.1)
📦 Product: apidoc-core
🏢 Vendor: apiDoc
📅 Updated: 2025-12-26

📝 Prototype pollution vulnerability in apidoc-core versions 0.2.0 and all subsequent versions allows remote attackers to modify JavaScript object prototypes via malformed data structures, including the “define” property processed by the application, poten...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-205451

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 15m ago

🚨 EUVD-2025-205450

📊 Score: 6.5/10 (CVSS v3.1)
📅 Updated: 2025-12-26

📝 An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-205450

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 15m ago

🚨 EUVD-2025-205449

📊 Score: 7.5/10 (CVSS v3.1)
📅 Updated: 2025-12-26

📝 Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL (or a portion of it) directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-205449

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 15m ago

🚨 EUVD-2024-26718

📊 Score: 6.2/10 (CVSS v3.1)
📅 Updated: 2025-12-26

📝 An issue in Terra Informatica Software, Inc Sciter v.4.4.7.0 allows a local attacker to obtain sensitive information via the adopt component of the Sciter video rendering function.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-26718

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 15m ago

🚨 EUVD-2024-55363

📊 Score: n/a
📅 Updated: 2025-12-26

📝 Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-55363

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD Bot 16m ago

🚨 EUVD-2025-205448

📊 Score: 6.5/10 (CVSS v3.1)
📅 Updated: 2025-12-26

📝 Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-205448

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 16m ago

🚨 EUVD-2024-55362

📊 Score: 7.5/10 (CVSS v3.1)
📅 Updated: 2025-12-26

📝 A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-55362

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 18m ago

🚨 EUVD-2024-3456

📊 Score: 7.5/10 (CVSS v3.1)
📦 Product: rpgp
🏢 Vendor: rpgp
📅 Published: 2024-12-05 | Updated: 2025-12-26

📝 rPGP Panics on Malformed Untrusted Input

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-3456

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 18m ago

🚨 EUVD-2025-203961

📊 Score: 5.5/10 (CVSS v3.1)
📦 Product: macOS
🏢 Vendor: Apple
📅 Published: 2025-12-17 | Updated: 2025-12-26

📝 A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may bypass Gatekeeper checks.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-203961

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database

EUVD Bot 18m ago

🚨 EUVD-2025-37718

📊 Score: 5.5/10 (CVSS v3.1)
📦 Product: macOS, macOS, macOS
🏢 Vendor: Apple
📅 Published: 2025-11-04 | Updated: 2025-12-26

📝 A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may bypass Gatekeeper checks.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-37718

#cybersecurity #infosec #euvd #cve #vulnerability

EUVD

European Vulnerability Database