Latest CVE Feed
-
6.5
MEDIUMCVE-2025-12483
The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'query' parameter in all versions up to, and including, 3.11.12 due to insufficient escaping on the user supplied parameter and lack of suf... Read more
Affected Products : visualizer- Published: Dec. 02, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Injection
-
6.9
MEDIUMCVE-2025-41086
Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the... Read more
Affected Products : gams- Published: Dec. 02, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Authentication
-
5.1
MEDIUMCVE-2025-40700
Reflected Cross-Site Scripting (XSS) in IDI Eikon's Governalia. The vulnerability allows an attacker to execute JavaScript code in the victim's browser when a malicious URL with the 'q' parameter in '/search' is sent to them. This vulnerability can be exp... Read more
Affected Products : governalia- Published: Dec. 02, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Cross-Site Scripting
-
9.1
CRITICALCVE-2025-41744
Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity.... Read more
Affected Products :- Published: Dec. 02, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Cryptography