Aggregator

CVE-2025-7801 | BossSoft CRM 6.0 HNDCBas_customPrmSearchDtl.jsp cstid sql injection (EUVD-2025-21926)

VulDB Recent Entries
5 months ago
A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The manipulation of the argument cstid leads to sql injection. This vulnerability is known as CVE-2025-7801. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-32124 | Fortinet FortiIsolator up to 2.3.4/2.4.4 HTTP Request access control (FG-IR-24-045 / EUVD-2024-29945)

VulDB Recent Entries
5 months ago
A vulnerability, which was classified as critical, was found in Fortinet FortiIsolator up to 2.3.4/2.4.4. Affected is an unknown function of the component HTTP Request Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-32124. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-38349 | Linux Kernel up to 6.6.98/6.12.38/6.15.6/6.16-rc5 eventpoll use after free (EUVD-2025-21860 / WID-SEC-2025-1596)

VulDB Recent Entries
5 months ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.98/6.12.38/6.15.6/6.16-rc5. This issue affects some unknown processing of the component eventpoll. The manipulation leads to use after free. The identification of this vulnerability is CVE-2025-38349. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-7800 | cgpandey hotelmis up to c572198e6c4780fccc63b1d3e8f3f72f825fc94e HTTP GET Request admin.php Search cross site scripting (EUVD-2025-21927)

VulDB Recent Entries
5 months ago
A vulnerability classified as problematic was found in cgpandey hotelmis up to c572198e6c4780fccc63b1d3e8f3f72f825fc94e. This vulnerability affects unknown code of the file admin.php of the component HTTP GET Request Handler. The manipulation of the argument Search leads to cross site scripting. This vulnerability was named CVE-2025-7800. The attack can be initiated remotely. There is no exploit available. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
vuldb.com

5 Features Every AI-Powered SOC Platform Needs in 2025

Security Affairs
5 months ago
A modern AI-based SOC platform must adapt in real time to handle alert overloads and fast-moving threats, surpassing traditional SIEM tools. Modern security operations centers (SOCs) are under immense pressure. Analysts are overwhelmed, alert queues are overflowing, and attackers are moving faster than ever. Where once it was enough to have good visibility and a […]
Pierluigi Paganini

Managed ad