Security Vulnerabilities
In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms
CVSS Score
5.8
EPSS Score
0.0
Published
2025-07-28
In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots
CVSS Score
5.5
EPSS Score
0.0
Published
2025-07-28
In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies
CVSS Score
4.3
EPSS Score
0.0
Published
2025-07-28
Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-28
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-28
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car Washing Management System v1.0 allows attackers to execute a session hijacking attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-28
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-27
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAPVLAN of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-27
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-27
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-27