Flowise 3.0.4 - Remote Code Execution (RCE)

Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)

HTMLDOC 1.9.13 - Stack Buffer Overflow

Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)

ClipBucket 5.5.0 - Arbitrary File Upload

ClipBucket 5.5.2 Build #90 - Server-Side Request Forgery (SSRF)

Tourism Management System 2.0 - Arbitrary Shell Upload

dotCMS 25.07.02-1 - Authenticated Blind SQL Injection

ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection

XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)

Concrete CMS 9.4.3 - Stored XSS

Mbed TLS 3.6.4 - Use-After-Free

HTTP/2 2.0 - Denial Of Service (DOS)

StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload

Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass

Lingdang CRM 8.6.4.7 - SQL Injection