CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Nezha Monitoring is a tool for monitoring servers and websites. In versions from 2.0.14 to before 2.1.0, authenticated users can claim the dashboard Host through NAT, allowing them to preempt all dashboard routing.
Nezha Monitoring is a tool for monitoring servers and websites. In versions from 2.0.0 to before 2.0.14, private services were enumerable via per-server endpoints, leaking name and timing data.
Nezha Monitoring before version 2.0.10 allows authenticated users to create or update a DDNS profile with any webhook_url, leading to an SSRF vulnerability. Low-privileged users can send HTTP requests to internal network services.
Nezha Monitoring versions from 1.4.0 to before 2.0.9 allow authenticated non-admin users to access the server-status WebSocket and receive telemetry data for all servers, including those owned by other users.
An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. This could lead to image corruption or GPU hardware recovery.
A SQL injection vulnerability has been identified in CodeAstro Human Resource Management System 1.0 within the Payroll Invoice module. The flaw exists in the Invoice function of Payroll.php, where the ID argument is susceptible to manipulation. Remote exploitation is possible, and a public exploit is available.
A stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process.
CVE-2025-7018 involves a null pointer dereference vulnerability in the Avira Antivirus engine when scanning a malformed Windows PE file, potentially leading to a Denial-of-Service of the antivirus engine process.
A stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process.
The vulnerability in Avast Antivirus involves the use of stack memory after it has been freed when scanning a malformed Windows PE file, which may lead to a denial-of-service of the antivirus process.
There is an uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file, which may lead to a Denial-of-Service of the antivirus process.
A vulnerability in MISP allows an authenticated user with event edit permissions to manipulate form data and assign an event to a sharing group they are not authorized to use. The issue occurs in the event editing path that does not enforce proper authorization checks.
An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.user_id value from the submitted request data, allowing enumeration of user email addresses.
MISP contains a reflected cross-site scripting vulnerability in the UiBeta event index view. The urlparams value is inserted into an inline JavaScript handler, allowing an attacker to execute arbitrary JavaScript in the victim's browser.
MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields, allowing an attacker to access files outside the intended directory.
A stored XSS vulnerability exists in MISP when the Overmind theme is used. An authenticated user can store an arbitrary homepage value, including an XSS payload, leading to the execution of malicious JavaScript in the browser context.
A flaw in the visibility conditions in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. The use of a PHP comparison expression instead of a query condition resulted in enabled galaxies, including organisation-only custom galaxies, being exposed.
ApostropheCMS, an open-source Node.js content management system, has a vulnerability in sanitize-html that allows dangerous URI schemes like 'javascript:' to pass through in HTML attributes. Versions prior to 2.17.5 do not block these schemes, leading to potential XSS attacks.
Discourse is an open-source discussion platform with a vulnerability in versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1. The DetailedTagSerializer#tag_group_names function returned all tag groups a tag belonged to without considering the user's visibility, allowing anonymous and unprivileged users to access the names of tag groups restricted to specific user groups.
Discourse is an open-source discussion platform that has a vulnerability in versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1. The MessageBus.publish call for /web_hook_events/<id> in Jobs::RedeliverWebHookEvents did not pass group_ids, allowing any authenticated user (or anonymous user when login_required is disabled) to access the channel.

