VYPR
Vendor

CVEProject

Products
2
CVEs
8
Across products
8
Status
Private

Products

2

Recent CVEs

8
  • CVE-2025-25962CriApr 29, 2025
    risk 0.64cvss 9.8epss 0.00

    An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to escalate privileges via the _modifyPosition function

  • CVE-2022-31004HigJun 2, 2022
    risk 0.49cvss 7.5epss 0.01

    CVEProject/cve-services is an open source project used to operate the CVE services API. A conditional in 'data.js' has potential for production secrets to be written to disk. The affected method writes the generated randomKey to disk if the environment is not development. If…

  • CVE-2025-68917MedDec 24, 2025
    risk 0.42cvss 6.4epss 0.00

    ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer.

  • CVE-2025-68936Dec 25, 2025
    risk 0.00cvss epss 0.00

    ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer.

  • CVE-2025-68935Dec 25, 2025
    risk 0.00cvss epss 0.00

    ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer.

  • CVE-2025-5526Jun 27, 2025
    risk 0.00cvss epss 0.00

    The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user

  • CVE-2022-24875MedApr 21, 2022
    risk 0.00cvss 5.3epss 0.01

    The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the `org.conroller.js` code would erroneously log user secrets. This has been resolved in commit `46d98f2b` and should be available in subsequent…

  • CVE-2021-46561HigJan 26, 2022
    risk 0.00cvss 7.2epss 0.01

    controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before 5c50baf3bda28133a3bc90b854765a64fb538304 allows an organizational administrator to transfer a user account to an arbitrary new organization, and thereby achieve unintended access within the context…