Vulnerability Summary for the Week of March 31, 2025

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source Info
Aboobacker.–AB Google Map Travel
 
Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel allows Cross Site Request Forgery. This issue affects AB Google Map Travel : from n/a through 4.6. 2025-03-31 7.1 CVE-2025-31613
acme.sh project–acme.sh
 
The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks “persist-credentials: false” for actions/checkout. 2025-04-04 8.7 CVE-2025-32111
adamskaat–Countdown & Clock
 
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in adamskaat Countdown & Clock allows Remote Code Inclusion. This issue affects Countdown & Clock: from n/a through 2.8.8. 2025-04-01 9.9 CVE-2025-30841
adamskaat–Countdown, Coming Soon, Maintenance Countdown & Clock
 
The Countdo

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins

Read the original article: