NVD disclosure day
CVE-2025-34186
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
An external attacker can bypass authentication on Ilevia EVE X1/X5 Server to gain full system access, potentially modifying or stealing sensitive data. This matters to the business as it could lead to unauthorized access and control over critical systems.
CVE-2025-7744
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A SQL injection vulnerability in Dolusoft Omaspot allows attackers to execute arbitrary SQL commands by sending crafted data. This could potentially lead to unauthorized access, modification, or deletion of sensitive information stored in the application's database. It is important to determine if this software is in u
CVE-2025-4688
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A SQL injection vulnerability exists in the SINAV.LINK Exam Result Module, allowing network-accessible manipulation of database queries. This could lead to unauthorized access, modification, or deletion of sensitive data. The relevance of this module within the environment needs confirmation.