Vulnerability Summary for the Week of March 3, 2025

High Vulnerabilities

PrimaryVendor — Product
Description
Published
CVSS Score
Source Info

n/a–n/a 
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request.
2025-03-04
10
CVE-2024-50704

n/a–n/a 
Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request.
2025-03-04
10
CVE-2024-50707

NotFound–Ark Theme Core 
Improper Control of Generation of Code (‘Code Injection’) vulnerability in NotFound Ark Theme Core allows Code Injection. This issue affects Ark Theme Core: from n/a through 1.70.0.
2025-03-03
10
CVE-2025-26970

lucee–Lucee 
Lucee Server (or simply Lucee) is a dynamic, Java based, tag and scripting language used for rapid web application development. The Lucee REST endpoint is vulnerable to RCE via an XML XXE attack. This vulnerability is fixed in Lucee 5.4.3.2, 5.3.12.1, 5.3.7.59, 5.3.8.236, and 5.3.9.173.
2025-03-05
9.8
CVE-2023-38693

Fave Themes–Homey Login Register 
The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.0. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
2025-03-05
9.8
CVE-2024-11951

Boceksoft Informatics–E-Travel 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Boceksoft Informatics E-Travel allows SQL Injection.This issue affects E-Travel: before 15.12.2024.
2025-03-05
9.8
CVE-2024-12097

Finder Fire Safety–Finder ERP/CRM (Old System) 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Finder Fire Safety Finder ERP/CRM (Old System) allows SQL Injection.This issue affects Finder ERP/CRM (Old System): before 18.12.2024.
2025-03-06
9.8
CVE-2024-12144

Fave Themes–Homey 
The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.2. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the Editor or Shop Manager role.
2025-03-05
9.8
CVE-2024-12281

uxper–Golo – City Travel Guide WordPress Theme 
The Golo – City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.10. This is due to the plugin not properly validating a user’s identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user’s passwords, including administrators, and leverage that to gain access to their account.
2025-03-07
9.8
CVE-2024-12876

Merkur Software–B2B Login Panel 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Merkur Software B2B Login Panel allows SQL Injection.This issue affects B2B Login Panel: before 15.01.2025.
2025-03-05
9.8
CVE-2024-13147

designthemes–VEDA – MultiPurpose WordPress Theme 
The VEDA – MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2 via deserialization of untrusted input in the ‘veda_backup_and_restore_action’ function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
2025-03-05
9.8
CVE-2024-13787

n/a–n/a 
Unauthenticated SQL injection vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary SQL queries on the backend database.
2025-03-04
9.8
CVE-2024-50706

Apache Software Foundation–Apache Ranger 
Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version < 2.6.0. Users are recommended to upgrade to version 2.6.0, which fixes this issue.
2025-03-03
9.8
CVE-2024-55532

javothemes–Javo Core 
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
2025-03-08
9.8
CVE-2025-0177

givewp — givewp 
The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.4 via deserialization of untrusted input from the Donation Form through the ‘card_address’ parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution.
2025-03-04
9.8
CVE-2025-0912

Arista Networks–EOS 
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch.
2025-03-04
9.1
CVE-2025-1260

spicethemes — newscrunch 
The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunch_install_and_activate_plugin() function in all versions up to, and including, 1.8.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.
2025-03-04
9.8
CVE-2025-1307

sfwebservice–InWave Jobs 
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the plugin not properly validating a user’s identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user’s passwords, including administrators, and leverage that to gain access to their account.
2025-03-07
9.8
CVE-2025-1315

Edimax–IC-7100 IP Camera 
Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device
2025-03-05
9.8
CVE-2025-1316

Weidmueller–PROCON-WIN 
An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
2025-03-05
9.8
CVE-2025-1393

whyun–WPCOM Member 
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verification on the ‘user_phone’ parameter when logging in. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if SMS login is enabled.
2025-03-07
9.8
CVE-2025-1475

Chimpstudio–WP Real Estate Manager 
The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8. This is due to insufficient identity verification on the LinkedIn login request process. This makes it possible for unauthenticated attackers to bypass official authentication and log in as any user on the site, including administrators.
2025-03-05
9.8
CVE-2025-1515

mayurik — best_online_news_portal 
SQL injection vulnerability have been found in 101news affecting version 1.0 through the “username” parameter in admin/check_avalability.php.
2025-03-03
9.8
CVE-2025-1869

mayurik — best_online_news_portal 
SQL injection vulnerability have been found in 101news affecting version 1.0 through the “pagedescription” parameter in admin/aboutus.php.
2025-03-03
9.8
CVE-2025-1870

mayurik — best_online_news_portal 
SQL injection vulnerability have been found in 101news affecting version 1.0 through the “category” and “subcategory” parameters in admin/add-subcategory.php.
2025-03-03
9.8
CVE-2025-1871

mayurik — best_online_news_portal 
SQL injection vulnerability have been found in 101news affecting version 1.0 through the “sadminusername” parameter in admin/add-subadmins.php.
2025-03-03
9.8
CVE-2025-1872

mayurik — best_online_news_portal 
SQL injection vulnerability have been found in 101news affecting version 1.0 through the “pagetitle” and “pagedescription” parameters in admin/contactus.php.
2025-03-03
9.8
CVE-2025-1873

mayurik — best_online_news_portal 
SQL injection vulnerability have been found in 101news affecting version 1.0 through the “description” parameter in admin/add-category.php.
2025-03-03
9.8
CVE-2025-1874

mayurik — best_online_news_portal 
SQL injection vulnerability have been found in 101news affecting version 1.0 through the “searchtitle” parameter in search.php.
2025-03-03
9.8
CVE-2025-1875

mmaitre314 — picklescan 
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic.
2025-03-03
9.8
CVE-2025-1889

Mozilla–Firefox 
An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
9.8
CVE-2025-1932

Mozilla–Firefox 
Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed (distinct from CVE-2025-0245). This vulnerability affects Firefox < 136.
2025-03-04
9.1
CVE-2025-1941

MediaTek, Inc.–MT6890, MT7915, MT7916, MT7981, MT7986 
In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389074; Issue ID: MSV-1803.
2025-03-03
9.8
CVE-2025-20646

vmware — esxi 
VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host.
2025-03-04
9.3
CVE-2025-22224

GMOD–Apollo 
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types.
2025-03-05
9.8
CVE-2025-23410

GMOD–Apollo 
Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username
2025-03-05
9.8
CVE-2025-24924

Elastic–Kibana 
Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions >= 8.15.0 and < 8.17.1, this is exploitable by users with the Viewer role. In Kibana versions 8.17.1 and 8.17.2 , this is only exploitable by users that have roles that contain all the following privileges: fleet-all, integrations-all, actions:execute-advanced-connectors
2025-03-05
9.9
CVE-2025-25015

Stylemix–uListing 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Stylemix uListing allows Blind SQL Injection. This issue affects uListing: from n/a through 2.1.6.
2025-03-03
9.3
CVE-2025-25150

n/a–n/a 
An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of PublicCMS v4.0.202406 allows attackers to execute arbitrary code via uploading a crafted svg or xml file.
2025-03-06
9.8
CVE-2025-25361

n/a–n/a 
A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field.
2025-03-05
9.8
CVE-2025-25362

n/a–n/a 
Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform/telnet.
2025-03-05
9.8
CVE-2025-25632

n/a–n/a 
crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead() in /system/SystemDatabackupServices.php
2025-03-06
9.8
CVE-2025-25763

n/a–n/a 
Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.
2025-03-03
9.1
CVE-2025-25948

n/a–n/a 
Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information.
2025-03-03
9.1
CVE-2025-25953

n/a–n/a 
A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1.
2025-03-04
9.8
CVE-2025-26136

n/a–n/a 
Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker to escalate privileges via the index.html component
2025-03-03
9
CVE-2025-26206

n/a–n/a 
Insecure permissions in TSplus Remote Access v17.30 allow attackers to retrieve a list of all domain accounts currently connected to the application.
2025-03-04
9.4
CVE-2025-26318

n/a–n/a 
FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments.
2025-03-04
9.8
CVE-2025-26319

NotFound–Bitcoin / AltCoin Payment Gateway for WooCommerce 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in NotFound Bitcoin / AltCoin Payment Gateway for WooCommerce allows Blind SQL Injection. This issue affects Bitcoin / AltCoin Payment Gateway for WooCommerce: from n/a through 1.7.6.
2025-03-03
9.3
CVE-2025-26535

cozyvision — sms_alert_order_notifications 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Cozy Vision SMS Alert Order Notifications – WooCommerce allows SQL Injection. This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.7.8.
2025-03-03
9.3
CVE-2025-26988

enituretechnology–Small Package Quotes Worldwide Express Edition 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition allows SQL Injection. This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through 5.2.18.
2025-03-03
9.3
CVE-2025-27268

NotFound–Residential Address Detection 
Missing Authorization vulnerability in NotFound Residential Address Detection allows Privilege Escalation. This issue affects Residential Address Detection: from n/a through 2.5.4.
2025-03-03
9.8
CVE-2025-27270

zitadel–zitadel 
The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL’s Admin API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While several endpoints are affected, the most critical vulnerability lies in the ability to manipulate LDAP configurations. Customers who do not utilize LDAP for authentication are not at risk from the most severe aspects of this vulnerability. However, upgrading to the patched version to address all identified issues is strongly recommended. This vulnerability is fixed in 2.71.0, 2.70.1, ,2.69.4, 2.68.4, 2.67.8, 2.66.11, 2.65.6, 2.64.5, and 2.63.8.
2025-03-04
9
CVE-2025-27507

n/a–n/a 
Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.
2025-03-03
9.1
CVE-2025-27583

Oxidized Web project–Oxidized Web 
In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web.
2025-03-03
9
CVE-2025-27590

xwikisas–application-confluence-migrator-pro 
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. A user that doesn’t have programming rights can execute arbitrary code due to an unescaped translation when creating a page using the Migration Page template. This vulnerability is fixed in 1.2.0.
2025-03-07
9.1
CVE-2025-27603

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Hardcoded Password V-2024-013.
2025-03-05
9.8
CVE-2025-27638

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows SQL Injection V-2024-012.
2025-03-05
9.8
CVE-2025-27640

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application 20.0.2368 allows Unauthenticated APIs for Single-Sign On V-2024-009.
2025-03-05
9.8
CVE-2025-27641

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Unauthenticated Driver Package Editing V-2024-008.
2025-03-05
9.8
CVE-2025-27642

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Hardcoded AWS API Key V-2024-006.
2025-03-05
9.8
CVE-2025-27643

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Insecure Extension Installation by Trusting HTTP Permission Methods on the Server Side V-2024-005.
2025-03-05
9.8
CVE-2025-27645

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Edit User Account Exposure V-2024-001.
2025-03-05
9.8
CVE-2025-27646

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Addition of Partial Admin Users Without Authentication V-2024-002.
2025-03-05
9.8
CVE-2025-27647

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Cross Tenant Password Exposure V-2024-003.
2025-03-05
9.8
CVE-2025-27648

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.893 Application 20.0.2140 allows Incorrect Access Control: PHP V-2023-016.
2025-03-05
9.8
CVE-2025-27649

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Private Keys in Docker Overlay V-2023-013.
2025-03-05
9.8
CVE-2025-27650

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: Elatec V-2023-014.
2025-03-05
9.8
CVE-2025-27651

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: rfIDEAS V-2023-015.
2025-03-05
9.8
CVE-2025-27652

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: CPA v1 V-2023-009.
2025-03-05
9.8
CVE-2025-27655

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Password Stored in Process List V-2023-011.
2025-03-05
9.8
CVE-2025-27656

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Code Execution V-2023-008.
2025-03-05
9.8
CVE-2025-27657

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Authentication Bypass OVE-20230524-0001.
2025-03-05
9.8
CVE-2025-27658

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows SQL Injection OVE-20230524-0002.
2025-03-05
9.8
CVE-2025-27659

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Session Fixation OVE-20230524-0004.
2025-03-05
9.1
CVE-2025-27661

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Password in URL OVE-20230524-0005.
2025-03-05
9.8
CVE-2025-27662

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007.
2025-03-05
9.8
CVE-2025-27663

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Antivirus Protection and thus drivers can have known malicious code OVE-20230524-0009.
2025-03-05
9.8
CVE-2025-27665

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010.
2025-03-05
9.8
CVE-2025-27666

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Administrative User Email Enumeration OVE-20230524-0011.
2025-03-05
9.8
CVE-2025-27667

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Arbitrary Content Inclusion via Iframe OVE-20230524-0012.
2025-03-05
9.8
CVE-2025-27668

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Signature Validation OVE-20230524-0014.
2025-03-05
9.8
CVE-2025-27670

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Device Impersonation OVE-20230524-0015.
2025-03-05
9.8
CVE-2025-27671

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows OAUTH Security Bypass OVE-20230524-0016.
2025-03-05
9.8
CVE-2025-27672

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cookie Returned in Response Body OVE-20230524-0017.
2025-03-05
9.1
CVE-2025-27673

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Hardcoded IdP Key V-2023-006.
2025-03-05
9.8
CVE-2025-27674

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004.
2025-03-05
9.8
CVE-2025-27675

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Symbolic Links For Unprivileged File Interaction V-2022-002.
2025-03-05
9.8
CVE-2025-27677

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Client Remote Code Execution V-2023-001.
2025-03-05
9.8
CVE-2025-27678

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.750 Application 20.0.1442 allows Insecure Firmware Image with Insufficient Verification of Data Authenticity V-2024-004.
2025-03-05
9.1
CVE-2025-27680

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004.
2025-03-05
9.8
CVE-2025-27681

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Insecure Log Permissions V-2022-005.
2025-03-05
9.8
CVE-2025-27682

n/a–n/a 
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows Plugin_Host service, which runs on all the servers where InfoScale is installed. The service is used only when applications are configured for Disaster Recovery (DR) using the DR wizard. Disabling the Plugin_Host service manually will eliminate the vulnerability.
2025-03-07
9.8
CVE-2025-27816

NVIDIA–NVIDIA Hopper HGX 8-GPU 
NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the HGX Management Controller (HMC) that may allow a malicious actor with administrative access on the BMC to access the HMC as an administrator. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
2025-03-05
8.1
CVE-2024-0114

cyberlord92–miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon 
The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 200.3.9. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username and the user does not have an already-existing account for the service returning the token.
2025-03-08
8.1
CVE-2024-11087

e4jvikwp–VikRentCar Car Rental Management System 
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the ‘save’ function. This makes it possible for unauthenticated attackers to change plugin access privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Successful exploitation allows attackers with subscriber-level privileges and above to upload arbitrary files on the affected site’s server which may make remote code execution possible.
2025-03-08
8.8
CVE-2024-11640

Chimpstudio–CS Framework 
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cs_widget_file_delete() function in all versions up to, and including, 6.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
2025-03-07
8.8
CVE-2024-12035

ddeveloper–WordPress Awesome Import & Export Plugin – Import & Export WordPress Data 
The WordPress Awesome Import & Export Plugin – Import & Export WordPress Data plugin for WordPress is vulnerable arbitrary SQL Execution and privilege escalation due to a missing capability check on the renderImport() function in all versions up to, and including, 4.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary SQL statements that can leveraged to create a new administrative user account.
2025-03-05
8.8
CVE-2024-13232

tychesoftwares–Product Input Fields for WooCommerce 
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the add_product_input_fields_to_order_item_meta() function in all versions up to, and including, 1.12.1. This may make it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible. Please note that by default the plugin is only vulnerable to a double extension file upload attack, unless an administrators leaves the accepted file extensions field blank which can make .php file uploads possible.
2025-03-08
8.1
CVE-2024-13359

MVPThemes–Flex Mag – Responsive WordPress News Theme 
The Flex Mag – Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the propanel_of_ajax_callback() function in all versions up to, and including, 3.5.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary option values on the WordPress site. This can be leveraged to delete an option that would create an error on the site and deny service to legitimate users.
2025-03-07
8.1
CVE-2024-13655

ZoomIt–ZoomSounds – WordPress Wave Audio Player with Playlist 
The ZoomSounds – WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.91 via deserialization of untrusted input from the ‘margs’ parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
2025-03-05
8.1
CVE-2024-13777

CodeRevolution–Aiomatic – Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit 
The Aiomatic – Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ‘aiomatic_generate_featured_image’ function in all versions up to, and including, 2.3.8. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.
2025-03-08
8.8
CVE-2024-13882

n/a–n/a 
A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232. This vulnerability allows authenticated remote attackers to execute arbitrary SQL commands through unsanitized user input fields to obtain unauthorized information
2025-03-06
8.1
CVE-2024-42844

ibm — engineering_requirements_management_doors_next 
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to download a malicious file without verifying the integrity of the code.
2025-03-03
8.8
CVE-2024-43169

NAKIVO–Backup & Replication Director 
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).
2025-03-04
8.6
CVE-2024-48248

n/a–n/a 
Cross Site Request Forgery (CSRF) vulnerability exists in the ‘pvmsg.php?action=add_message’, pvmsg.php?action=confirm_delete , and ajax.server.php?page=user&action=flip_follow endpoints in Ampache <= 6.6.0.
2025-03-05
8.8
CVE-2024-51144

esri — arcgis_server 
There is an improper access control issue in ArcGIS Server versions 10.9.1 through 11.3 on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone (Unfederated) ArcGIS Server instance.  If successful this compromise would have a high impact on Confidentiality, low impact on integrity and no impact to availability of the software.
2025-03-03
8.5
CVE-2024-51954

esri — arcgis_server 
A SQL injection vulnerability in ArcGIS Server allows an EDIT operation to modify Column properties allowing for the execution of a SQL Injection by a remote authenticated user with elevated (non admin) privileges.  There is a high impact to integrity and confidentiality and no impact to availability.
2025-03-03
8.7
CVE-2024-51962

n/a–n/a 
A DOM Clobbering vulnerability in umeditor v1.2.3 allows attackers to execute arbitrary code via supplying a crafted HTML element.
2025-03-03
8.8
CVE-2024-53387

n/a–n/a 
A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element.
2025-03-03
8.8
CVE-2024-53388

n/a–n/a 
A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access sensitive information.
2025-03-05
8.1
CVE-2024-57174

huawei — emui 
Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability.
2025-03-04
8.4
CVE-2024-58044

huawei — harmonyos 
Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability.
2025-03-04
8.6
CVE-2024-58045

Wind Media–E-Commerce Website Template 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Wind Media E-Commerce Website Template allows SQL Injection.This issue affects E-Commerce Website Template: before v1.5.
2025-03-04
8.6
CVE-2024-9149

dasinfomedia–School Management System for WordPress 
The School Management System for WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 93.0.0. This is due to the plugin not properly validating a user’s identity prior to updating their details like email and password through the mj_smgt_update_user() and mj_smgt_add_admission() functions, along with a local file inclusion vulnerability. This makes it possible for authenticated attackers, with student-level access and above, to change arbitrary user’s email addresses and passwords, including administrators, and leverage that to gain access to their account. This was escalated four months ago after no response to our initial outreach, yet it still vulnerable.
2025-03-07
8.8
CVE-2024-9658

Paragon Software–Paragon Partition Manager 
Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine.
2025-03-03
8.4
CVE-2025-0286

Axis Communications AB–AXIS OS 
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods within the framework. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
2025-03-04
8.5
CVE-2025-0359

gitlab — gitlab 
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances.
2025-03-03
8.7
CVE-2025-0475

Fave Themes–Homey 
The Homey theme for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.3. This is due to the ‘verification_id’ value being set to empty, and the not empty check is missing in the dashboard user profile page. This makes it possible for unauthenticated attackers to log in to the first verified user.
2025-03-07
8.1
CVE-2025-0749

FantasticPlugins–WooCommerce Recover Abandoned Cart 
The WooCommerce Recover Abandoned Cart plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 24.3.0 via deserialization of untrusted input from the ‘raccookie_guest_email’ cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
2025-03-05
8.1
CVE-2025-0956

imithemes–Eventer – WordPress Event & Booking Manager Plugin 
The Eventer – WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL Injection via the reg_id parameter in all versions up to, and including, 3.9.9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-07
8.8
CVE-2025-0959

spicethemes — newscrunch 
The Newscrunch theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.4. This is due to missing or incorrect nonce validation on the newscrunch_install_and_activate_plugin() function. This makes it possible for unauthenticated attackers to upload arbitrary files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-04
8.8
CVE-2025-1306

admintwentytwenty–UiPress lite | Effortless custom dashboards, admin themes and pages 
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the uip_save_form_as_option() function in all versions up to, and including, 3.5.04. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
2025-03-07
8.8
CVE-2025-1309

crowdytheme — arolax 
The Animation Addons for Elementor Pro plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the install_elementor_plugin_handler() function in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to further infect a victim when Elementor is not activated on a vulnerable site.
2025-03-04
8.8
CVE-2025-1639

ManageEngine–ADSelfService Plus 
Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug.
2025-03-03
8.1
CVE-2025-1723

Red Hat–Red Hat Ansible Automation Platform 2.5 for RHEL 8 
A flaw was found in the Ansible aap-gateway. Concurrent requests handled by the gateway grpc service can result in concurrency issues due to race condition requests against the proxy. This issue potentially allows a less privileged user to obtain the JWT of a greater privileged user, enabling the server to be jeopardized. A user session or confidential data might be vulnerable.
2025-03-03
8.1
CVE-2025-1801

Tenda–AC7 
A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
8.8
CVE-2025-1851

Totolink–EX1800T 
A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
8.8
CVE-2025-1852

tenda — ac8_firmware 
A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
8.8
CVE-2025-1853

Google–Chrome 
Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
2025-03-05
8.8
CVE-2025-1914

Google–Chrome 
Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)
2025-03-05
8.1
CVE-2025-1915

Google–Chrome 
Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
2025-03-05
8.8
CVE-2025-1916

Google–Chrome 
Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium)
2025-03-05
8.8
CVE-2025-1918

Google–Chrome 
Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
2025-03-05
8.8
CVE-2025-1919

Mozilla–Firefox 
On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
8.8
CVE-2025-1930

Mozilla–Firefox 
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
8.1
CVE-2025-1933

Mozilla–Firefox 
Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136 and Thunderbird < 136.
2025-03-04
8.2
CVE-2025-1943

TOTOLINK–EX1800T 
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
8.8
CVE-2025-2097

vmware — esxi 
VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
2025-03-04
8.2
CVE-2025-22225

Red Hat–Red Hat Build of Keycloak 
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
2025-03-04
8.1
CVE-2025-23368

NotFound–WP Vehicle Manager 
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in NotFound WP Vehicle Manager allows PHP Local File Inclusion. This issue affects WP Vehicle Manager: from n/a through 3.1.
2025-03-03
8.1
CVE-2025-25109

NotFound–WizShop 
Path Traversal vulnerability in NotFound WizShop allows PHP Local File Inclusion. This issue affects WizShop: from n/a through 3.0.2.
2025-03-03
8.1
CVE-2025-25122

n/a–n/a 
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2.7) allows unauthorized changes to the “Account Owner” field due to client-side-only restrictions and a lack of server-side validation. This vulnerability enables account ownership reassignment to or away from any user.
2025-03-06
8.1
CVE-2025-25497

n/a–n/a 
Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.
2025-03-03
8.1
CVE-2025-25950

ddsn — acora_cms 
Acora CMS version 10.1.1 is vulnerable to Cross-Site Request Forgery (CSRF). This flaw enables attackers to trick authenticated users into performing unauthorized actions, such as account deletion or user creation, by embedding malicious requests in external content. The lack of CSRF protections allows exploitation via crafted requests.
2025-03-03
8.8
CVE-2025-25967

NotFound–Helloprint 
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in NotFound Helloprint allows Path Traversal. This issue affects Helloprint: from n/a through 2.0.7.
2025-03-03
8.6
CVE-2025-26534

wpgeodirectory — events_calendar* 
Deserialization of Untrusted Data vulnerability in Stiofan Events Calendar for GeoDirectory allows Object Injection. This issue affects Events Calendar for GeoDirectory: from n/a through 2.3.14.
2025-03-03
8.8
CVE-2025-26967

Metagauss–ProfileGrid 
Deserialization of Untrusted Data vulnerability in Metagauss ProfileGrid allows Object Injection. This issue affects ProfileGrid : from n/a through 5.9.4.3.
2025-03-03
8.8
CVE-2025-26999

NotFound–Doctor Appointment Booking 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in NotFound Doctor Appointment Booking allows SQL Injection. This issue affects Doctor Appointment Booking: from n/a through 1.0.0.
2025-03-03
8.5
CVE-2025-27263

openziti — openziti 
OpenZiti is a free and open source project focused on bringing zero trust to any application. An endpoint(/api/upload) on the admin panel can be accessed without any form of authentication. This endpoint accepts an HTTP POST to upload a file which is then stored on the node and is available via URL. This can lead to a stored cross site scripting attack if the file uploaded contains malicious code and is then accessed and executed within the context of the user’s browser. This function is no longer necessary as the ziti-console moves from a node server application to a single page application, and has been disabled. The vulnerability is fixed in 3.7.1.
2025-03-03
8.2
CVE-2025-27500

openziti — openziti 
OpenZiti is a free and open source project focused on bringing zero trust to any application. An endpoint on the admin panel can be accessed without any form of authentication. This endpoint accepts a user-supplied URL parameter to connect to an OpenZiti Controller and performs a server-side request, resulting in a potential Server-Side Request Forgery (SSRF) vulnerability. The fixed version has moved the request to the external controller from the server side to the client side, thereby eliminating the identity of the node from being used to gain any additional permissions. This vulnerability is fixed in 3.7.1.
2025-03-03
8.6
CVE-2025-27501

nhairs–python-json-logger 
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party. If the package was claimed, it would allow them RCE on any Python JSON Logger user who installed the development dependencies on Python 3.13 (e.g. pip install python-json-logger[dev]). This issue has been resolved with 3.3.0.
2025-03-07
8.8
CVE-2025-27607

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Privilege Escalation V-2024-015.
2025-03-05
8.8
CVE-2025-27639

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient CSRF Protection OVE-20230524-0008.
2025-03-05
8.8
CVE-2025-27664

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Driver Unrestricted Upload of File with Dangerous Type V-2022-006.
2025-03-05
8.8
CVE-2025-27683

FWDesign–Ultimate Video Player WordPress & WooCommerce Plugin 
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
2025-03-07
7.5
CVE-2024-10804

PozitifIK–Pik Online 
Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: through 05.03.2025. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-05
7.6
CVE-2024-11216

Chimpstudio–CS Framework 
The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.9 via the get_widget_settings_json() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
2025-03-07
7.5
CVE-2024-12036

Finder Fire Safety–Finder ERP/CRM (New System) 
Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection.This issue affects Finder ERP/CRM (New System): before 18.12.2024.
2025-03-06
7.5
CVE-2024-12146

NI–G Web Development Software 
A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may result in arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted project file.  This vulnerability affects G Web Development Software 2022 Q3 and prior versions.
2025-03-06
7.8
CVE-2024-12742

Imagination Technologies–Graphics DDK 
Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.
2025-03-07
7.8
CVE-2024-12837

villatheme–CURCY – WooCommerce Multi Currency – Currency Switcher 
The CURCY – WooCommerce Multi Currency – Currency Switcher plugin for WordPress is vulnerable to SQL Injection via the ‘wc_filter_price_meta[where]’ parameter in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-07
7.5
CVE-2024-13320

designthemes–DesignThemes Core Features 
The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dt_process_imported_file function in all versions up to, and including, 4.7. This makes it possible for unauthenticated attackers to read arbitrary files on the underlying operating system.
2025-03-05
7.5
CVE-2024-13471

Unknown–WordPress Activity O Meter 
The WordPress Activity O Meter WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins.
2025-03-07
7.1
CVE-2024-13668

gandhihitesh9–Post Meta Data Manager 
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.3. This is due to the plugin not properly verifying the existence of a multisite installation prior to allowing user meta to be added/modified. This makes it possible for authenticated attackers, with Administrator-level access and above, to gain elevated privileges on subsites that would otherwise be inaccessible.
2025-03-08
7.2
CVE-2024-13835

sksdev–Allow PHP Execute 
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0. This is due to allowing PHP code to be entered by all users for whom unfiltered HTML is allowed. This makes it possible for authenticated attackers, with Editor-level access and above, to inject PHP code into posts and pages.
2025-03-08
7.2
CVE-2024-13890

bestwebsoft–Gallery by BestWebSoft Customizable Image and Photo Galleries for WordPress 
The Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.7.3 via deserialization of untrusted input in the ‘import_gallery_from_csv’ function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
2025-03-07
7.2
CVE-2024-13906

bestwebsoft–SMTP by BestWebSoft 
The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ‘save_options’ function in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.
2025-03-08
7.2
CVE-2024-13908

n/a–n/a 
Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular registered user is able to elevate his privileges to admin and gain complete access to the system as the authorization mechanism is not validated on the server side and only on the client side. This can result, for example, in creating a new admin user in the system which enables persistent access for the attacker as an administrator.
2025-03-05
7.2
CVE-2024-31525

Miniaudio–Miniaudio 
An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
2025-03-04
7.7
CVE-2024-41147

ibm — engineering_requirements_management_doors_next 
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose application logic or other sensitive information.
2025-03-03
7.5
CVE-2024-41770

ibm — engineering_requirements_management_doors_next 
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose application logic or other sensitive information.
2025-03-03
7.5
CVE-2024-41771

qualcomm — fastconnect_6900_firmware 
Memory corruption while processing camera use case IOCTL call.
2025-03-03
7.8
CVE-2024-43055

qualcomm — qcn6224_firmware 
Memory corruption while processing command in Glink linux.
2025-03-03
7.8
CVE-2024-43057

qualcomm — sa8770p_firmware 
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
2025-03-03
7.8
CVE-2024-43059

qualcomm — ar8035_firmware 
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
2025-03-03
7.8
CVE-2024-43060

qualcomm — fastconnect_6900_firmware 
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
2025-03-03
7.8
CVE-2024-43061

qualcomm — fastconnect_6900_firmware 
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.
2025-03-03
7.8
CVE-2024-43062

qualcomm — fastconnect_6900_firmware 
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.
2025-03-03
7.8
CVE-2024-45580

qualcomm — fastconnect_6900_firmware 
Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.
2025-03-03
7.8
CVE-2024-49836

n/a–n/a 
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malformed message to the target through the Wi-Fi driver.
2025-03-06
7.5
CVE-2024-50600

n/a–n/a 
Unauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary scripts via the page parameter.
2025-03-04
7.1
CVE-2024-50705

IBM–Concert Software 
IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
2025-03-06
7.5
CVE-2024-51476

esri — arcgis_server 
There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 thru 11.3 that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files from the remote server.  Due to the nature of the files accessible in this vulnerability the impact to confidentiality is High there is no impact to both integrity or availability.
2025-03-03
7.5
CVE-2024-51961

n/a–n/a 
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS Transport messages leads to a Denial of Service.
2025-03-06
7.5
CVE-2024-52923

n/a–n/a 
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration Accept messages can lead to out-of-bounds writes on the stack
2025-03-06
7.5
CVE-2024-52924

Qualcomm, Inc.–Snapdragon 
Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
2025-03-03
7.9
CVE-2024-53011

qualcomm — qam8255p_firmware 
Memory corruption may occur due to improper input validation in clock device.
2025-03-03
7.8
CVE-2024-53012

qualcomm — sm6370_firmware 
Memory corruption may occur while validating ports and channels in Audio driver.
2025-03-03
7.8
CVE-2024-53014

qualcomm — qam8255p_firmware 
Memory corruption may occur during communication between primary and guest VM.
2025-03-03
7.8
CVE-2024-53022

qualcomm — ar8035_firmware 
Memory corruption may occur while accessing a variable during extended back to back tests.
2025-03-03
7.8
CVE-2024-53023

qualcomm — qcs6490_firmware 
Memory corruption in display driver while detaching a device.
2025-03-03
7.8
CVE-2024-53024

qualcomm — qca9367_firmware 
Transient DOS may occur while processing the country IE.
2025-03-03
7.5
CVE-2024-53027

qualcomm — qam8255p_firmware 
Memory corruption may occur while processing message from frontend during allocation.
2025-03-03
7.8
CVE-2024-53028

qualcomm — qam8255p_firmware 
Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine.
2025-03-03
7.8
CVE-2024-53029

qualcomm — msm8996au_firmware 
Memory corruption while processing input message passed from FE driver.
2025-03-03
7.8
CVE-2024-53030

qualcomm — qam8255p_firmware 
Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine.
2025-03-03
7.8
CVE-2024-53031

qualcomm — qam8255p_firmware 
Memory corruption may occur in keyboard virtual device due to guest VM interaction.
2025-03-03
7.8
CVE-2024-53032

qualcomm — fastconnect_6900_firmware 
Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.
2025-03-03
7.8
CVE-2024-53033

qualcomm — fastconnect_6900_firmware 
Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.
2025-03-03
7.8
CVE-2024-53034

n/a–n/a 
Sysax Multi Server 6.99 is vulnerable to a denial of service (DoS) condition when processing specially crafted SSH packets.
2025-03-05
7.5
CVE-2024-53458

QNAP Systems Inc.–QTS 
An improper neutralization of CRLF sequences (‘CRLF Injection’) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify application data. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later
2025-03-07
7.1
CVE-2024-53693

huawei — emui 
Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
2025-03-04
7.3
CVE-2024-58043

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject struct_ops registration that uses module ptr and the module btf_id is missing There is a UAF report in the bpf_struct_ops when CONFIG_MODULES=n. In particular, the report is on tcp_congestion_ops that has a “struct module *owner” member. For struct_ops that has a “struct module *owner” member, it can be extended either by the regular kernel module or by the bpf_struct_ops. bpf_try_module_get() will be used to do the refcounting and different refcount is done based on the owner pointer. When CONFIG_MODULES=n, the btf_id of the “struct module” is missing: WARN: resolve_btfids: unresolved symbol module Thus, the bpf_try_module_get() cannot do the correct refcounting. Not all subsystem’s struct_ops requires the “struct module *owner” member. e.g. the recent sched_ext_ops. This patch is to disable bpf_struct_ops registration if the struct_ops has the “struct module *” member and the “struct module” btf_id is missing. The btf_type_is_fwd() helper is moved to the btf.h header file for this test. This has happened since the beginning of bpf_struct_ops which has gone through many changes. The Fixes tag is set to a recent commit that this patch can apply cleanly. Considering CONFIG_MODULES=n is not common and the age of the issue, targeting for bpf-next also.
2025-03-06
7.8
CVE-2024-58060

ExtremePACS–Extreme XDS 
Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows Retrieve Embedded Sensitive Data.This issue affects Extreme XDS: before 3933.
2025-03-06
7.6
CVE-2024-7872

IBM–Aspera Shares 
IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
2025-03-07
7.1
CVE-2025-0162

Paragon Software–Paragon Partition Manager 
Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits.
2025-03-03
7.8
CVE-2025-0285

Paragon Software–Paragon Partition Manager 
Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.
2025-03-03
7.8
CVE-2025-0288

Paragon Software–Paragon Partition Manager 
Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.
2025-03-03
7.8
CVE-2025-0289

Axis Communications AB–AXIS OS 
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API.
2025-03-04
7.8
CVE-2025-0360

gitlab — gitlab 
A Cross Site Scripting (XSS) vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls and execute arbitrary scripts in a users browser under specific conditions.
2025-03-03
7.7
CVE-2025-0555

Arista Networks–EOS 
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available
2025-03-04
7.7
CVE-2025-1259

wppost–WP-Recall Registration, Profile, Commerce & More 
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection via the ‘databeat’ parameter in all versions up to, and including, 16.26.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-08
7.5
CVE-2025-1323

ultimatemember–Ultimate Member User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘search’ parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-05
7.5
CVE-2025-1702

ESAFENET–CDG 
A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by this issue is some unknown functionality of the file /CDGServer3/workflowE/useractivate/updateorg.jsp. The manipulation of the argument flowId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
7.3
CVE-2025-1840

ESAFENET–CDG 
A vulnerability classified as critical has been found in ESAFENET CDG 5.6.3.154.205. This affects an unknown part of the file /CDGServer3/logManagement/ClientSortLog.jsp. The manipulation of the argument startDate/endDate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
7.3
CVE-2025-1841

Codezips–College Management System 
A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Affected by this issue is some unknown functionality of the file /university.php. The manipulation of the argument book_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
7.3
CVE-2025-1850

Codezips–Gym Management System 
A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/gen_invoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
7.3
CVE-2025-1856

PHPGurukul–Nipah Virus Testing Management System 
A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. The manipulation of the argument employeeid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
7.3
CVE-2025-1857

Codezips–Online Shopping Website 
A vulnerability classified as critical was found in Codezips Online Shopping Website 1.0. This vulnerability affects unknown code of the file /success.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
7.3
CVE-2025-1858

phpgurukul — news_portal 
A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file /login.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
7.3
CVE-2025-1859

D-Link–DAP-1562 
A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function http_request_parse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
2025-03-03
7.3
CVE-2025-1876

phpgurukul — restaurant_table_booking_system 
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1894

phpgurukul — restaurant_table_booking_system 
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /add-table.php. The manipulation of the argument tableno leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1900

phpgurukul — restaurant_table_booking_system 
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/check_availability.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1901

phpgurukul — student_record_system 
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1902

codezips — online_shopping_website 
A vulnerability was found in Codezips Online Shopping Website 1.0. It has been rated as critical. This issue affects some unknown processing of the file /cart_add.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1903

Mozilla–Firefox 
A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. *This issue only affects Android versions of Firefox.* This vulnerability affects Firefox < 136.
2025-03-04
7.1
CVE-2025-1940

PHPGurukul–Restaurant Table Booking System 
A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/password-recovery.php. The manipulation of the argument username/mobileno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1952

PHPGurukul–Human Metapneumovirus Testing Management System 
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1954

code-projects–Shopping Portal 
A vulnerability classified as critical has been found in code-projects Shopping Portal 1.0. This affects an unknown part of the file /Shopping/Admin/index.php of the component Login. The manipulation of the argument password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1956

Codezips–Gym Management System 
A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /change_s_pwd.php. The manipulation of the argument login_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
7.3
CVE-2025-1959

projectworlds–Online Hotel Booking 
A vulnerability was found in projectworlds Online Hotel Booking 1.0. It has been classified as critical. This affects an unknown part of the file /admin/addroom.php. The manipulation of the argument roomname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-05
7.3
CVE-2025-1962

projectworlds–Online Hotel Booking 
A vulnerability was found in projectworlds Online Hotel Booking 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /reservation.php. The manipulation of the argument checkin leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-05
7.3
CVE-2025-1963

projectworlds–Online Hotel Booking 
A vulnerability was found in projectworlds Online Hotel Booking 1.0. It has been rated as critical. This issue affects some unknown processing of the file /booknow.php?roomname=Duplex. The manipulation of the argument checkin leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
2025-03-05
7.3
CVE-2025-1964

projectworlds–Online Hotel Booking 
A vulnerability classified as critical has been found in projectworlds Online Hotel Booking 1.0. Affected is an unknown function of the file /admin/login.php. The manipulation of the argument emailusername leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-05
7.3
CVE-2025-1965

PHPGurukul–Pre-School Enrollment System 
A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-05
7.3
CVE-2025-1966

Devolutions–Server 
Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the ‘add in root’ permission.
2025-03-05
7.1
CVE-2025-2003

Cisco–Cisco Secure Client 
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to a specific Cisco Secure Client process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid user credentials on the Windows system.
2025-03-05
7.1
CVE-2025-20206

Seeyon–Zhiyuan Interconnect FE Collaborative Office Platform 
A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform up to 20250224. It has been rated as critical. Affected by this issue is some unknown functionality of the file /security/addUser.jsp. The manipulation of the argument groupId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-06
7.3
CVE-2025-2030

PHPGurukul–Pre-School Enrollment System 
A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-class.php?cid=1. The manipulation of the argument classname/capacity leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
7.3
CVE-2025-2034

code-projects–Blood Bank Management System 
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /upload/. The manipulation leads to exposure of information through directory listing. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
7.3
CVE-2025-2038

PHPGurukul–User Registration & Login and User Management System 
A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2050

PHPGurukul–Emergency Ambulance Hiring Portal 
A vulnerability, which was classified as critical, was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/about-us.php. The manipulation of the argument pagedes leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2057

PHPGurukul–Emergency Ambulance Hiring Portal 
A vulnerability has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2058

PHPGurukul–Emergency Ambulance Hiring Portal 
A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/booking-details.php. The manipulation of the argument ambulanceregnum leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2059

PHPGurukul–Emergency Ambulance Hiring Portal 
A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2060

projectworlds–Life Insurance Management System 
A vulnerability classified as critical has been found in projectworlds Life Insurance Management System 1.0. Affected is an unknown function of the file /clientStatus.php. The manipulation of the argument client_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2062

projectworlds–Life Insurance Management System 
A vulnerability classified as critical was found in projectworlds Life Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /deleteNominee.php. The manipulation of the argument nominee_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2063

projectworlds–Life Insurance Management System 
A vulnerability, which was classified as critical, has been found in projectworlds Life Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file /deletePayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2064

MediaTek, Inc.–MT2735, MT2737, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8673, MT8791T, MT8795T, MT8798 
In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.
2025-03-03
7.5
CVE-2025-20644

MediaTek, Inc.–MT6765, MT6768, MT6833, MT6835, MT6853, MT6855, MT6879, MT6886, MT6893, MT6897, MT6983, MT6985, MT6989, MT8796 
In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599.
2025-03-03
7.8
CVE-2025-20645

MediaTek, Inc.–MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798 
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00791311 / MOLY01067019; Issue ID: MSV-2721.
2025-03-03
7.5
CVE-2025-20647

projectworlds–Life Insurance Management System 
A vulnerability, which was classified as critical, was found in projectworlds Life Insurance Management System 1.0. This affects an unknown part of the file /editAgent.php. The manipulation of the argument agent_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2065

projectworlds–Life Insurance Management System 
A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /updateAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2066

projectworlds–Life Insurance Management System 
A vulnerability was found in projectworlds Life Insurance Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /search.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2067

PHPGurukul–Pre-School Enrollment System 
A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System up to 1.0. Affected is an unknown function of the file /admin/profile.php. The manipulation of the argument fullname/emailid/mobileNumber leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
7.3
CVE-2025-2088

Samsung Mobile–Samsung Mobile Devices 
Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
2025-03-06
7.3
CVE-2025-20903

Samsung Mobile–Samsung Notes 
Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
2025-03-06
7.3
CVE-2025-20929

Samsung Mobile–Samsung Notes 
Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
2025-03-06
7.3
CVE-2025-20931

AT Software Solutions–ATSVD 
A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The manipulation of the argument txtCPF leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.2 is able to address this issue. It is recommended to upgrade the affected component.
2025-03-09
7.3
CVE-2025-2113

Quantico Tecnologia–PRMV 
A vulnerability was found in Quantico Tecnologia PRMV 6.48. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Login Endpoint. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-09
7.3
CVE-2025-2118

qualcomm — 315_5g_iot_modem_firmware 
Memory corruption while calling the NPU driver APIs concurrently.
2025-03-03
7.8
CVE-2025-21424

vmware — esxi 
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
2025-03-04
7.1
CVE-2025-22226

marekki–Marekkis Watermark 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in marekki Marekkis Watermark allows Reflected XSS. This issue affects Marekkis Watermark: from n/a through 0.9.4.
2025-03-03
7.1
CVE-2025-23425

jnwry–vcOS 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in jnwry vcOS allows Reflected XSS. This issue affects vcOS: from n/a through 1.4.0.
2025-03-03
7.1
CVE-2025-23433

NotFound–ntp-header-images 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound ntp-header-images allows Reflected XSS. This issue affects ntp-header-images: from n/a through 1.2.
2025-03-03
7.1
CVE-2025-23437

willshouse–TinyMCE Extended Config 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in willshouse TinyMCE Extended Config allows Reflected XSS. This issue affects TinyMCE Extended Config: from n/a through 0.1.0.
2025-03-03
7.1
CVE-2025-23439

NotFound–Attach Gallery Posts 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Attach Gallery Posts allows Reflected XSS. This issue affects Attach Gallery Posts: from n/a through 1.6.
2025-03-03
7.1
CVE-2025-23441

NotFound–WP SpaceContent 
Cross-Site Request Forgery (CSRF) vulnerability in NotFound WP SpaceContent allows Stored XSS. This issue affects WP SpaceContent: from n/a through 0.4.5.
2025-03-03
7.1
CVE-2025-23446

NotFound–Smooth Dynamic Slider 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Smooth Dynamic Slider allows Reflected XSS. This issue affects Smooth Dynamic Slider: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23447

agenwebsite–AW WooCommerce Kode Pembayaran 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in agenwebsite AW WooCommerce Kode Pembayaran allows Reflected XSS. This issue affects AW WooCommerce Kode Pembayaran: from n/a through 1.1.4.
2025-03-03
7.1
CVE-2025-23450

NotFound–Awesome Twitter Feeds 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Awesome Twitter Feeds allows Reflected XSS. This issue affects Awesome Twitter Feeds: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23451

NotFound–Twitter News Feed 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Twitter News Feed allows Reflected XSS. This issue affects Twitter News Feed: from n/a through 1.1.1.
2025-03-03
7.1
CVE-2025-23464

NotFound–Vampire Character Manager 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Vampire Character Manager allows Reflected XSS. This issue affects Vampire Character Manager: from n/a through 2.13.
2025-03-03
7.1
CVE-2025-23465

NotFound–Essay Wizard (wpCRES) 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Essay Wizard (wpCRES) allows Reflected XSS. This issue affects Essay Wizard (wpCRES): from n/a through 1.0.6.4.
2025-03-03
7.1
CVE-2025-23468

NotFound–Flexo Slider 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Flexo Slider allows Reflected XSS. This issue affects Flexo Slider: from n/a through 1.0013.
2025-03-03
7.1
CVE-2025-23472

NotFound–Killer Theme Options 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Killer Theme Options allows Reflected XSS. This issue affects Killer Theme Options: from n/a through 2.0.
2025-03-03
7.1
CVE-2025-23473

NotFound–Photo Video Store 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Photo Video Store allows Reflected XSS. This issue affects Photo Video Store: from n/a through 21.07.
2025-03-03
7.1
CVE-2025-23478

NotFound–melascrivi 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound melascrivi allows Reflected XSS. This issue affects melascrivi: from n/a through 1.4.
2025-03-03
7.1
CVE-2025-23479

NotFound–Ni WooCommerce Sales Report Email 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Ni WooCommerce Sales Report Email allows Reflected XSS. This issue affects Ni WooCommerce Sales Report Email: from n/a through 3.1.4.
2025-03-03
7.1
CVE-2025-23481

NotFound–azurecurve Floating Featured Image 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound azurecurve Floating Featured Image allows Reflected XSS. This issue affects azurecurve Floating Featured Image: from n/a through 2.2.0.
2025-03-03
7.1
CVE-2025-23482

NotFound–Predict When 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Predict When allows Reflected XSS. This issue affects Predict When: from n/a through 1.3.
2025-03-03
7.1
CVE-2025-23484

richestsoft–RS Survey 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in richestsoft RS Survey allows Reflected XSS. This issue affects RS Survey: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23485

NotFound–Easy Gallery 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Easy Gallery allows Reflected XSS. This issue affects Easy Gallery: from n/a through 1.4.
2025-03-03
7.1
CVE-2025-23487

NotFound–rng-refresh 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound rng-refresh allows Reflected XSS. This issue affects rng-refresh: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23488

NotFound–Browser-Update-Notify 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Browser-Update-Notify allows Reflected XSS. This issue affects Browser-Update-Notify: from n/a through 0.2.1.
2025-03-03
7.1
CVE-2025-23490

NotFound–Google Transliteration 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Google Transliteration allows Reflected XSS. This issue affects Google Transliteration: from n/a through 1.7.2.
2025-03-03
7.1
CVE-2025-23493

NotFound–Quizzin 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Quizzin allows Reflected XSS. This issue affects Quizzin: from n/a through 1.01.4.
2025-03-03
7.1
CVE-2025-23494

NotFound–WP FPO 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP FPO allows Reflected XSS. This issue affects WP FPO: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23496

NotFound–Curated Search 
Cross-Site Request Forgery (CSRF) vulnerability in NotFound Curated Search allows Stored XSS. This issue affects Curated Search: from n/a through 1.2.
2025-03-03
7.1
CVE-2025-23502

NotFound–Pit Login Welcome 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Pit Login Welcome allows Reflected XSS. This issue affects Pit Login Welcome: from n/a through 1.1.5.
2025-03-03
7.1
CVE-2025-23505

NotFound–Sale with Razorpay 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Sale with Razorpay allows Reflected XSS. This issue affects Sale with Razorpay: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23516

NotFound–Google Map on Post/Page 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Google Map on Post/Page allows Reflected XSS. This issue affects Google Map on Post/Page: from n/a through 1.1.
2025-03-03
7.1
CVE-2025-23517

NotFound–GoogleMapper 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound GoogleMapper allows Reflected XSS. This issue affects GoogleMapper: from n/a through 2.0.3.
2025-03-03
7.1
CVE-2025-23518

NotFound–G Web Pro Store Locator 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound G Web Pro Store Locator allows Reflected XSS. This issue affects G Web Pro Store Locator: from n/a through 2.0.1.
2025-03-03
7.1
CVE-2025-23519

SecureSubmit–Heartland Management Terminal 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in SecureSubmit Heartland Management Terminal allows Reflected XSS. This issue affects Heartland Management Terminal: from n/a through 1.3.0.
2025-03-03
7.1
CVE-2025-23520

NotFound–Goodlayers Blocks 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Goodlayers Blocks allows Reflected XSS. This issue affects Goodlayers Blocks: from n/a through 1.0.1.
2025-03-03
7.1
CVE-2025-23521

NotFound–ClickBank Storefront 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound ClickBank Storefront allows Reflected XSS. This issue affects ClickBank Storefront: from n/a through 1.7.
2025-03-03
7.1
CVE-2025-23524

NotFound–Swift Calendar Online Appointment Scheduling 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Swift Calendar Online Appointment Scheduling allows Reflected XSS. This issue affects Swift Calendar Online Appointment Scheduling: from n/a through 1.3.3.
2025-03-03
7.1
CVE-2025-23526

NotFound–Track Page Scroll 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Track Page Scroll allows Reflected XSS. This issue affects Track Page Scroll: from n/a through 1.0.2.
2025-03-03
7.1
CVE-2025-23536

NotFound–WP Contest 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Contest allows Reflected XSS. This issue affects WP Contest: from n/a through 1.0.0.
2025-03-03
7.1
CVE-2025-23538

NotFound–Awesome Hooks 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Awesome Hooks allows Reflected XSS. This issue affects Awesome Hooks: from n/a through 1.0.1.
2025-03-03
7.1
CVE-2025-23539

NotFound–Maniac SEO 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Maniac SEO allows Reflected XSS. This issue affects Maniac SEO: from n/a through 2.0.
2025-03-03
7.1
CVE-2025-23549

NotFound–Texteller 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Texteller allows Reflected XSS. This issue affects Texteller: from n/a through 1.3.0.
2025-03-03
7.1
CVE-2025-23552

David Cramer–Userbase Access Control 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in David Cramer Userbase Access Control allows Reflected XSS. This issue affects Userbase Access Control: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23553

NotFound–Ui Slider Filter By Price 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Ui Slider Filter By Price allows Reflected XSS. This issue affects Ui Slider Filter By Price: from n/a through 1.1.
2025-03-03
7.1
CVE-2025-23555

NotFound–Push Envoy Notifications 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Push Envoy Notifications allows Reflected XSS. This issue affects Push Envoy Notifications: from n/a through 1.0.0.
2025-03-03
7.1
CVE-2025-23556

NotFound–Explore pages 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Explore pages allows Reflected XSS. This issue affects Explore pages: from n/a through 1.01.
2025-03-03
7.1
CVE-2025-23563

mohsenshahbazi–WP FixTag 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in mohsenshahbazi WP FixTag allows Reflected XSS. This issue affects WP FixTag: from n/a through v2.0.2.
2025-03-03
7.1
CVE-2025-23564

NotFound–Wibstats 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Wibstats allows Reflected XSS. This issue affects Wibstats: from n/a through 0.5.5.
2025-03-03
7.1
CVE-2025-23565

NotFound–WP Social Links 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Social Links allows Reflected XSS. This issue affects WP Social Links: from n/a through 0.3.1.
2025-03-03
7.1
CVE-2025-23570

NotFound–DX Sales CRM 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound DX Sales CRM allows Reflected XSS. This issue affects DX Sales CRM: from n/a through 1.1.
2025-03-03
7.1
CVE-2025-23575

NotFound–WP Intro.JS 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Intro.JS allows Reflected XSS. This issue affects WP Intro.JS: from n/a through 1.1.
2025-03-03
7.1
CVE-2025-23576

NotFound–Pin Locations on Map 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Pin Locations on Map allows Reflected XSS. This issue affects Pin Locations on Map: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23584

CantonBolo–Goo.gl Url Shorter 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CantonBolo Goo.gl Url Shorter allows Reflected XSS. This issue affects Goo.gl Url Shorter: from n/a through 1.0.1.
2025-03-03
7.1
CVE-2025-23585

NotFound–WP Post Category Notifications 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Post Category Notifications allows Reflected XSS. This issue affects WP Post Category Notifications: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23586

NotFound–all-in-one-box-login 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound all-in-one-box-login allows Reflected XSS. This issue affects all-in-one-box-login: from n/a through 2.0.1.
2025-03-03
7.1
CVE-2025-23587

NotFound–Page Health-O-Meter 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Page Health-O-Meter allows Reflected XSS. This issue affects Page Health-O-Meter: from n/a through 2.0.
2025-03-03
7.1
CVE-2025-23595

pinal.shah–Send to a Friend Addon 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in pinal.shah Send to a Friend Addon allows Reflected XSS. This issue affects Send to a Friend Addon: from n/a through 1.4.1.
2025-03-03
7.1
CVE-2025-23600

NotFound–Canalplan 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Canalplan allows Reflected XSS. This issue affects Canalplan: from n/a through 5.31.
2025-03-03
7.1
CVE-2025-23616

NotFound–Catch Duplicate Switcher 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Catch Duplicate Switcher allows Reflected XSS. This issue affects Catch Duplicate Switcher: from n/a through 2.0.
2025-03-03
7.1
CVE-2025-23619

mobde3net–ePermissions 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in mobde3net ePermissions allows Reflected XSS. This issue affects ePermissions: from n/a through 1.2.
2025-03-03
7.1
CVE-2025-23635

NotFound–WordPress 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound 新淘客WordPress插件 allows Reflected XSS. This issue affects 新淘客WordPress插件: from n/a through 1.1.2.
2025-03-03
7.1
CVE-2025-23637

Adrian Vaquez–Contexto 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Adrian Vaquez Contexto allows Reflected XSS. This issue affects Contexto: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23663

NotFound–ChatGPT Open AI Images & Content for WooCommerce 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound ChatGPT Open AI Images & Content for WooCommerce allows Reflected XSS. This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through 2.2.0.
2025-03-03
7.1
CVE-2025-23668

NotFound–4 author cheer up donate 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound 4 author cheer up donate allows Reflected XSS. This issue affects 4 author cheer up donate: from n/a through 1.3.
2025-03-03
7.1
CVE-2025-23670

NotFound–Cobwebo URL Plugin 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Cobwebo URL Plugin allows Reflected XSS. This issue affects Cobwebo URL Plugin: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23688

NotFound–Login Watchdog 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Login Watchdog allows Stored XSS. This issue affects Login Watchdog: from n/a through 1.0.4.
2025-03-03
7.1
CVE-2025-23716

NotFound–Mancx AskMe Widget 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Mancx AskMe Widget allows Reflected XSS. This issue affects Mancx AskMe Widget: from n/a through 0.3.
2025-03-03
7.1
CVE-2025-23718

NotFound–Mobigate 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Mobigate allows Reflected XSS. This issue affects Mobigate: from n/a through 1.0.3.
2025-03-03
7.1
CVE-2025-23721

NotFound–ComparePress 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound ComparePress allows Reflected XSS. This issue affects ComparePress: from n/a through 2.0.8.
2025-03-03
7.1
CVE-2025-23726

infosoftplugin–Tax Report for WooCommerce 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in infosoftplugin Tax Report for WooCommerce allows Reflected XSS. This issue affects Tax Report for WooCommerce: from n/a through 2.2.
2025-03-03
7.1
CVE-2025-23731

NotFound–Form To JSON 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Form To JSON allows Reflected XSS. This issue affects Form To JSON: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23736

NotFound–Ps Ads Pro 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Ps Ads Pro allows Reflected XSS. This issue affects Ps Ads Pro: from n/a through 1.0.0.
2025-03-03
7.1
CVE-2025-23738

NotFound–WP Ultimate Reviews FREE 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Ultimate Reviews FREE allows Reflected XSS. This issue affects WP Ultimate Reviews FREE: from n/a through 1.0.2.
2025-03-03
7.1
CVE-2025-23739

NotFound–Easy School Registration 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Easy School Registration allows Reflected XSS. This issue affects Easy School Registration: from n/a through 3.9.8.
2025-03-03
7.1
CVE-2025-23740

NotFound–Notifications Center 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Notifications Center allows Reflected XSS. This issue affects Notifications Center: from n/a through 1.5.2.
2025-03-03
7.1
CVE-2025-23741

NotFound–DN Sitemap Control 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound DN Sitemap Control allows Reflected XSS. This issue affects DN Sitemap Control: from n/a through 1.0.6.
2025-03-03
7.1
CVE-2025-23753

NotFound–DsgnWrks Twitter Importer 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound DsgnWrks Twitter Importer allows Reflected XSS. This issue affects DsgnWrks Twitter Importer: from n/a through 1.1.4.
2025-03-03
7.1
CVE-2025-23762

NotFound–Guten Free Options 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Guten Free Options allows Reflected XSS. This issue affects Guten Free Options: from n/a through 0.9.5.
2025-03-03
7.1
CVE-2025-23813

NotFound–CRUDLab Like Box 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound CRUDLab Like Box allows Reflected XSS. This issue affects CRUDLab Like Box: from n/a through 2.0.9.
2025-03-03
7.1
CVE-2025-23814

wphrmanager–WP-HR Manager: The Human Resources Plugin for WordPress 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in wphrmanager WP-HR Manager: The Human Resources Plugin for WordPress allows Reflected XSS. This issue affects WP-HR Manager: The Human Resources Plugin for WordPress: from n/a through 3.1.0.
2025-03-03
7.1
CVE-2025-23843

NotFound–Site Launcher 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Site Launcher allows Reflected XSS. This issue affects Site Launcher: from n/a through 0.9.4.
2025-03-03
7.1
CVE-2025-23847

NotFound–Mojo Under Construction 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Mojo Under Construction allows Reflected XSS. This issue affects Mojo Under Construction: from n/a through 1.1.2.
2025-03-03
7.1
CVE-2025-23850

NotFound–First Comment Redirect 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound First Comment Redirect allows Reflected XSS. This issue affects First Comment Redirect: from n/a through 1.0.3.
2025-03-03
7.1
CVE-2025-23852

PillarDev–Easy Automatic Newsletter Lite 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in PillarDev Easy Automatic Newsletter Lite allows Reflected XSS. This issue affects Easy Automatic Newsletter Lite: from n/a through 3.2.0.
2025-03-03
7.1
CVE-2025-23879

NotFound–LJ Custom Menu Links 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound LJ Custom Menu Links allows Reflected XSS. This issue affects LJ Custom Menu Links: from n/a through 2.5.
2025-03-03
7.1
CVE-2025-23881

NotFound–Stray Random Quotes 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Stray Random Quotes allows Reflected XSS. This issue affects Stray Random Quotes: from n/a through 1.9.9.
2025-03-03
7.1
CVE-2025-23883

NotFound–Local Shipping Labels for WooCommerce 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Local Shipping Labels for WooCommerce allows Reflected XSS. This issue affects Local Shipping Labels for WooCommerce: from n/a through 1.0.0.
2025-03-03
7.1
CVE-2025-23903

NotFound–Rebrand Fluent Forms 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Rebrand Fluent Forms allows Reflected XSS. This issue affects Rebrand Fluent Forms: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-23904

NotFound–Popliup 
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in NotFound Popliup allows PHP Local File Inclusion. This issue affects Popliup: from n/a through 1.1.1.
2025-03-03
7.5
CVE-2025-23945

NotFound–WP Easy Post Mailer 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Easy Post Mailer allows Reflected XSS. This issue affects WP Easy Post Mailer: from n/a through 0.64.
2025-03-03
7.1
CVE-2025-23956

Keysight–Ixia Vision Product Family 
Path traversal may allow remote code execution using privileged account (requires device admin account, cannot be performed by a regular user). In combination with the ‘Upload’ functionality this could be used to execute an arbitrary script or possibly an uploaded binary. Remediation in Version 6.7.0, release date: 20-Oct-24.
2025-03-05
7.2
CVE-2025-24494

SEO Squirrly–SEO Plugin by Squirrly SEO 
Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.4.05.
2025-03-03
7.1
CVE-2025-24654

CreativeMindsSolutions–CM Email Registration Blacklist and Whitelist 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CreativeMindsSolutions CM Email Registration Blacklist and Whitelist allows Reflected XSS. This issue affects CM Email Registration Blacklist and Whitelist: from n/a through 1.5.5.
2025-03-03
7.1
CVE-2025-24694

CreativeMindsSolutions–CM Map Locations 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CreativeMindsSolutions CM Map Locations allows Reflected XSS. This issue affects CM Map Locations: from n/a through 2.0.8.
2025-03-03
7.1
CVE-2025-24758

Century Systems Co., Ltd.–FutureNet AS-250/S 
Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request.
2025-03-03
7.5
CVE-2025-24846

NotFound–Album Reviewer 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Album Reviewer allows Stored XSS. This issue affects Album Reviewer: from n/a through 2.0.2.
2025-03-03
7.1
CVE-2025-25070

NotFound–EP4 More Embeds 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound EP4 More Embeds allows Stored XSS. This issue affects EP4 More Embeds: from n/a through 1.0.0.
2025-03-03
7.1
CVE-2025-25083

NotFound–seekXL Snapr 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound seekXL Snapr allows Reflected XSS. This issue affects seekXL Snapr: from n/a through 2.0.6.
2025-03-03
7.1
CVE-2025-25087

appten–Image Rotator 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in appten Image Rotator allows Reflected XSS. This issue affects Image Rotator: from n/a through 2.0.
2025-03-03
7.1
CVE-2025-25089

NotFound–Dreamstime Stock Photos 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Dreamstime Stock Photos allows Reflected XSS. This issue affects Dreamstime Stock Photos: from n/a through 4.0.
2025-03-03
7.1
CVE-2025-25090

gtlwpdev–All push notification for WP 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in gtlwpdev All push notification for WP allows Reflected XSS. This issue affects All push notification for WP: from n/a through 1.5.3.
2025-03-03
7.1
CVE-2025-25092

accreteinfosolution–Appointment Buddy Widget 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in accreteinfosolution Appointment Buddy Widget allows Reflected XSS. This issue affects Appointment Buddy Widget: from n/a through 1.2.
2025-03-03
7.1
CVE-2025-25099

NotFound–Yahoo BOSS 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Yahoo BOSS allows Reflected XSS. This issue affects Yahoo BOSS: from n/a through 0.7.
2025-03-03
7.1
CVE-2025-25102

shalomworld–SW Plus 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in shalomworld SW Plus allows Reflected XSS. This issue affects SW Plus: from n/a through 2.1.
2025-03-03
7.1
CVE-2025-25108

NotFound–Social Links 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in NotFound Social Links allows Blind SQL Injection. This issue affects Social Links: from n/a through 1.2.
2025-03-03
7.6
CVE-2025-25112

NotFound–Implied Cookie Consent 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Implied Cookie Consent allows Reflected XSS. This issue affects Implied Cookie Consent: from n/a through 1.3.
2025-03-03
7.1
CVE-2025-25113

ehabstar–User Role 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ehabstar User Role allows Reflected XSS. This issue affects User Role: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-25114

NotFound–Top Bar PopUps by WPOptin 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Top Bar – PopUps – by WPOptin allows Reflected XSS. This issue affects Top Bar – PopUps – by WPOptin: from n/a through 2.0.8.
2025-03-03
7.1
CVE-2025-25118

NotFound–Woocommerce osCommerce Sync 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Woocommerce osCommerce Sync allows Reflected XSS. This issue affects Woocommerce osCommerce Sync: from n/a through 2.0.20.
2025-03-03
7.1
CVE-2025-25119

NotFound–Theme Options Z 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Theme Options Z allows Stored XSS. This issue affects Theme Options Z: from n/a through 1.4.
2025-03-03
7.1
CVE-2025-25121

devu–Status Updater 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in devu Status Updater allows Reflected XSS. This issue affects Status Updater: from n/a through 1.9.2.
2025-03-03
7.1
CVE-2025-25124

Rohitashv Singhal–Contact Us By Lord Linus 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Rohitashv Singhal Contact Us By Lord Linus allows Reflected XSS. This issue affects Contact Us By Lord Linus: from n/a through 2.6.
2025-03-03
7.1
CVE-2025-25127

NotFound–Callback Request 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Callback Request allows Reflected XSS. This issue affects Callback Request: from n/a through 1.4.
2025-03-03
7.1
CVE-2025-25129

NotFound–Delete Comments By Status 
Relative Path Traversal vulnerability in NotFound Delete Comments By Status allows PHP Local File Inclusion. This issue affects Delete Comments By Status: from n/a through 2.1.1.
2025-03-03
7.5
CVE-2025-25130

ravi Singh–Visitor Details 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ravi Singh Visitor Details allows Stored XSS. This issue affects Visitor Details: from n/a through 1.0.1.
2025-03-03
7.1
CVE-2025-25132

NotFound–WP Frontend Submit 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Frontend Submit allows Cross-Site Scripting (XSS). This issue affects WP Frontend Submit: from n/a through 1.1.0.
2025-03-03
7.1
CVE-2025-25133

NotFound–WP Less Compiler 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Less Compiler allows Stored XSS. This issue affects WP Less Compiler: from n/a through 1.3.0.
2025-03-03
7.1
CVE-2025-25142

NotFound–WP Church Center 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Church Center allows Reflected XSS. This issue affects WP Church Center: from n/a through 1.3.3.
2025-03-03
7.1
CVE-2025-25157

NotFound–Uncomplicated SEO 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Uncomplicated SEO allows Reflected XSS. This issue affects Uncomplicated SEO: from n/a through 1.2.
2025-03-03
7.1
CVE-2025-25158

NotFound–WP Find Your Nearest 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound WP Find Your Nearest allows Reflected XSS. This issue affects WP Find Your Nearest: from n/a through 0.3.1.
2025-03-03
7.1
CVE-2025-25161

NotFound–Sports Rankings and Lists 
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in NotFound Sports Rankings and Lists allows Absolute Path Traversal. This issue affects Sports Rankings and Lists: from n/a through 1.0.2.
2025-03-03
7.5
CVE-2025-25162

NotFound–Meta Accelerator 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Meta Accelerator allows Reflected XSS. This issue affects Meta Accelerator: from n/a through 1.0.4.
2025-03-03
7.1
CVE-2025-25164

NotFound–Staff Directory Plugin: Company Directory 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Staff Directory Plugin: Company Directory allows Stored XSS. This issue affects Staff Directory Plugin: Company Directory: from n/a through 4.3.
2025-03-03
7.1
CVE-2025-25165

NotFound–Authors Autocomplete Meta Box 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Authors Autocomplete Meta Box allows Reflected XSS. This issue affects Authors Autocomplete Meta Box: from n/a through 1.2.
2025-03-03
7.1
CVE-2025-25169

NotFound–Migrate Posts 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Migrate Posts allows Reflected XSS. This issue affects Migrate Posts: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-25170

binary-husky — gpt_academic 
GPT Academic provides interactive interfaces for large language models. In 3.91 and earlier, GPT Academic does not properly account for soft links. An attacker can create a malicious file as a soft link pointing to a target file, then package this soft link file into a tar.gz file and upload it. Subsequently, when accessing the decompressed file from the server, the soft link will point to the target file on the victim server. The vulnerability allows attackers to read all files on the server.
2025-03-03
7.5
CVE-2025-25185

danielgatis — rembg 
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure.
2025-03-03
7.5
CVE-2025-25301

n/a–n/a 
Incorrect access control in the KSRTC AWATAR app of Karnataka State Road Transport Corporation v1.3.0 allows to view sensitive information such as usernames and passwords.
2025-03-06
7.5
CVE-2025-25381

n/a–n/a 
yshopmall <=v1.9.0 is vulnerable to SQL Injection in the image listing interface.
2025-03-04
7.2
CVE-2025-25426

n/a–n/a 
An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive user information.
2025-03-03
7.5
CVE-2025-25951

n/a–n/a 
Buffalo LS520D 4.53 is vulnerable to Arbitrary file read, which allows unauthenticated attackers to access the NAS web UI and read arbitrary internal files.
2025-03-06
7.5
CVE-2025-26167

Dell–Wyse Proprietary OS (Modern ThinOS) 
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.
2025-03-07
7.8
CVE-2025-26331

NotFound–Helloprint 
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in NotFound Helloprint allows Path Traversal. This issue affects Helloprint: from n/a through 2.0.7.
2025-03-03
7.7
CVE-2025-26540

NotFound–ViperBar 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound ViperBar allows Reflected XSS. This issue affects ViperBar: from n/a through 2.0.
2025-03-03
7.1
CVE-2025-26557

NotFound–Mobile 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Mobile allows Reflected XSS. This issue affects Mobile: from n/a through 1.3.3.
2025-03-03
7.1
CVE-2025-26563

NotFound–DL Leadback 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound DL Leadback allows Reflected XSS. This issue affects DL Leadback: from n/a through 1.2.1.
2025-03-03
7.1
CVE-2025-26585

NotFound–Events Planner 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Events Planner allows Reflected XSS. This issue affects Events Planner: from n/a through 1.3.10.
2025-03-03
7.1
CVE-2025-26586

NotFound–sidebarTabs 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound sidebarTabs allows Reflected XSS. This issue affects sidebarTabs: from n/a through 3.1.
2025-03-03
7.1
CVE-2025-26587

NotFound–TTT Crop 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound TTT Crop allows Reflected XSS. This issue affects TTT Crop: from n/a through 1.0.
2025-03-03
7.1
CVE-2025-26588

NotFound–IE CSS3 Support 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound IE CSS3 Support allows Reflected XSS. This issue affects IE CSS3 Support: from n/a through 2.0.1.
2025-03-03
7.1
CVE-2025-26589

Cristin Lvaque–s2Member Pro 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Cristián Lávaque s2Member Pro allows Reflected XSS. This issue affects s2Member Pro: from n/a through 241216.
2025-03-03
7.1
CVE-2025-26879

Brent Jett–Assistant 
Deserialization of Untrusted Data vulnerability in Brent Jett Assistant allows Object Injection. This issue affects Assistant: from n/a through 1.5.1.
2025-03-03
7.2
CVE-2025-26885

Bowo–Variable Inspector 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Bowo Variable Inspector allows Reflected XSS. This issue affects Variable Inspector: from n/a through 2.6.2.
2025-03-03
7.1
CVE-2025-26914

HasThemes–WP Templata 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in HasThemes WP Templata allows Reflected XSS. This issue affects WP Templata: from n/a through 1.0.7.
2025-03-03
7.1
CVE-2025-26917

enituretechnology–Small Package Quotes Unishippers Edition 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in enituretechnology Small Package Quotes – Unishippers Edition allows Reflected XSS. This issue affects Small Package Quotes – Unishippers Edition: from n/a through 2.4.9.
2025-03-03
7.1
CVE-2025-26918

cozyvision — sms_alert_order_notifications 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Cozy Vision SMS Alert Order Notifications – WooCommerce allows Reflected XSS. This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.7.8.
2025-03-03
7.1
CVE-2025-26984

softdiscover — zigaform 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in softdiscover Zigaform – Form Builder Lite allows Stored XSS. This issue affects Zigaform – Form Builder Lite: from n/a through 7.4.2.
2025-03-03
7.1
CVE-2025-26989

softdiscover — zigaform 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in softdiscover Zigaform – Price Calculator & Cost Estimation Form Builder Lite allows Stored XSS. This issue affects Zigaform – Price Calculator & Cost Estimation Form Builder Lite: from n/a through 7.4.2.
2025-03-03
7.1
CVE-2025-26994

NotFound–Doctor Appointment Booking 
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in NotFound Doctor Appointment Booking allows PHP Local File Inclusion. This issue affects Doctor Appointment Booking: from n/a through 1.0.0.
2025-03-03
7.5
CVE-2025-27264

NotFound–.htaccess Login block 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound .htaccess Login block allows Reflected XSS. This issue affects .htaccess Login block: from n/a through 0.9a.
2025-03-03
7.1
CVE-2025-27269

NotFound–DB Tables Import/Export 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound DB Tables Import/Export allows Reflected XSS. This issue affects DB Tables Import/Export: from n/a through 1.0.1.
2025-03-03
7.1
CVE-2025-27271

andrew_fisher–WOO Codice Fiscale 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in andrew_fisher WOO Codice Fiscale allows Reflected XSS. This issue affects WOO Codice Fiscale: from n/a through 1.6.3.
2025-03-03
7.1
CVE-2025-27275

NotFound–AcuGIS Leaflet Maps 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound AcuGIS Leaflet Maps allows Reflected XSS. This issue affects AcuGIS Leaflet Maps: from n/a through 5.1.1.0.
2025-03-03
7.1
CVE-2025-27278

NotFound–Flashfader 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Flashfader allows Reflected XSS. This issue affects Flashfader: from n/a through 1.1.1.
2025-03-03
7.1
CVE-2025-27279

wegia — wegia 
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Denial of Service (DoS) vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering. The vulnerability is caused by recursive crawling of dynamically generated URLs and insufficient handling of large volumes of requests. This vulnerability is fixed in 3.2.16.
2025-03-03
7.5
CVE-2025-27419

JasonLovesDoggo–abacus 
Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server’s Server-Sent Events (SSE) implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and terminate associated goroutines. This leads to resource exhaustion where the server continues running but eventually stops accepting new SSE connections while maintaining high memory usage. The vulnerability specifically involves improper channel cleanup in the event handling mechanism, causing goroutines to remain blocked indefinitely. This vulnerability is fixed in 1.4.0.
2025-03-03
7.5
CVE-2025-27421

factionsecurity–faction 
FACTION is a PenTesting Report Generation and Collaboration Framework. Authentication is bypassed when an attacker registers a new user with admin privileges. This is possible at any time without any authorization. The request must follow the validation rules (no missing information, secure password, etc) but there are no other controls stopping them. This vulnerability is fixed in 1.4.3.
2025-03-03
7.5
CVE-2025-27422

vim–vim 
Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the “:read” ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used (‘shell’ option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164
2025-03-03
7.1
CVE-2025-27423

NationalSecurityAgency–emissary 
Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases (e.g., SHA-1, CRC32, and SSDEEP). These algorithms, while possibly valid for certain non-security-critical tasks, can expose users to security risks if used in scenarios where strong cryptographic guarantees are required. This issue is fixed in 8.24.0.
2025-03-05
7.5
CVE-2025-27508

open-telemetry–opentelemetry-dotnet 
OpenTelemetry dotnet is a dotnet telemetry framework. A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service (DoS) when a tracestate and traceparent header is received. Even if an application does not explicitly use trace context propagation, receiving these headers can still trigger high CPU usage. This issue impacts any application accessible over the web or backend services that process HTTP requests containing a tracestate header. Application may experience excessive resource consumption, leading to increased latency, degraded performance, or downtime. This vulnerability is fixed in 1.11.2.
2025-03-05
7.5
CVE-2025-27513

SixLabors–ImageSharp 
ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to v3.1.7 or v2.1.10.
2025-03-06
7.5
CVE-2025-27598

xwikisas–application-confluence-migrator-pro 
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7.
2025-03-07
7.5
CVE-2025-27604

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Local Privilege Escalation V-2024-007.
2025-03-05
7.8
CVE-2025-27644

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning (XSPA)/DoS OVE-20230524-0013.
2025-03-05
7.5
CVE-2025-27669

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Debug Bundle Contains Sensitive Data V-2022-003.
2025-03-05
7.5
CVE-2025-27684

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Configuration File Contains CA & Private Key V-2022-001.
2025-03-05
7.5
CVE-2025-27685

backdropcms–Masquerade 
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows people to temporarily switch to another user account. The module provides a “Masquerade as admin” permission to restrict people (who can masquerade) from switching to an account with administrative privileges. This permission is not always honored and may allow non-administrative users to masquerade as an administrator. This vulnerability is mitigated by the fact that an attacker must have a role with the “Masquerade as user” permission.
2025-03-07
7.5
CVE-2025-27822

Back to top

Medium Vulnerabilities

PrimaryVendor — Product
Description
Published
CVSS Score
Source Info

NVIDIA–NVIDIA Hopper HGX 8-GPU 
NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the GPU vBIOS that may allow a malicious actor with tenant level GPU access to write to an unsupported registry causing a bad state. A successful exploit of this vulnerability may lead to denial of service.
2025-03-05
6.8
CVE-2024-0141

averta–Master Slider Responsive Touch Slider 
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ms_slider shortcode in all versions up to, and including, 3.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-05
6.4
CVE-2024-11731

bradvin–FooGallery Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel 
The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the default_gallery_title_size parameter in all versions up to, and including, 2.4.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with granted gallery and album creator roles, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2024-12119

laurencebahiirwa–Years Since Timeless Texts 
The Years Since – Timeless Texts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘years-since’ shortcode in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2024-12460

dasinfomedia–School Management System for WordPress 
The School Management System for WordPress plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter of the ‘mj_smgt_show_event_task’ AJAX action in all versions up to, and including, 92.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Custom-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-07
6.5
CVE-2024-12607

dasinfomedia–School Management System for WordPress 
The School Management System for WordPress plugin for WordPress is vulnerable to SQL Injection via the ‘view-attendance’ page in all versions up to, and including, 92.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query in the mj_smgt_view_student_attendance() function. This makes it possible for authenticated attackers, with Student-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-07
6.5
CVE-2024-12609

pickplugins–Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins 
The Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including 2.0.59. This is due to missing nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-07
6.1
CVE-2024-12634

pickplugins–Wishlist 
The Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wishlist_button’ shortcode in all versions up to, and including, 1.0.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-07
6.4
CVE-2024-12809

zipang–Point Maker 
The Point Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘point_maker’ shortcode in all versions up to, and including, 0.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-05
6.4
CVE-2024-12815

searchiq–SearchIQ The Search Solution 
The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘siq_searchbox’ shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-05
6.4
CVE-2024-13350

croixhaug–Appointment Booking Calendar Simply Schedule Appointments Booking Plugin 
The Appointment Booking Calendar – Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the accent_color and background parameter in all versions up to, and including, 1.6.8.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
2025-03-07
6.1
CVE-2024-13431

xpro–140+ Widgets | Xpro Addons For Elementor FREE 
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.4.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2024-13649

amans2k–SlingBlocks Gutenberg Blocks by FunnelKit (Formerly WooFunnels) 
The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the “Icon List” Block in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2024-13675

averta–Master Slider Responsive Touch Slider 
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ms_layer shortcode in all versions up to, and including, 3.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-05
6.4
CVE-2024-13757

wpcodefactory–Wishlist for WooCommerce: Multi Wishlists Per Customer 
The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or incorrect nonce validation on the ‘save_to_multiple_wishlist’ function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-08
6.1
CVE-2024-13774

heroplugins–Hero Mega Menu – Responsive WordPress Menu Plugin 
The Hero Mega Menu – Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to SQL Injection via several functions in all versions up to, and including, 1.16.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-05
6.5
CVE-2024-13778

heroplugins–Hero Mega Menu – Responsive WordPress Menu Plugin 
The Hero Mega Menu – Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘index’ parameter in all versions up to, and including, 1.16.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
2025-03-05
6.1
CVE-2024-13779

heroplugins–Hero Mega Menu – Responsive WordPress Menu Plugin 
The Hero Mega Menu – Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the hmenu_delete_menu() function in all versions up to, and including, 1.16.5. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server.
2025-03-05
6.5
CVE-2024-13780

Hero Plugins–Hero Maps Premium 
The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-07
6.5
CVE-2024-13781

saadiqbal–Advanced File Manager Ultimate WordPress File Manager and Document Library Plugin 
The Advanced File Manager – Ultimate WordPress File Manager and Document Library Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.2.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Administrator, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
2025-03-07
6.4
CVE-2024-13805

heroplugins–Hero Slider – WordPress Slider Plugin 
The Hero Slider – WordPress Slider Plugin plugin for WordPress is vulnerable to SQL Injection via several parameters in all versions up to, and including, 1.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-05
6.5
CVE-2024-13809

Themographics–Listingo 
The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.7. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
2025-03-05
6.5
CVE-2024-13815

razorpay–Razorpay Subscription Button Elementor Plugin 
The Razorpay Subscription Button Elementor Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg() and remove_query_arg() functions without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
2025-03-05
6.1
CVE-2024-13827

richardgabriel–Staff Directory Plugin: Company Directory 
The Staff Directory Plugin: Company Directory plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
2025-03-05
6.1
CVE-2024-13839

appsbd–Simple Notification 
The Simple Notification plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
2025-03-05
6.4
CVE-2024-13866

Unknown–URL Shortener | Conversion Tracking | AB Testing | WooCommerce 
The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
2025-03-06
6.1
CVE-2024-13868

katsushi-kawamori–Moving Media Library 
The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the generate_json_page function in all versions up to, and including, 1.22. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
2025-03-06
6.5
CVE-2024-13897

Apache Software Foundation–Apache StreamPipes 
Improper privilege management in a REST interface allowed registered users to access unauthorized resources if the resource ID was know. This issue affects Apache StreamPipes: through 0.95.1. Users are recommended to upgrade to version 0.97.0 which fixes the issue.
2025-03-03
6.5
CVE-2024-24778

Apache Software Foundation–Apache Traffic Server 
Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.
2025-03-06
6.3
CVE-2024-38311

gnu — grub2 
A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It’s possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.
2025-03-03
6.7
CVE-2024-45780

gnu — grub2 
A flaw was found in the HFS filesystem. When reading an HFS volume’s name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name’s length. This issue may read to a heap-based out-of-bounds writer, impacting grub’s sensitive data integrity and eventually leading to a secure boot protection bypass.
2025-03-03
6.7
CVE-2024-45782

Axis Communications AB–AXIS OS 
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API mediaclip.cgi did not have a sufficient input validation allowing for uploading more audio clips then designed resulting in the Axis device running out of memory.  Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
2025-03-04
6.5
CVE-2024-47260

Apache Software Foundation–Apache Traffic Server 
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.
2025-03-06
6.3
CVE-2024-56195

Apache Software Foundation–Apache Traffic Server 
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 10.0.4, which fixes the issue.
2025-03-06
6.3
CVE-2024-56196

cipherdevgroup–WP Featherlight A Simple jQuery Lightbox 
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin’s bundled Featherlight.js JavaScript library (versions 1.7.13 to 1.7.14) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-05
6.4
CVE-2024-5667

Microsoft–HoloLens 
The pairing API request handler in Microsoft HoloLens 1 (Windows Holographic) through 10.0.17763.3046 and HoloLens 2 (Windows Holographic) through 10.0.22621.1244 allows remote attackers to cause a Denial of Service (resource consumption and device unusability) by sending many requests through the Device Portal framework.
2025-03-06
6.5
CVE-2024-57972

huawei — harmonyos 
Permission management vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
2025-03-04
6.2
CVE-2024-58046

huawei — harmonyos 
Multi-thread problem vulnerability in the package management module Impact: Successful exploitation of this vulnerability may affect availability.
2025-03-04
6.7
CVE-2024-58048

huawei — harmonyos 
Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
2025-03-04
6.2
CVE-2024-58050

prolizyazilim — student_affairs_information_system 
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Proliz Software OBS allows Path Traversal.This issue affects OBS: before 24.0927.
2025-03-03
6.2
CVE-2024-8262

master-addons — master_addons 
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.0.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-04
6.4
CVE-2024-9618

ServiceNow–Now Platform 
ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise would not be entitled to access. This issue is addressed in the listed patches and family release, which have been made available to hosted and self-hosted customers, as well as partners.
2025-03-06
6.5
CVE-2025-0337

vanokhin — shortcodes_ultimate 
The WP Shortcodes Plugin – Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘src’ parameter in all versions up to, and including, 7.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-04
6.4
CVE-2025-0370

master-addons — master_addons 
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-04
6.4
CVE-2025-0433

wpsc-plugin — structured_content 
The Structured Content (JSON-LD) #wpsc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s sc_fs_local_business shortcode in all versions up to, and including, 6.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-04
6.4
CVE-2025-0512

gnu — grub2 
A flaw was found in grub2. When reading data from a squash4 filesystem, grub’s squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub’s internal critical data and may result in arbitrary code execution, by-passing secure boot protections.
2025-03-03
6.4
CVE-2025-0678

Red Hat–Red Hat 
A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub’s reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_reiserfs_read_symlink() will call grub_reiserfs_read_real() with a overflown length parameter, leading to a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub’s internal critical data and can result in arbitrary code execution, by-passing secure boot protections.
2025-03-03
6.4
CVE-2025-0684

Red Hat–Red Hat 
A flaw was found in grub2. When reading data from a jfs filesystem, grub’s jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffer length during grub_jfs_read_file(). This issue can be leveraged to corrupt grub’s internal critical data and may result in arbitrary code execution, by-passing secure boot protections.
2025-03-03
6.4
CVE-2025-0685

Red Hat–Red Hat 
A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub’s romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds writes when the calling grub_disk_read() function. This issue may be leveraged to corrupt grub’s internal critical data and can result in arbitrary code execution by-passing secure boot protections.
2025-03-03
6.4
CVE-2025-0686

Red Hat–Red Hat 
When reading data from disk, the grub’s UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections.
2025-03-03
6.4
CVE-2025-0689

flexmls–Flexmls IDX Plugin 
The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘idx_frame’ shortcode in all versions up to, and including, 3.14.27 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-07
6.4
CVE-2025-0863

futuredesigngrp–WP Online Contract 
The WP Online Contract plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the json_import() and json_export() functions in all versions up to, and including, 5.1.4. This makes it possible for unauthenticated attackers to import and export the plugin’s settings.
2025-03-05
6.5
CVE-2025-0954

worldweb–Recently Purchased Products For Woo 
The Recently Purchased Products For Woo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘view’ parameter in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-05
6.4
CVE-2025-1008

Google–ChromeOS 
Privilege escalation in Installer and Recovery image handling in Google ChromeOS 123.0.6312.112 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image.
2025-03-07
6.8
CVE-2025-1121

Red Hat–Red Hat 
When reading data from a hfs filesystem, grub’s hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub’s internal critical data and may result in arbitrary code execution by-passing secure boot protections.
2025-03-03
6.4
CVE-2025-1125

devitemsllc–HT Mega Absolute Addons For Elementor 
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin’s Countdown widget in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability exists due to an incomplete fix for CVE-2024-3307.
2025-03-08
6.4
CVE-2025-1261

posimyththemes–The Plus Addons for Elementor Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce 
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown, Syntax Highlighter, and Page Scroll widgets in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2025-1287

mtrv — teachpress 
The teachPress plugin for WordPress is vulnerable to SQL Injection via the ‘order’ parameter of the ‘tpsearch’ shortcode in all versions up to, and including, 9.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-04
6.5
CVE-2025-1321

wppost–WP-Recall Registration, Profile, Commerce & More 
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘public-form’ shortcode in all versions up to, and including, 16.26.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2025-1324

wppost–WP-Recall Registration, Profile, Commerce & More 
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to arbitrary shortcode execution due to a missing capability check on the ‘rcl_preview_post’ AJAX endpoint in all versions up to, and including, 16.26.10. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.
2025-03-08
6.3
CVE-2025-1325

johnjamesjacoby–bbPress 
The bbPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.11. This is due to missing or incorrect nonce validation on the bbp_user_add_role_on_register() function. This makes it possible for unauthenticated attackers to elevate their privileges to that of a bbPress Keymaster via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Rather than implementing a nonce check to provide protection against this vulnerability, which would break functionality, the plugin no longer makes it possible to select a role during registration.
2025-03-05
6.3
CVE-2025-1435

mandooox–Shortcode Cleaner Lite 
The Shortcode Cleaner Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_backup() function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to export arbitrary options.
2025-03-08
6.5
CVE-2025-1481

wpdevteam–Essential Blocks Page Builder Gutenberg Blocks, Patterns & Templates 
The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Parallax slider in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2025-1664

cifi–SEO Plugin by Squirrly SEO 
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to blind SQL Injection via the ‘search’ parameter in all versions up to, and including, 12.4.05 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-07
6.5
CVE-2025-1768

kometschuh–Gallery Styles 
The Gallery Styles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery Block in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
2025-03-08
6.4
CVE-2025-1783

n/a–Mini-Tmall 
A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20250211. This issue affects the function select of the file com/xq/tmall/dao/ProductMapper.java. The manipulation of the argument orderBy leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
6.3
CVE-2025-1843

ESAFENET–CDG 
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5.6.3.154.205_20250114. Affected is an unknown function of the file /CDGServer3/logManagement/backupLogDetail.jsp. The manipulation of the argument logTaskId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
6.3
CVE-2025-1844

ESAFENET–DSM 
A vulnerability has been found in ESAFENET DSM 3.1.2 and classified as critical. Affected by this vulnerability is the function examExportPDF of the file /admin/plan/examExportPDF. The manipulation of the argument s leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
6.3
CVE-2025-1845

zj1983–zz 
A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
6.3
CVE-2025-1847

zj1983–zz 
A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /import_data_check. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
6.3
CVE-2025-1848

zj1983–zz 
A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /import_data_todb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
6.3
CVE-2025-1849

Codezips–Gym Management System 
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/del_member.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
6.3
CVE-2025-1854

PHPGurukul–Online Shopping Portal 
A vulnerability was found in PHPGurukul Online Shopping Portal 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /product-details.php. The manipulation of the argument quality/price/value/name/summary/review leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-03
6.3
CVE-2025-1855

Famatech Corp–Advanced IP Scanner 
Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by intercepting network traffic to a legitimate server or by setting up a fake server, in both local and remote scenarios. This exposure is relevant for both HTTP/HTTPS and SMB protocols.
2025-03-03
6.8
CVE-2025-1868

dlink — dap-1562_firmware 
A vulnerability, which was classified as critical, was found in D-Link DAP-1562 1.10. This affects the function pure_auth_check of the component HTTP POST Request Handler. The manipulation of the argument a1 leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
2025-03-03
6.5
CVE-2025-1877

shishuocms_project — shishuocms 
A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability affects the function handleRequest of the file src/main/java/com/shishuo/cms/action/manage/ManageUpLoadAction.java. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.3
CVE-2025-1890

tenda — tx3_firmware 
A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.5
CVE-2025-1895

tenda — tx3_firmware 
A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.5
CVE-2025-1896

tenda — tx3_firmware 
A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.5
CVE-2025-1897

tenda — tx3_firmware 
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.5
CVE-2025-1898

tenda — tx3_firmware 
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.5
CVE-2025-1899

Google–Chrome 
Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium)
2025-03-05
6.5
CVE-2025-1921

Mozilla–Firefox 
It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
6.5
CVE-2025-1934

Mozilla–Firefox 
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
6.5
CVE-2025-1938

Mozilla–Firefox 
When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136.
2025-03-04
6.5
CVE-2025-1942

hzmanyun–Education and Training System 
A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.3
CVE-2025-1946

hzmanyun–Education and Training System 
A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.3
CVE-2025-1947

aaluoxiang–oa_system 
A vulnerability, which was classified as critical, has been found in aaluoxiang oa_system 1.0. This issue affects some unknown processing of the file src/main/resources/mappers/address-mapper.xml. The manipulation of the argument outtype leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
6.3
CVE-2025-1958

SourceCodester–Best Church Management Software 
A vulnerability has been found in SourceCodester Best Church Management Software 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/web_crud.php. The manipulation of the argument encryption leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
2025-03-04
6.3
CVE-2025-1961

n/a–ray 
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging. If the redis password is passed as an argument, it will be logged and could potentially leak the password. This is only exploitable if: 1) Logging is enabled; 2) Redis is using password authentication; 3) Those logs are accessible to an attacker, who can reach that redis instance. **Note:** It is recommended that anyone who is running in this configuration should update to the latest version of Ray, then rotate their redis password.
2025-03-06
6.4
CVE-2025-1979

n/a–ChestnutCMS 
A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2031

code-projects–Blood Bank Management System 
A vulnerability, which was classified as critical, was found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /user_dashboard/view_donor.php. The manipulation of the argument donor_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2033

s-a-zhd–Ecommerce-Website-using-PHP 
A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /customer_register.php. The manipulation of the argument name leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2035

s-a-zhd–Ecommerce-Website-using-PHP 
A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0. It has been classified as critical. This affects an unknown part of the file details.php. The manipulation of the argument pro_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2036

code-projects–Blood Bank Management System 
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /user_dashboard/delete_requester.php. The manipulation of the argument requester_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2037

zhijiantianya–ruoyi-vue-pro 
A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special elements used in a template engine. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2040

s-a-zhd–Ecommerce-Website-using-PHP 
A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functionality of the file /shop.php. The manipulation of the argument p_cat leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2041

SourceCodester–Best Employee Management System 
A vulnerability was found in SourceCodester Best Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/print1.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
6.3
CVE-2025-2046

PHPGurukul–Apartment Visitors Management System 
A vulnerability has been found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-visitor.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
6.3
CVE-2025-2051

PHPGurukul–Apartment Visitors Management System 
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /forgot-password.php. The manipulation of the argument contactno leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
6.3
CVE-2025-2052

PHPGurukul–Apartment Visitors Management System 
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /visitor-detail.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
6.3
CVE-2025-2053

MediaTek, Inc.–MT6880, MT6890, MT6980, MT6990, MT7663, MT7902, MT7925, MT7927, MT7961 
In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00396437; Issue ID: MSV-2184.
2025-03-03
6.5
CVE-2025-20649

MediaTek, Inc.–MT2737, MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6880, MT6886, MT6890, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8370, MT8390, MT8676, MT8678 
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2061.
2025-03-03
6.8
CVE-2025-20650

Samsung Mobile–Samsung Mobile Devices 
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting.
2025-03-06
6.5
CVE-2025-20908

Samsung Mobile–Samsung Mobile Devices 
Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery.
2025-03-06
6.2
CVE-2025-20910

Samsung Mobile–Samsung Mobile Devices 
Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch.
2025-03-06
6.2
CVE-2025-20912

TOTOLINK–EX1800T 
A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliKey/key leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
6.3
CVE-2025-2094

TOTOLINK–EX1800T 
A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
6.3
CVE-2025-2095

TOTOLINK–EX1800T 
A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mode/week/minute/recHour leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
6.3
CVE-2025-2096

GMOD–Apollo 
GMOD Apollo does not have sufficient logical or access checks when updating a user’s information. This could result in an attacker being able to escalate privileges for themselves or others.
2025-03-05
6.5
CVE-2025-21092

user-xiangpeng–yaoqishan 
A vulnerability was found in user-xiangpeng yaoqishan up to a47fec4a31cbd13698c592dfdc938c8824dd25e4. It has been declared as critical. Affected by this vulnerability is the function getMediaLisByFilter of the file cn/javaex/yaoqishan/service/media_info/MediaInfoService.java. The manipulation of the argument typeId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-08
6.3
CVE-2025-2112

zzskzy–Warehouse Refinement Management System 
A vulnerability, which was classified as critical, was found in zzskzy Warehouse Refinement Management System 3.1. Affected is the function ProcessRequest of the file /AcceptZip.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
6.3
CVE-2025-2115

Beijing Founder Electronics–Founder Enjoys All-Media Acquisition and Editing System 
A vulnerability was found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as critical. Affected by this issue is the function electricDocList of the file /newsedit/report/reportCenter.do. The manipulation of the argument fvID/catID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
6.3
CVE-2025-2117

Thinkware–Car Dashcam F800 Pro 
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
6.3
CVE-2025-2121

JoomlaUX–JUX Real Estate 
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. This issue affects some unknown processing of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties of the component GET Parameter Handler. The manipulation of the argument title leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
6.3
CVE-2025-2126

radicaldesigns–radSLIDE 
Missing Authorization vulnerability in radicaldesigns radSLIDE allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects radSLIDE: from n/a through 2.1.
2025-03-03
6.3
CVE-2025-23440

NotFound–RSVP ME 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound RSVP ME allows Stored XSS. This issue affects RSVP ME: from n/a through 1.9.9.
2025-03-03
6.5
CVE-2025-23480

tsecher–ts-tree 
Missing Authorization vulnerability in tsecher ts-tree allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ts-tree: from n/a through 0.1.1.
2025-03-03
6.5
CVE-2025-23515

NotFound–DZS Ajaxer Lite 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound DZS Ajaxer Lite allows Stored XSS. This issue affects DZS Ajaxer Lite: from n/a through 1.04.
2025-03-03
6.5
CVE-2025-23579

NotFound–WP Journal 
Missing Authorization vulnerability in NotFound WP Journal allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Journal: from n/a through 1.1.
2025-03-03
6.5
CVE-2025-23613

NotFound–Interactive Page Hierarchy 
Missing Authorization vulnerability in NotFound Interactive Page Hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Interactive Page Hierarchy: from n/a through 1.0.1.
2025-03-03
6.5
CVE-2025-23615

Alex Volkov–WAH Forms 
Missing Authorization vulnerability in Alex Volkov WAH Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WAH Forms: from n/a through 1.0.
2025-03-03
6.5
CVE-2025-23763

NotFound–Woo Update Variations In Cart 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Woo Update Variations In Cart allows Stored XSS. This issue affects Woo Update Variations In Cart: from n/a through 0.0.9.
2025-03-03
6.5
CVE-2025-23829

NotFound–UniTimetable 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound UniTimetable allows Stored XSS. This issue affects UniTimetable: from n/a through 1.1.
2025-03-03
6.5
CVE-2025-25084

NotFound–Like dislike plus counter 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Like dislike plus counter allows Stored XSS. This issue affects Like dislike plus counter: from n/a through 1.0.
2025-03-03
6.5
CVE-2025-25115

NotFound–RJ Quickcharts 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound RJ Quickcharts allows Stored XSS. This issue affects RJ Quickcharts: from n/a through 0.6.1.
2025-03-03
6.5
CVE-2025-25131

NotFound–Social Links 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Social Links allows Stored XSS. This issue affects Social Links: from n/a through 1.0.11.
2025-03-03
6.5
CVE-2025-25137

n/a–n/a 
A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src leads to stack-based buffer overflow.
2025-03-05
6.5
CVE-2025-25634

reprisesoftware — license_manager 
Reprise License Manager 14.2 is vulnerable to reflected cross-site scripting in /goform/activate_process via the akey parameter.
2025-03-03
6.1
CVE-2025-25939

n/a–n/a 
An Insecure Direct Object References (IDOR) in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request.
2025-03-03
6.5
CVE-2025-25952

n/a–n/a 
An issue in xxyopen novel plus v.4.4.0 and before allows a remote attacker to execute arbitrary code via the PageController.java file
2025-03-04
6.5
CVE-2025-26182

n/a–n/a 
t0mer BroadlinkManager v5.9.1 was discovered to contain an OS command injection vulnerability via the IP Address parameter at /device/ping.
2025-03-04
6.5
CVE-2025-26320

matrix-org–pinecone 
Pinecone is an experimental overlay routing protocol suite which is the foundation of the current P2P Matrix demos. The Pinecone Simulator (pineconesim) included in Pinecone up to commit ea4c337 is vulnerable to stored cross-site scripting. The payload storage is not permanent and will be wiped when restarting pineconesim.
2025-03-04
6.1
CVE-2025-27155

OpenID–OpenID Connect 
OpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations. When the private_key_jwt authentication mechanism is used, a malicious Authorization Server could trick a Client into writing attacker-controlled values into the audience, including token endpoints or issuer identifiers of other Authorization Servers. The malicious Authorization Server could then use these private key JWTs to impersonate the Client.
2025-03-03
6.9
CVE-2025-27370

IETF–RFC 7523 
In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 9101 (JAR), and RFC 9126 (PAR).
2025-03-03
6.9
CVE-2025-27371

redaxo–redaxo 
REDAXO is a PHP-based CMS. In Redaxo from 5.0.0 through 5.18.2, the rex-api-result parameter is vulnerable to Reflected cross-site scripting (XSS) on the page of AddOns. This vulnerability is fixed in 5.18.3.
2025-03-05
6.1
CVE-2025-27412

wegia — wegia 
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the processa_edicao_socio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the socio_nome parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.10.
2025-03-03
6.1
CVE-2025-27499

huawei — harmonyos 
Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
2025-03-04
6.8
CVE-2025-27521

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Cross-Site Scripting V-2024-016.
2025-03-05
6.1
CVE-2025-27637

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Preauthenticated Cross Site Scripting (XSS): Badge Registration V-2023-012.
2025-03-05
6.1
CVE-2025-27653

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Cross Site Scripting (XSS) V-2023-017.
2025-03-05
6.1
CVE-2025-27654

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cross-Site Scripting in Reports V-2023-002.
2025-03-05
6.1
CVE-2025-27676

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cross-Site Scripting in Badge Registration V-2023-005.
2025-03-05
6.1
CVE-2025-27679

backdropcms–Mail Disguise 
An issue was discovered in the Mail Disguise module before 1.x-1.0.5 for Backdrop CMS. It enables a website to obfuscate email addresses, and should prevent spambots from collecting them. The module doesn’t sufficiently validate the data attribute value on links, potentially leading to a Cross Site Scripting (XSS) vulnerability. This is mitigated by the fact an attacker must be able to insert link (<a>) HTML elements containing data attributes into the page.
2025-03-07
6.4
CVE-2025-27823

backdropcms–Link iframe formatter 
An XSS issue was discovered in the Link iframe formatter module before 1.x-1.1.1 for Backdrop CMS. It doesn’t sufficiently sanitize input before displaying results to the screen. This vulnerability is mitigated by the fact that an attacker must have the ability to create content containing an iFrame field.
2025-03-07
6.4
CVE-2025-27824

backdropcms–Bootstrap 5 Lite theme 
An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1.0.3 for Backdrop CMS. It doesn’t sufficiently sanitize certain class names.
2025-03-07
6.4
CVE-2025-27825

backdropcms–Bootstrap Lite theme 
An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn’t sufficiently sanitize certain class names.
2025-03-07
6.4
CVE-2025-27826

Espressif–ESP32 
Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).
2025-03-08
6.8
CVE-2025-27840

IBM–Control Center 
IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
2025-03-07
5.4
CVE-2023-35894

IBM–Control Center 
IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with.
2025-03-07
5.3
CVE-2023-43052

n/a–n/a 
Directory Traversal (Local File Inclusion) vulnerability in Tikit (now Advanced) eMarketing platform 6.8.3.0 allows a remote attacker to read arbitrary files and obtain sensitive information via a crafted payload to the filename parameter to the OpenLogFile endpoint.
2025-03-03
5.1
CVE-2023-49031

GitLab–GitLab 
A vulnerability in GitLab-EE affecting all versions from 16.2 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows a Guest user to read Security policy YAML
2025-03-03
5.3
CVE-2024-10925

codeatlantic–Content Control The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More 
The Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.0 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as logged-in users.
2025-03-05
5.3
CVE-2024-11153

Imagination Technologies–Graphics DDK 
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output.
2025-03-07
5.5
CVE-2024-12576

dasinfomedia–School Management System for WordPress 
The School Management System for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘mj_smgt_remove_feetype’ and ‘mj_smgt_remove_category_new’ AJAX actions in all versions up to, and including, 93.0.0. This makes it possible for unauthenticated attackers to delete arbitrary posts.
2025-03-07
5.3
CVE-2024-12610

dasinfomedia–School Management System for WordPress 
The School Management System for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 93.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
2025-03-07
5.3
CVE-2024-12611

WAGO–CC100 0751-9×01 
An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.
2025-03-05
5.4
CVE-2024-12650

QNAP Systems Inc.–QTS 
An exposure of sensitive information vulnerability has been reported to affect product. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: QTS 5.2.0.2851 build 20240808 and later QuTS hero h5.2.0.2851 build 20240808 and later
2025-03-07
5.3
CVE-2024-13086

silkalns–Sparkling 
The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check on the ‘sparkling_activate_plugin’ and ‘sparkling_deactivate_plugin’ functions in versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to activate/deactivate arbitrary plugins.
2025-03-05
5.3
CVE-2024-13423

tychesoftwares–Print Invoice & Delivery Notes for WooCommerce 
The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.4.1 via the ‘wcdn/invoice’ directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/wcdn/invoice directory which can contain invoice files if an email attachment setting is enabled.
2025-03-08
5.9
CVE-2024-13640

Unknown–Admin and Site Enhancements (ASE) 
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10.
2025-03-04
5.3
CVE-2024-13685

CodeRevolution–Aiomatic – Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit 
The Aiomatic – Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update and delete posts, list and delete batches, list assistant uploaded files, delete personas, delete forms, delete templates, and clear logs. The vulnerability was partially patched in version 2.3.5.
2025-03-08
5.4
CVE-2024-13816

davidanderson–WPGet API Connect to any external REST API 
The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.
2025-03-07
5.5
CVE-2024-13857

platformlycom–Platform.ly for WooCommerce 
The Platform.ly for WooCommerce plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.6 via the ‘hooks’ function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
2025-03-07
5.3
CVE-2024-13904

fancywp–Starter Templates by FancyWP 
The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the ‘http_request_host_is_external’ filter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
2025-03-08
5.3
CVE-2024-13924

HCL Software–HCL SX 
HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
2025-03-03
5.3
CVE-2024-30154

qualcomm — 315_5g_iot_firmware 
While processing the authentication message in UE, improper authentication may lead to information disclosure.
2025-03-03
5.4
CVE-2024-38426

qualcomm — aqt1000_firmware 
Information disclosure while deriving keys for a session for any Widevine use case.
2025-03-03
5.5
CVE-2024-43051

qualcomm — aqt1000_firmware 
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
2025-03-03
5.5
CVE-2024-43056

Axis Communications AB–AXIS OS 
Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Other API endpoints or services not making use of param.cgi are not affected. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
2025-03-04
5.3
CVE-2024-47262

n/a–n/a 
Vehicle Management System 1.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the “Name” parameter of /vehicle-management/booking.php.
2025-03-05
5.4
CVE-2024-48246

QNAP Systems Inc.–QTS 
An improper neutralization of CRLF sequences (‘CRLF Injection’) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify application data. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later
2025-03-07
5.5
CVE-2024-50405

n/a–n/a 
Cross Site Scripting vulnerability in seajs v.2.2.3 allows a remote attacker to execute arbitrary code via the seajs package
2025-03-03
5.4
CVE-2024-51091

qualcomm — fastconnect_7800_firmware 
Transient DOS can occur while processing UCI command.
2025-03-03
5.5
CVE-2024-53025

n/a–n/a 
A DOM Clobbering vulnerability in tsup v8.3.4 allows attackers to execute arbitrary code via a crafted script in the import.meta.url to document.currentScript in cjs_shims.js components
2025-03-03
5.1
CVE-2024-53384

IBM–Business Automation Workflow 
IBM Business Automation Workflow and IBM Business Automation Workflow Enterprise Service Bus 24.0.0, 24.0.1 and earlier unsupported versions are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
2025-03-03
5.4
CVE-2024-54179

easyvirt — dc_netscope 
Multiple cross-site scripting (XSS) vulnerabilities in EasyVirt DC NetScope <= 8.6.4 allow remote attackers to inject arbitrary JavaScript or HTML code via the (1) smtp_server, (2) smtp_account, (3) smtp_password, or (4) email_recipients parameter to /smtp/update; the (5) ntp or (6) dns parameter to /proxy/ntp/change; the (7) newVcenterAddress parameter to /process_new_vcenter.
2025-03-03
5.4
CVE-2024-55064

n/a–n/a 
/api/user/users in the web GUI for the Cubro EXA48200 network packet broker (build 20231025055018) fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access control.
2025-03-03
5.4
CVE-2024-55570

n/a–n/a 
A Cross-Site Scripting (XSS) vulnerability in the Rendering Engine component in Apryse WebViewer v11.1 and earlier allows attackers to execute arbitrary code via a crafted PDF file.
2025-03-03
5.4
CVE-2024-57240

huawei — harmonyos 
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
2025-03-04
5
CVE-2024-58047

huawei — harmonyos 
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
2025-03-04
5
CVE-2024-58049

Arista Networks–EOS 
On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restart. Note: supplicants with pending captive-portal authentication during ASU would be impacted with this bug.
2025-03-04
5.3
CVE-2024-8000

gitlab — gitlab 
An issue has been discovered in GitLab CE/EE affecting all versions from 16.6 before 17.7.6, 17.8 before 17.8.4, and 17.9 before 17.9.1. An attacker could inject HMTL into the child item search potentially leading to XSS in certain situations.
2025-03-03
5.4
CVE-2024-8186

prolizyazilim — student_affairs_information_system 
Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OBS: before 24.0927.
2025-03-03
5.9
CVE-2024-8261

https://themeforest.net/item/jnews-one-stop-solution-for-web-publishing/20566392–JNews – WordPress Newspaper Magazine Blog AMP Theme 
The JNews – WordPress Newspaper Magazine Blog AMP Theme theme for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 11.6.6. This is due to the plugin not properly validate if the user can register option is enabled prior to creating a user though the register_handler() function. This makes it possible for unauthenticated attackers to register as a user even when user registration is disabled.
2025-03-05
5.3
CVE-2024-8682

Arista Networks–EOS 
On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.
2025-03-04
5.3
CVE-2024-9135

Paragon Software–Paragon Partition Manager 
Paragon Partition Manager version 7.9.1 contains a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation.
2025-03-03
5.1
CVE-2025-0287

auctionplugin — ultimate_auction 
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 4.2.9. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary auctions, posts as well as pages and allows them to execute other actions related to auction handling.
2025-03-04
5.4
CVE-2025-0958

ninjateam–Notibar Notification Bar for WordPress 
The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
2025-03-06
5.5
CVE-2025-1672

f5 — nginx 
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service (DoS).  There is no control plane exposure; this is a data plane issue only.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
2025-03-04
5.3
CVE-2025-1695

zj1983–zz 
A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
5.4
CVE-2025-1846

i-drive — i11_firmware 
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.
2025-03-03
5
CVE-2025-1882

n/a–Open5GS 
A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amf_nsmf_pdusession_handle_update_sm_context of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. This vulnerability allows a single UE to crash the AMF, resulting in the complete loss of mobility and session management services and causing a network-wide outage. All registered UEs will lose connectivity, and new registrations will be blocked until the AMF is restarted, leading to a high availability impact. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
2025-03-04
5.3
CVE-2025-1925

GMOD–Apollo 
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure
2025-03-05
5.3
CVE-2025-20002

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read.
2025-03-04
5.5
CVE-2025-20042

MicroDicom–DICOM Viewer 
A vulnerability was found in MicroDicom DICOM Viewer 2025.1 Build 3321. It has been classified as critical. Affected is an unknown function of the file mDicom.exe. The manipulation leads to memory corruption. The attack needs to be approached locally. It is recommended to upgrade the affected component. The vendor quickly confirmed the existence of the vulnerability and fixed it in the latest beta.
2025-03-06
5.3
CVE-2025-2029

MediaTek, Inc.–MT2718, MT6879, MT6989, MT8196, MT8370, MT8390, MT8395, MT8673, MT8678 
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09456673; Issue ID: MSV-2584.
2025-03-03
5.5
CVE-2025-20648

StarSea99–starsea-mall 
A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
5.4
CVE-2025-2089

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20913

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20914

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20915

Samsung Mobile–Samsung Notes 
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20916

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20917

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20918

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20919

Samsung Mobile–Samsung Notes 
Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20920

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20921

Samsung Mobile–Samsung Notes 
Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20922

Samsung Mobile–Samsung Notes 
Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory.
2025-03-06
5.5
CVE-2025-20925

Samsung Mobile–Samsung My Files 
Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files’ privilege.
2025-03-06
5.5
CVE-2025-20926

Samsung Mobile–Samsung Notes 
Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20927

Samsung Mobile–Samsung Notes 
Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20928

Samsung Mobile–Samsung Notes 
Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20930

Samsung Mobile–Samsung Notes 
Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20932

Samsung Mobile–Samsung Notes 
Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
2025-03-06
5.5
CVE-2025-20933

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check.
2025-03-04
5.5
CVE-2025-21098

n/a–Mage AI 
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it.
2025-03-09
5.6
CVE-2025-2129

Eaton–Foreseer Reporting Software (FRS) 
Secure flag not set and SameSIte was set to Lax in the Foreseer Reporting Software (FRS). Absence of this secure flag could lead into the session cookie being transmitted over unencrypted HTTP connections. This security issue has been resolved in the latest version of FRS v1.5.100.
2025-03-05
5.6
CVE-2025-22493

Century Systems Co., Ltd.–FutureNet AS-250/S 
Buffer overflow vulnerability exists in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request.
2025-03-03
5.3
CVE-2025-25280

envoyproxy–gateway 
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. In all Envoy Gateway versions prior to 1.2.7 and 1.3.1 a default Envoy Proxy access log configuration is used. This format is vulnerable to log injection attacks. If the attacker uses a specially crafted user-agent which performs json injection, then he could add and overwrite fields to the access log. This vulnerability is fixed in 1.3.1 and 1.2.7. One can overwrite the old text based default format with JSON formatter by modifying the “EnvoyProxy.spec.telemetry.accessLog” setting.
2025-03-06
5.3
CVE-2025-25294

n/a–n/a 
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to escalate privileges via the deactivation of the activated second factor to the /session endpoint
2025-03-06
5.1
CVE-2025-25450

n/a–n/a 
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a physically proximate attacker to escalate privileges via the “2fa_authorized” Local Storage key
2025-03-06
5.1
CVE-2025-25451

n/a–n/a 
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to escalate privileges via the “/user” endpoint
2025-03-06
5.1
CVE-2025-25452

n/a–n/a 
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update.
2025-03-03
5.4
CVE-2025-25949

Microsoft–Microsoft Edge (Chromium-based) 
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
2025-03-07
5.4
CVE-2025-26643

djangoproject–Django 
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings.
2025-03-06
5
CVE-2025-26699

Enalean–tuleap 
Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading to potential information loss. The display time attribute for the date field, the size attribute for the multiselectbox field, the default value, number of rows, and columns attributes for the text field, and the default value, size, and max characters attributes for the string field configurations are lost when added as criteria in a saved report. Additionally, in Tuleap Community Edition versions 16.4.99.1739806825 to 16.4.99.1739877910, this issue could be exploited to prevent access to tracker data by triggering a crash. This vulnerability has been fixed in Tuleap Community Edition 16.4.99.1739877910 and Tuleap Enterprise Edition 16.3-9 and 16.4-4.
2025-03-03
5.4
CVE-2025-27094

Enalean–tuleap 
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The password to connect the Redis instance is not purged from the archive generated with tuleap collect-system-data. These archives are likely to be used by support teams that should not have access to this password. The vulnerability is fixed in Tuleap Community Edition 16.4.99.1740492866 and Tuleap Enterprise Edition 16.4-6 and 16.3-11.
2025-03-04
5.3
CVE-2025-27150

ruby-lang — cgi 
In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies.
2025-03-04
5.8
CVE-2025-27219

winking–Affiliate Links Manager 
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in winking Affiliate Links Manager allows Reflected XSS. This issue affects Affiliate Links Manager: from n/a through 1.0.
2025-03-03
5.8
CVE-2025-27273

redaxo–redaxo 
REDAXO is a PHP-based CMS. In Redaxo before 5.18.3, the mediapool/media page is vulnerable to arbitrary file upload. This vulnerability is fixed in 5.18.3.
2025-03-05
5.4
CVE-2025-27411

Mozilla–Firefox for iOS 
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox for iOS < 136.
2025-03-04
5.4
CVE-2025-27426

nocodb–nocodb 
NocoDB is software for building databases as spreadsheets. The API endpoint related to the password reset function is vulnerable to Reflected Cross-Site-Scripting. The endpoint /api/v1/db/auth/password/reset/:tokenId is vulnerable to Reflected Cross-Site-Scripting. The flaw occurs due to implementation of the client-side template engine ejs, specifically on file resetPassword.ts where the template is using the insecure function “<%-“, which is rendered by the function renderPasswordReset. This vulnerability is fixed in 0.258.0.
2025-03-06
5.4
CVE-2025-27506

Bitaxe–ESP-MIner 
In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/system CSRF attack to update the payout address (aka stratumUser) for a Bitaxe Bitcoin miner, or change the frequency and voltage settings.
2025-03-03
5.4
CVE-2025-27579

n/a–n/a 
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update.
2025-03-03
5.4
CVE-2025-27584

n/a–n/a 
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Print Name parameter at /rest/staffResource/update.
2025-03-03
5.4
CVE-2025-27585

Jenkins Project–Jenkins 
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets (e.g., Build Queue and Build Executor Status widgets).
2025-03-05
5.4
CVE-2025-27624

n/a–n/a 
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cross Site Scripting OVE-20230524-0003.
2025-03-05
5.4
CVE-2025-27660

MariaDB–MariaDB 
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.
2025-03-08
4.9
CVE-2023-52968

MariaDB–MariaDB 
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.
2025-03-08
4.9
CVE-2023-52969

MariaDB–MariaDB 
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
2025-03-08
4.9
CVE-2023-52970

MariaDB–MariaDB 
MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.
2025-03-08
4.9
CVE-2023-52971

themesgrove–All-in-One Addons for Elementor WidgetKit 
The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.4 in elements/advanced-tab/template/view.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.
2025-03-08
4.3
CVE-2024-10321

rometheme–RomethemeKit For Elementor 
The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_options and reset_widgets functions in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify plugin settings or reset plugin widgets to their default state (all enabled). NOTE: This vulnerability was partially fixed in version 1.5.3.
2025-03-08
4.3
CVE-2024-10326

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-10904

bradvin–FooGallery Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel 
The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.29 via the foogallery_attachment_modal_save AJAX action due to missing validation on a user controlled key (img_id). This makes it possible for authenticated attackers, with granted access and above, to update arbitrary post and page content. This requires the Gallery Creator Role setting to be a value lower than ‘Editor’ for there to be any real impact.
2025-03-08
4.3
CVE-2024-12114

metagauss–EventPrime Events Calendar, Bookings and Tickets 
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability checks on the export_submittion_attendees function in all versions up to, and including, 4.0.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to download list of attendees for any event.
2025-03-07
4.3
CVE-2024-13526

supportcandy–SupportCandy Helpdesk & Customer Support Ticket System 
The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.3.0 via file upload due to missing validation on a user controlled key. This makes it possible for authenticated attackers to download attachments for support tickets that don’t belong to them. If an admin enables tickets for guests, this can be exploited by unauthenticated attackers.
2025-03-07
4.3
CVE-2024-13552

vektor-inc–VK Blocks 
The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.94.2.2 via the page content block. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the content of private posts and pages.
2025-03-07
4.3
CVE-2024-13635

wpswings — wallet_system_for_woocommerce 
The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation in class-wallet-user-table.php. This makes it possible for unauthenticated attackers to modify wallet balances via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-04
4.3
CVE-2024-13682

vwthemes — vw_storefront 
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vw_storefront_reset_all_settings() function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the themes settings.
2025-03-04
4.3
CVE-2024-13686

wpswings — wallet_system_for_woocommerce 
The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to increase their own wallet balance, transfer balances between arbitrary users and initiate transfer requests from other users’ wallets.
2025-03-04
4.3
CVE-2024-13724

CidCode–WooMail – WooCommerce Email Customizer 
The WooMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘template_delete_saved’ function in all versions up to, and including, 3.0.34. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject SQL into an existing post deletion query.
2025-03-05
4.3
CVE-2024-13747

AlThemist–Zass – WooCommerce Theme for Handmade Artists and Artisans 
The Zass – WooCommerce Theme for Handmade Artists and Artisans theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the ‘zass_import_zass’ AJAX actions in all versions up to, and including, 3.9.9.10. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo content and overwrite the site.
2025-03-05
4.3
CVE-2024-13810

AlThemist–Lafka – Multi Store Burger – Pizza & Food Delivery WooCommerce Theme 
The Lafka – Multi Store Burger – Pizza & Food Delivery WooCommerce Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the ‘lafka_import_lafka’ AJAX actions in all versions up to, and including, 4.5.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo data that overrides the site.
2025-03-05
4.3
CVE-2024-13811

saadiqbal–Post SMTP WP SMTP Plugin with Email Logs and Mobile App for Failure Notifications Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more 
The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’ parameter in all versions up to, and including, 3.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
2025-03-08
4.9
CVE-2024-13844

jtsternberg–Code Snippets CPT 
The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.
2025-03-08
4.3
CVE-2024-13895

gnu — grub2 
A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.
2025-03-03
4.1
CVE-2024-45778

gnu — grub2 
An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.
2025-03-03
4.1
CVE-2024-45779

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51942

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51944

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51945

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51946

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51947

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51948

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51949

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51950

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51951

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51952

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51953

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51956

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51957

esri — arcgis_server 
There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.  There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.
2025-03-03
4.9
CVE-2024-51958

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51959

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51960

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-51963

esri — arcgis_server 
There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.
2025-03-03
4.9
CVE-2024-51966

PrismJS–Prism 
Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.
2025-03-03
4.9
CVE-2024-53382

Piqnt–Stage.js 
Stage.js through 0.8.10 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.
2025-03-03
4.9
CVE-2024-53386

QNAP Systems Inc.–QTS 
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later
2025-03-07
4.7
CVE-2024-53692

Apache Software Foundation–Apache Traffic Server 
Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue.
2025-03-06
4.3
CVE-2024-56202

esri — arcgis_server 
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 – 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability.
2025-03-03
4.8
CVE-2024-5888

Unknown–Reservit Hotel 
The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
2025-03-07
4.8
CVE-2024-9458

Fave Themes–Homey 
The Homey theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.3. This is due to missing or incorrect nonce validation on the ‘homey_verify_user_manually’ function. This makes it possible for unauthenticated attackers to update verify an user via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-07
4.3
CVE-2025-0748

AtaksAPP–Reservation Management System 
Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in AtaksAPP Reservation Management System allows Cross-Site Scripting (XSS).This issue affects Reservation Management System: before 4.2.3.
2025-03-06
4.7
CVE-2025-0877

webtroniclabs–I Am Gloria 
The I Am Gloria plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.4. This is due to missing or incorrect nonce validation on the iamgloria23_gloria_settings_page function. This makes it possible for unauthenticated attackers to reset the tenant ID via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-05
4.3
CVE-2025-0990

wppost–WP-Recall Registration, Profile, Commerce & More 
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 16.26.10 via the ‘feed’ shortcode due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to view data from password protected, private, or draft posts that they should not have access to.
2025-03-08
4.3
CVE-2025-1322

eteubert–Podlove Podcast Publisher 
The Podlove Podcast Publisher plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.2. This is due to missing or incorrect nonce validation on the ajax_transcript_delete() function. This makes it possible for unauthenticated attackers to delete arbitrary episode transcripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-06
4.3
CVE-2025-1383

javmah–Spreadsheet Integration Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. 
The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to improper nonce validation within the class-wpgsi-show.php script. This makes it possible for unauthenticated attackers to publish arbitrary posts, including private, granted they can trick a site administrator into performing an action such as clicking on a link.
2025-03-05
4.3
CVE-2025-1463

andyexeter–Post Lockdown 
The Post Lockdown plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.0.2 via the ‘pl_autocomplete’ AJAX action due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.
2025-03-08
4.3
CVE-2025-1504

cookiebot–Cookie banner plugin for WordPress Cookiebot CMP by Usercentrics 
The Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the send_uninstall_survey() function in all versions up to, and including, 4.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to submit the uninstall survey on behalf of a website.
2025-03-06
4.3
CVE-2025-1666

FITSTATS Technologies–AthleteMonitoring 
A vulnerability classified as problematic was found in FITSTATS Technologies AthleteMonitoring up to 20250302. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-03
4.3
CVE-2025-1842

i-drive — i11_firmware 
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotely. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.
2025-03-03
4.3
CVE-2025-1881

qzw1210 — shishuocms 
A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
4.3
CVE-2025-1891

open5gs — open5gs 
A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmm_state_authentication of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. This vulnerability allows a single UE to crash the AMF, resulting in the complete loss of mobility and session management services and causing a network-wide outage. All registered UEs will lose connectivity, and new registrations will be blocked until the AMF is restarted, leading to a high availability impact. The exploit has been disclosed to the public and may be used. The patch is named e31e9965f00d9c744a7f728497cb4f3e97744ee8. It is recommended to apply a patch to fix this issue.
2025-03-04
4.3
CVE-2025-1893

phpgurukul — restaurant_table_booking_system 
A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
2025-03-04
4.7
CVE-2025-1906

Google–Chrome 
Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
2025-03-05
4.3
CVE-2025-1917

Google–Chrome 
Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
2025-03-05
4.3
CVE-2025-1922

Google–Chrome 
Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
2025-03-05
4.3
CVE-2025-1923

Mozilla–Firefox 
A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
4.3
CVE-2025-1935

n/a–ZZCMS 
A vulnerability, which was classified as problematic, has been found in ZZCMS 2025. This issue affects some unknown processing of the file /3/ucenter_api/code/register_nodb.php of the component URL Handler. The manipulation of the argument $_SERVER[‘PHP_SELF’] leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
4.3
CVE-2025-1949

AWS–Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center 
Improper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process
2025-03-04
4.3
CVE-2025-1969

Cisco–Cisco TelePresence Management Suite (TMS) 
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
2025-03-05
4.6
CVE-2025-20208

code-projects–Blood Bank Management System 
A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/delete_members.php. The manipulation of the argument member_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
4.7
CVE-2025-2039

huang-yk–student-manage 
A vulnerability has been found in huang-yk student-manage 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
4.3
CVE-2025-2042

LinZhaoguan–pb-cms 
A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /admin#themes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
4.7
CVE-2025-2043

code-projects–Blood Bank Management System 
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_bloodGroup.php. The manipulation of the argument blood_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
4.7
CVE-2025-2044

GitLab–GitLab 
Improper authorization in GitLab EE affecting all versions from 17.7 prior to 17.7.6, 17.8 prior to 17.8.4, 17.9 prior to 17.9.1 allow users with limited permissions to access to potentially sensitive project analytics data.
2025-03-06
4.3
CVE-2025-2045

code-projects–Blood Bank Management System 
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_state.php. The manipulation of the argument state_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
4.7
CVE-2025-2054

code-projects–Online Ticket Reservation System 
A vulnerability was found in code-projects Online Ticket Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /passenger.php. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
4.3
CVE-2025-2061

MediaTek, Inc.–MT2737, MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6880, MT6886, MT6890, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8370, MT8390, MT8676, MT8678 
In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2062.
2025-03-03
4.1
CVE-2025-20651

MediaTek, Inc.–MT6580, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8167S, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8678, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798, MT8893 
In V5 DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291215; Issue ID: MSV-2052.
2025-03-03
4.6
CVE-2025-20652

PHPGurukul–Pre-School Enrollment System 
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php of the component Sub Admin Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
4.7
CVE-2025-2090

Samsung Mobile–Samsung Mobile Devices 
Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information.
2025-03-06
4
CVE-2025-20909

Samsung Mobile–Samsung Mobile Devices 
Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch.
2025-03-06
4.4
CVE-2025-20911

Samsung Mobile–Galaxy Wearable 
Improper access control in Galaxy Wearable prior to version 2.2.61.24112961 allows local attackers to launch arbitrary activity with Galaxy Wearable privilege.
2025-03-06
4
CVE-2025-20923

Samsung Mobile–Samsung Notes 
Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles.
2025-03-06
4.6
CVE-2025-20924

Keysight–Ixia Vision Product Family 
Path traversal may lead to arbitrary file download. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
2025-03-05
4.9
CVE-2025-21095

Beijing Founder Electronics–Founder Enjoys All-Media Acquisition and Editing System 
A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /newsedit/newsedit/xy/imageProxy.do of the component File Protocol Handler. The manipulation of the argument xyImgUrl leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
4.3
CVE-2025-2116

Control iD–RH iD 
A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovante_marcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of resource identifiers. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
4.3
CVE-2025-2125

JoomlaUX–JUX Real Estate 
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jp_yearbuilt leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
4.3
CVE-2025-2127

n/a–ftcms 
A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajax_all_lists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
4.7
CVE-2025-2132

Keysight–Ixia Vision Product Family 
Path traversal may lead to arbitrary file deletion. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
2025-03-05
4.9
CVE-2025-23416

Keysight–Ixia Vision Product Family 
External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
2025-03-05
4.9
CVE-2025-24521

n/a–n/a 
Incorrect Access Control in Unifiedtransform 2.X leads to Privilege Escalation allowing teachers to create syllabus.
2025-03-07
4.3
CVE-2025-25617

n/a–n/a 
Cross-Site Scripting (XSS) vulnerability exists in the WPA/WAPI Passphrase field of the Wireless Security settings (2.4GHz & 5GHz bands) in DZS Router Web Interface. An authenticated attacker can inject malicious JavaScript into the passphrase field, which is stored and later executed when an administrator views the passphrase via the “Click here to display” option on the Status page
2025-03-04
4.3
CVE-2025-26202

ZTE–MU5120 
There is a configuration defect vulnerability in ZTELink 5.4.9 for iOS. This vulnerability is caused by a flaw in the WiFi parameter configuration of the ZTELink. An attacker can obtain unauthorized access to the WiFi service.
2025-03-07
4.2
CVE-2025-26708

Docusnap–Docusnap 
There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions. This key can be used to decrypt inventory files that contain sensitive information such as firewall rules.
2025-03-04
4.3
CVE-2025-26849

Enalean–tuleap 
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scripting (XSS) via the tracker names used in the semantic timeframe deletion message. A tracker administrator with a semantic timeframe used by other trackers could use this vulnerability to force other tracker administrators to execute uncontrolled code. This vulnerability is fixed in Tuleap Community Edition 16.4.99.1740067916 and Tuleap Enterprise Edition 16.4-5 and 16.3-10.
2025-03-03
4.8
CVE-2025-27099

Enalean–tuleap 
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail clients. This vulnerability is fixed in Tuleap Community Edition 16.4.99.1740567344 and Tuleap Enterprise Edition 16.4-6 and 16.3-11.
2025-03-04
4.1
CVE-2025-27156

ruby-lang — cgi 
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.
2025-03-04
4
CVE-2025-27220

axelkeller — gpx_viewer 
Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX Viewer: from n/a through 2.2.11.
2025-03-03
4.9
CVE-2025-27274

Enalean–tuleap 
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In a standard usages of Tuleap, the issue has a limited impact, it will mostly leave dangling data. However, a malicious user could create and delete reports multiple times to cycle through all the filters of all reports of the instance and delete them. The malicious user only needs to have access to one tracker. This would result in the loss of all criteria filters forcing users and tracker admins to re-create them. This vulnerability is fixed in Tuleap Community Edition 16.4.99.1740498975 and Tuleap Enterprise Edition 16.4-6 and 16.3-11.
2025-03-04
4.6
CVE-2025-27401

Enalean–tuleap 
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protections on tracker fields administrative operations. An attacker could use this vulnerability to trick victims into removing or updating tracker fields. This vulnerability is fixed in Tuleap Community Edition 16.4.99.1740414959 and Tuleap Enterprise Edition 16.4-6 and 16.3-11.
2025-03-04
4.6
CVE-2025-27402

Mozilla–Firefox for iOS 
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page This vulnerability affects Firefox for iOS < 136.
2025-03-04
4.3
CVE-2025-27424

Mozilla–Firefox for iOS 
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first This vulnerability affects Firefox for iOS < 136.
2025-03-04
4.3
CVE-2025-27425

Jenkins Project–Jenkins 
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing `config.xml` of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets.
2025-03-05
4.3
CVE-2025-27622

Jenkins Project–Jenkins 
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing `config.xml` of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets.
2025-03-05
4.3
CVE-2025-27623

Jenkins Project–Jenkins 
In Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, redirects starting with backslash (“) characters are considered safe, allowing attackers to perform phishing attacks by having users go to a Jenkins URL that will forward them to a different site, because browsers interpret these characters as part of scheme-relative redirects.
2025-03-05
4.3
CVE-2025-27625

GraphicsMagick–GraphicsMagick 
ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.
2025-03-07
4.3
CVE-2025-27795

GraphicsMagick–GraphicsMagick 
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.
2025-03-07
4.5
CVE-2025-27796

Back to top

Low Vulnerabilities

PrimaryVendor — Product
Description
Published
CVSS Score
Source Info

Axis Communications AB–AXIS OS 
Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files to the Axis device with the purpose to exhaust system resources. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
2025-03-04
3.5
CVE-2024-47259

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-0587

GitLab–GitLab 
An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible for a user added as an External to read and clone internal projects under certain circumstances.”
2025-03-06
3.1
CVE-2025-1540

i-drive — i11_firmware 
A vulnerability has been found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This vulnerability affects unknown code of the component WiFi. The manipulation leads to use of default password. Access to the local network is required for this attack to succeed. The complexity of an attack is rather high. The exploitation appears to be difficult. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.
2025-03-03
3.1
CVE-2025-1878

code-projects — blood_bank_system 
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected by this issue is some unknown functionality of the file /Blood/A+.php. The manipulation of the argument Availibility leads to cross site scripting. The attack may be launched remotely.
2025-03-04
3.5
CVE-2025-1904

remyandrade — employee_management_system 
A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file employee.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
2025-03-04
3.5
CVE-2025-1905

Mozilla–Firefox 
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.
2025-03-04
3.9
CVE-2025-1939

code-projects–Online Class and Exam Scheduling System 
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
3.5
CVE-2025-1955

code-projects–Blood Bank System 
A vulnerability classified as problematic was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file /BBfile/Blood/o+.php. The manipulation of the argument Bloodname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
3.5
CVE-2025-1957

code-projects–Blood Bank Management System 
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /user_dashboard/donor.php. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-05
3.5
CVE-2025-1967

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
2025-03-04
3.3
CVE-2025-20011

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
2025-03-04
3.3
CVE-2025-20021

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-20024

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-20081

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-20091

n/a–ChestnutCMS 
A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used.
2025-03-06
3.5
CVE-2025-2032

PHPGurukul–Art Gallery Management System 
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /search.php. The manipulation of the argument search leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
3.5
CVE-2025-2047

code-projects–Blood Bank System 
A vulnerability classified as problematic has been found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file AB+.php. The manipulation of the argument Bloodname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
3.5
CVE-2025-2049

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-20626

PHPGurukul–Human Metapneumovirus Testing Management System 
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /search-report.php of the component Search Report Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
3.5
CVE-2025-2084

StarSea99–starsea-mall 
A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
3.5
CVE-2025-2085

StarSea99–starsea-mall 
A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This vulnerability affects unknown code of the file /admin/indexConfigs/update. The manipulation of the argument redirectUrl leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
3.5
CVE-2025-2086

StarSea99–starsea-mall 
A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/goods/update. The manipulation of the argument goodsName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-07
3.5
CVE-2025-2087

PHPGurukul–Online Library Management System 
A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-password.php. The manipulation of the argument email/phone number leads to weak password recovery. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
2025-03-07
3.1
CVE-2025-2093

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-21084

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
2025-03-04
3.3
CVE-2025-21089

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
2025-03-04
3.3
CVE-2025-21097

Shenzhen Sixun Software–Sixun Shanghui Group Business Management System 
A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This issue affects some unknown processing of the file /WebPages/Adm/OperatorStop.asp of the component Reset Password Interface. The manipulation of the argument OperId leads to improper authorization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
3.7
CVE-2025-2114

Thinkware–Car Dashcam F800 Pro 
A vulnerability classified as problematic was found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected by this vulnerability is an unknown functionality of the component Connection Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
3.1
CVE-2025-2122

n/a–GeSHi 
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function get_var of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument default-styles/keywords-1/keywords-2/keywords-3/keywords-4/comments leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-03-09
3.5
CVE-2025-2123

Control iD–RH iD 
A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/change_password of the component API Handler. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
3.5
CVE-2025-2124

n/a–OpenXE 
A vulnerability was found in OpenXE up to 1.12. It has been declared as problematic. This vulnerability affects unknown code of the component Ticket Bearbeiten Page. The manipulation of the argument Notizen leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
3.5
CVE-2025-2130

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
2025-03-04
3.3
CVE-2025-22443

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-22835

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
2025-03-04
3.3
CVE-2025-22837

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
2025-03-04
3.3
CVE-2025-22841

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
2025-03-04
3.3
CVE-2025-22847

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
2025-03-04
3.3
CVE-2025-22897

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
2025-03-04
3.3
CVE-2025-23234

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-23240

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-23409

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-23414

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
2025-03-04
3.3
CVE-2025-23418

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-23420

dpgaspar — flask-appbuilder 
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.
2025-03-03
3.7
CVE-2025-24023

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-24301

openatom — openharmony 
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
2025-03-04
3.8
CVE-2025-24309

tal — url 
In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.
2025-03-04
3.2
CVE-2025-27221

Tangem–SDK 
operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.
2025-03-08
3.2
CVE-2025-27839

Symantec–Carbon Black Cloud Windows Sensor 
Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak vulnerability, which s a type of issue whereby sensitive information may b exposed due to a vulnerability in software.
2025-03-05
2.5
CVE-2024-11035

huang-yk–student-manage 
A vulnerability, which was classified as problematic, was found in huang-yk student-manage 1.0. This affects an unknown part of the component Edit a Student Information Page. The manipulation of the argument Class leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-06
2.4
CVE-2024-13902

i-drive — i11_firmware 
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.
2025-03-03
2.4
CVE-2025-1879

i-drive — i11_firmware 
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been classified as problematic. Affected is an unknown function of the component Device Pairing. The manipulation leads to authentication bypass by primary weakness. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.
2025-03-03
2
CVE-2025-1880

qzw1210 — shishuocms 
A vulnerability was found in shishuocms 1.1. It has been classified as problematic. Affected is an unknown function of the file /manage/folder/add.json of the component Directory Deletion Page. The manipulation of the argument folderName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-03-04
2.4
CVE-2025-1892

vLLM–AIBrix 
A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 0.3.0 is able to address this issue. It is recommended to upgrade the affected component.
2025-03-04
2.6
CVE-2025-1953

Thinkware–Car Dashcam F800 Pro 
A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
2
CVE-2025-2119

Thinkware–Car Dashcam F800 Pro 
A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as problematic. This issue affects some unknown processing of the file /tmp/hostapd.conf of the component Configuration File Handler. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
2025-03-09
2.1
CVE-2025-2120

dayrui–XunRuiCMS 
A vulnerability was found in dayrui XunRuiCMS up to 4.6.3. It has been rated as problematic. This issue affects some unknown processing of the component Friendly Links Handler. The manipulation of the argument Website Address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2025-03-09
2.4
CVE-2025-2131

tassos.gr–ConvertForms component for Joomla 
A SQL injection vulnerability in the ConvertForms component versions 1.0.0-1.0.0 – 4.4.9 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the submission management area in backend.
2025-03-05
2.7
CVE-2025-22212

Back to top

Severity Not Yet Assigned

PrimaryVendor — Product
Description
Published
CVSS Score
Source Info

Cisco–Cisco Meraki MX Firmware 
A security vulnerability was discovered in the local status page functionality of Cisco Meraki’s MX67 and MX68 security appliance models that may allow unauthenticated individuals to access and download logs containing sensitive, privileged device information. The vulnerability is due to improper access control to the files holding debugging and maintenance information, and is only exploitable when the local status page is enabled on the device. An attacker exploiting this vulnerability may obtain access to wireless pre-shared keys, Site-to-Site VPN key and other sensitive information. Under certain circumstances, this information may allow an attacker to obtain administrative-level access to the device.
2025-03-04
not yet calculated
CVE-2019-1815

n/a–n/a 
Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation.
2025-03-04
not yet calculated
CVE-2020-23438

Cisco–Cisco IronPort Security Management Appliance 
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.
2025-03-04
not yet calculated
CVE-2020-3122

n/a–n/a 
Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser’s history, referrers, web logs, and other sources.
2025-03-04
not yet calculated
CVE-2021-41719

Carrier–Block Load 
An Uncontrolled Search Path Element vulnerability exists which could allow a malicious actor to perform DLL hijacking and execute arbitrary code with escalated privileges.
2025-03-04
not yet calculated
CVE-2024-10930

Kingsoft–WPS Office 
Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough.
2025-03-04
not yet calculated
CVE-2024-11957

OpenText–Identity Manager Advanced Edition 
Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux, 64 bit allows Privilege Abuse. This vulnerability could allow an authenticated user to obtain higher privileged user’s sensitive information via crafted payload. This issue affects Identity Manager Advanced Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.
2025-03-05
not yet calculated
CVE-2024-12799

Silicon Labs–Simplicity SDK 
A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.
2025-03-07
not yet calculated
CVE-2024-12975

Unknown–Email Keep 
The Email Keep WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
2025-03-08
not yet calculated
CVE-2024-13825

Unknown–Email Keep 
The Email Keep WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
2025-03-08
not yet calculated
CVE-2024-13826

Smartwares–CIP-37210AT 
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. During the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection. The vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.
2025-03-06
not yet calculated
CVE-2024-13892

Smartwares–CIP-37210AT 
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, might share same credentials for telnet service. Hash of the password can be retrieved through physical access to SPI connected memory. For the telnet service to be enabled, the inserted SD card needs to have a folder with a specific name created.  Two products were tested, but since the vendor has not replied to reports, patching status remains unknown, as well as groups of devices and firmware ranges in which the same password is shared. Newer firmware versions might be vulnerable as well.
2025-03-06
not yet calculated
CVE-2024-13893

Smartwares–CIP-37210AT 
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to path traversal. When an affected device is connected to a mobile app, it opens a port 10000 enabling a user to download pictures shot at specific moments by providing paths to the files. However, the directories to which a user has access are not limited, allowing for path traversal attacks and downloading sensitive information. The vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.
2025-03-06
not yet calculated
CVE-2024-13894

QNAP Systems Inc.–QTS 
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5.2.x are not affected. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QuTS hero h5.1.9.2954 build 20241120 and later
2025-03-07
not yet calculated
CVE-2024-38638

n/a–n/a 
An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input
2025-03-07
not yet calculated
CVE-2024-42733

n/a–n/a 
Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1
2025-03-03
not yet calculated
CVE-2024-47092

QNAP Systems Inc.–File Station 5 
A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4741 and later
2025-03-07
not yet calculated
CVE-2024-48864

QNAP Systems Inc.–QuRouter 
A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later
2025-03-07
not yet calculated
CVE-2024-50390

QNAP Systems Inc.–Helpdesk 
An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later
2025-03-07
not yet calculated
CVE-2024-50394

QNAP Systems Inc.–QVPN Device Client for Mac 
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local attackers who have gained user access to gain access to otherwise unauthorized resources. We have already fixed the vulnerability in the following versions: QVPN Device Client for Mac 2.2.5 and later Qsync for Mac 5.1.3 and later Qfinder Pro Mac 7.11.1 and later
2025-03-07
not yet calculated
CVE-2024-53694

QNAP Systems Inc.–HBS 3 Hybrid Backup Sync 
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later
2025-03-07
not yet calculated
CVE-2024-53695

QNAP Systems Inc.–QuLog Center 
A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.829 ( 2024/10/01 ) and later QuLog Center 1.8.0.888 ( 2024/10/15 ) and later QTS 4.5.4.2957 build 20241119 and later QuTS hero h4.5.4.2956 build 20241119 and later
2025-03-07
not yet calculated
CVE-2024-53696

QNAP Systems Inc.–QTS 
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later
2025-03-07
not yet calculated
CVE-2024-53697

QNAP Systems Inc.–QTS 
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later
2025-03-07
not yet calculated
CVE-2024-53698

QNAP Systems Inc.–QTS 
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later
2025-03-07
not yet calculated
CVE-2024-53699

QNAP Systems Inc.–QuRouter 
A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later
2025-03-07
not yet calculated
CVE-2024-53700

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked.
2025-03-06
not yet calculated
CVE-2024-58051

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to retrieve SMU_Info table, it returns NULL which is later dereferenced. Found by Linux Verification Center (linuxtesting.org) with SVACE. In practice this should never happen as this code only gets called on polaris chips and the vbios data table will always be present on those chips.
2025-03-06
not yet calculated
CVE-2024-58052

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we’ve received. Though the abort is at the connection level, it needs propagating to the calls on that connection. Whilst the propagation bit is performed, the calls aren’t then woken up to go and process their termination, and as no further input is forthcoming, they just hang. Also add some tracing for the logging of connection aborts.
2025-03-06
not yet calculated
CVE-2024-58053

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712 module: Unable to handle kernel paging request at virtual address 00007375746174db Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000 [00007375746174db] pgd=0000000000000000, p4d=0000000000000000 Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP Modules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2 imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse [last unloaded: imx8_isi] CPU: 0 UID: 0 PID: 754 Comm: rmmod Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17 Tainted: [C]=CRAP Hardware name: NXP i.MX95 19X19 board (DT) pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=–) pc : led_put+0x1c/0x40 lr : v4l2_subdev_put_privacy_led+0x48/0x58 sp : ffff80008699bbb0 x29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000 x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000 x23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8 x20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 x14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000 x11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010 x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d x5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1 x2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473 Call trace: led_put+0x1c/0x40 v4l2_subdev_put_privacy_led+0x48/0x58 v4l2_async_unregister_subdev+0x2c/0x1a4 max96712_remove+0x1c/0x38 [max96712] i2c_device_remove+0x2c/0x9c device_remove+0x4c/0x80 device_release_driver_internal+0x1cc/0x228 driver_detach+0x4c/0x98 bus_remove_driver+0x6c/0xbc driver_unregister+0x30/0x60 i2c_del_driver+0x54/0x64 max96712_i2c_driver_exit+0x18/0x1d0 [max96712] __arm64_sys_delete_module+0x1a4/0x290 invoke_syscall+0x48/0x10c el0_svc_common.constprop.0+0xc0/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xd8 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x190/0x194 Code: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400) —[ end trace 0000000000000000 ]— This happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata() is called again and the data is overwritten to point to sd, instead of priv. So, in remove(), the wrong pointer is passed to v4l2_async_unregister_subdev(), leading to a crash.
2025-03-06
not yet calculated
CVE-2024-58054

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don’t free command immediately Don’t prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command.
2025-03-06
not yet calculated
CVE-2024-58055

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() function, on error, put_device(&rproc->dev) is called, leading to the call of the rproc_type_release() function. An error can occurs before ida_alloc is called. In such case in rproc_type_release(), the condition (rproc->index >= 0) is true as rproc->index has been initialized to 0. ida_free() is called reporting a warning: [ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164 [ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0 [ 4.188854] ida_free called for id=0 which is not allocated. [ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000 [ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+) [ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442 [ 4.231481] Hardware name: STM32 (Device Tree Support) [ 4.236627] Workqueue: events_unbound deferred_probe_work_func [ 4.242504] Call trace: [ 4.242522] unwind_backtrace from show_stack+0x10/0x14 [ 4.250218] show_stack from dump_stack_lvl+0x50/0x64 [ 4.255274] dump_stack_lvl from __warn+0x80/0x12c [ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188 [ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164 [ 4.270565] ida_free from rproc_type_release+0x38/0x60 [ 4.275832] rproc_type_release from device_release+0x30/0xa0 [ 4.281601] device_release from kobject_put+0xc4/0x294 [ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c [ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4 [ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc] [ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc Calling ida_alloc earlier in rproc_alloc ensures that the rproc->index is properly set.
2025-03-06
not yet calculated
CVE-2024-58056

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUND`, its work items are served by special worker-pools, whose host workers are not bound to any specific CPU. In the default configuration (i.e. when `queue_delayed_work` and friends do not specify which CPU to run the work item on), `WQ_UNBOUND` allows the work item to be executed on any CPU in the same node of the CPU it was enqueued on. While this solution potentially sacrifices locality, it avoids contention with other processes that might dominate the CPU time of the processor the work item was scheduled on. This is not just a theoretical problem: in a particular scenario misconfigured process was hogging most of the time from CPU0, leaving less than 0.5% of its CPU time to the kworker. The IDPF workqueues that were using the kworker on CPU0 suffered large completion delays as a result, causing performance degradation, timeouts and eventual system crash. * I have also run a manual test to gauge the performance improvement. The test consists of an antagonist process (`./stress –cpu 2`) consuming as much of CPU 0 as possible. This process is run under `taskset 01` to bind it to CPU0, and its priority is changed with `chrt -pQ 9900 10000 ${pid}` and `renice -n -20 ${pid}` after start. Then, the IDPF driver is forced to prefer CPU0 by editing all calls to `queue_delayed_work`, `mod_delayed_work`, etc… to use CPU 0. Finally, `ktraces` for the workqueue events are collected. Without the current patch, the antagonist process can force arbitrary delays between `workqueue_queue_work` and `workqueue_execute_start`, that in my tests were as high as `30ms`. With the current patch applied, the workqueue can be migrated to another unloaded CPU in the same node, and, keeping everything else equal, the maximum delay I could see was `6us`.
2025-03-06
not yet calculated
CVE-2024-58057

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL, then dumping tnc tree will access c->zroot.znode which cause null pointer dereference.
2025-03-06
not yet calculated
CVE-2024-58058

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix deadlock during uvc_probe If uvc_probe() fails, it can end up calling uvc_status_unregister() before uvc_status_init() is called. Fix this by checking if dev->status is NULL or not in uvc_status_unregister().
2025-03-06
not yet calculated
CVE-2024-58059

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARN_ON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all links in the debugfs write directly.
2025-03-06
not yet calculated
CVE-2024-58061

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words – that the link exists) before dereferncing it. Use for_each_vif_active_link that also does the check.
2025-03-06
not yet calculated
CVE-2024-58062

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init_sw_vars fails, rtl_deinit_core should not be called, specially now that it destroys the rtl_wq workqueue. And call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be leaked. Remove pci_set_drvdata call as it will already be cleaned up by the core driver code and could lead to memory leaks too. cf. commit 8d450935ae7f (“wireless: rtlwifi: remove unnecessary pci_set_drvdata()”) and commit 3d86b93064c7 (“rtlwifi: Fix PCI probe error path orphaned memory”).
2025-03-06
not yet calculated
CVE-2024-58063

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for ies.
2025-03-06
not yet calculated
CVE-2024-58064

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Fix the check.
2025-03-06
not yet calculated
CVE-2024-58065

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fix a NULL vs IS_ERR() check The devm_kzalloc() function doesn’t return error pointers, it returns NULL on error. Update the check to match.
2025-03-06
not yet calculated
CVE-2024-58066

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-mpmu: Fix a NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Update the check to match.
2025-03-06
not yet calculated
CVE-2024-58067

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table was not created because the interconnect properties were missing in the OPP consumer node, the kernel will crash with: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 … pc : _read_bw+0x8/0x10 lr : _opp_table_find_key+0x9c/0x174 … Call trace: _read_bw+0x8/0x10 (P) _opp_table_find_key+0x9c/0x174 (L) _find_key+0x98/0x168 dev_pm_opp_find_bw_ceil+0x50/0x88 … In order to fix the crash, create an assert function to check if the bandwidth table was created before trying to get a bandwidth with _read_bw().
2025-03-06
not yet calculated
CVE-2024-58068

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer size less than 4 bytes, regmap_read will write out of bounds as it expects the buffer to point at an unsigned int. Fix this by using an intermediary unsigned int to hold the value.
2025-03-06
not yet calculated
CVE-2024-58069

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. bpf_mem_alloc must be used in PREEMPT_RT. This patch is to enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT is enabled. [ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs [ 35.118569] preempt_count: 1, expected: 0 [ 35.118571] RCU nest depth: 1, expected: 1 [ 35.118577] INFO: lockdep is turned off. … [ 35.118647] __might_resched+0x433/0x5b0 [ 35.118677] rt_spin_lock+0xc3/0x290 [ 35.118700] ___slab_alloc+0x72/0xc40 [ 35.118723] __kmalloc_noprof+0x13f/0x4e0 [ 35.118732] bpf_map_kzalloc+0xe5/0x220 [ 35.118740] bpf_selem_alloc+0x1d2/0x7b0 [ 35.118755] bpf_local_storage_update+0x2fa/0x8b0 [ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0 [ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66 [ 35.118795] bpf_trace_run3+0x222/0x400 [ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20 [ 35.118824] trace_inet_sock_set_state+0x112/0x130 [ 35.118830] inet_sk_state_store+0x41/0x90 [ 35.118836] tcp_set_state+0x3b3/0x640 There is no need to adjust the gfp_flags passing to the bpf_mem_cache_alloc_flags() which only honors the GFP_KERNEL. The verifier has ensured GFP_KERNEL is passed only in sleepable context. It has been an old issue since the first introduction of the bpf_local_storage ~5 years ago, so this patch targets the bpf-next. bpf_mem_alloc is needed to solve it, so the Fixes tag is set to the commit when bpf_mem_alloc was first used in the bpf_local_storage.
2025-03-06
not yet calculated
CVE-2024-58070

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was already added and veth0 is a lower of vlan1. This is not useful in practice and can lead to recursive locking: $ ip link add veth0 type veth peer name veth1 $ ip link set veth0 up $ ip link set veth1 up $ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1 $ ip link add team0 type team $ ip link set veth0.1 down $ ip link set veth0.1 master team0 team0: Port device veth0.1 added $ ip link set veth0 down $ ip link set veth0 master team0 ============================================ WARNING: possible recursive locking detected 6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted ——————————————– ip/7684 is trying to acquire lock: ffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) but task is already holding lock: ffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977) other info that might help us debug this: Possible unsafe locking scenario: CPU0 —- lock(team->team_lock_key); lock(team->team_lock_key); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by ip/7684: stack backtrace: CPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:122) print_deadlock_bug.cold (kernel/locking/lockdep.c:3040) __lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226) ? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548) lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2)) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? lock_acquire (kernel/locking/lockdep.c:5822) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) __mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? fib_sync_up (net/ipv4/fib_semantics.c:2167) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) notifier_call_chain (kernel/notifier.c:85) call_netdevice_notifiers_info (net/core/dev.c:1996) __dev_notify_flags (net/core/dev.c:8993) ? __dev_change_flags (net/core/dev.c:8975) dev_change_flags (net/core/dev.c:9027) vlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470) ? br_device_event (net/bridge/br.c:143) notifier_call_chain (kernel/notifier.c:85) call_netdevice_notifiers_info (net/core/dev.c:1996) dev_open (net/core/dev.c:1519 net/core/dev.c:1505) team_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977) ? __pfx_team_add_slave (drivers/net/team/team_core.c:1972) do_set_master (net/core/rtnetlink.c:2917) do_setlink.isra.0 (net/core/rtnetlink.c:3117)
2025-03-06
not yet calculated
CVE-2024-58071

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f (“rtlwifi: Update header file”) introduced a global list of private data structures. Later on, commit 26634c4b1868 (“rtlwifi Modify existing bits to match vendor version 2013.02.07”) started adding the private data to that list at probe time and added a hook, check_buddy_priv to find the private data from a similar device. However, that function was never used. Besides, though there is a lock for that list, it is never used. And when the probe fails, the private data is never removed from the list. This would cause a second probe to access freed memory. Remove the unused hook, structures and members, which will prevent the potential race condition on the list and its corruption during a second probe when probe fails.
2025-03-06
not yet calculated
CVE-2024-58072

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp Similar to the r_pipe sspp protect, add a check to protect the pipe state prints to avoid NULL ptr dereference for cases when the state is dumped without a corresponding atomic_check() where the pipe->sspp is assigned. Patchwork: https://patchwork.freedesktop.org/patch/628404/
2025-03-06
not yet calculated
CVE-2024-58073

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab intel_display from the encoder to avoid potential oopsies Grab the intel_display from ‘encoder’ rather than ‘state’ in the encoder hooks to avoid the massive footgun that is intel_sanitize_encoder(), which passes NULL as the ‘state’ argument to encoder .disable() and .post_disable(). TODO: figure out how to actually fix intel_sanitize_encoder()…
2025-03-06
not yet calculated
CVE-2024-58074

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: crypto: tegra – do not transfer req when tegra init fails The tegra_cmac_init or tegra_sha_init function may return an error when memory is exhausted. It should not transfer the request when they return an error.
2025-03-06
not yet calculated
CVE-2024-58075

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-sm6350: Add missing parent_map for two clocks If a clk_rcg2 has a parent, it should also have parent_map defined, otherwise we’ll get a NULL pointer dereference when calling clk_set_rate like the following: [ 3.388105] Call trace: [ 3.390664] qcom_find_src_index+0x3c/0x70 (P) [ 3.395301] qcom_find_src_index+0x1c/0x70 (L) [ 3.399934] _freq_tbl_determine_rate+0x48/0x100 [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28 [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4 [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300 [ 3.455886] clk_set_rate+0x38/0x14c Add the parent_map property for two clocks where it’s missing and also un-inline the parent_data as well to keep the matching parent_map and parent_data together.
2025-03-06
not yet calculated
CVE-2024-58076

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don’t use soc_pcm_ret() on .prepare callback commit 1f5664351410 (“ASoC: lower “no backend DAIs enabled for … Port” log severity”) ignores -EINVAL error message on common soc_pcm_ret(). It is used from many functions, ignoring -EINVAL is over-kill. The reason why -EINVAL was ignored was it really should only be used upon invalid parameters coming from userspace and in that case we don’t want to log an error since we do not want to give userspace a way to do a denial-of-service attack on the syslog / diskspace. So don’t use soc_pcm_ret() on .prepare callback is better idea.
2025-03-06
not yet calculated
CVE-2024-58077

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors misc_minor_alloc was allocating id using ida for minor only in case of MISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids using ida_free causing a mismatch and following warn: > > WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f > > ida_free called for id=127 which is not allocated. > > <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< … > > [<60941eb4>] ida_free+0x3e0/0x41f > > [<605ac993>] misc_minor_free+0x3e/0xbc > > [<605acb82>] misc_deregister+0x171/0x1b3 misc_minor_alloc is changed to allocate id from ida for all minors falling in the range of dynamic/ misc dynamic minors
2025-03-06
not yet calculated
CVE-2024-58078

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix crash during unbind if gpio unit is in use We used the wrong device for the device managed functions. We used the usb device, when we should be using the interface device. If we unbind the driver from the usb interface, the cleanup functions are never called. In our case, the IRQ is never disabled. If an IRQ is triggered, it will try to access memory sections that are already free, causing an OOPS. We cannot use the function devm_request_threaded_irq here. The devm_* clean functions may be called after the main structure is released by uvc_delete. Luckily this bug has small impact, as it is only affected by devices with gpio units and the user has to unbind the device, a disconnect will not trigger this error.
2025-03-06
not yet calculated
CVE-2024-58079

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: dispcc-sm6350: Add missing parent_map for a clock If a clk_rcg2 has a parent, it should also have parent_map defined, otherwise we’ll get a NULL pointer dereference when calling clk_set_rate like the following: [ 3.388105] Call trace: [ 3.390664] qcom_find_src_index+0x3c/0x70 (P) [ 3.395301] qcom_find_src_index+0x1c/0x70 (L) [ 3.399934] _freq_tbl_determine_rate+0x48/0x100 [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28 [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4 [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300 [ 3.455886] clk_set_rate+0x38/0x14c Add the parent_map property for the clock where it’s missing and also un-inline the parent_data as well to keep the matching parent_map and parent_data together.
2025-03-06
not yet calculated
CVE-2024-58080

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: clk: mmp2: call pm_genpd_init() only after genpd.name is set Setting the genpd’s struct device’s name with dev_set_name() is happening within pm_genpd_init(). If it remains NULL, things can blow up later, such as when crafting the devfs hierarchy for the power domain: Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read … Call trace: strlen from start_creating+0x90/0x138 start_creating from debugfs_create_dir+0x20/0x178 debugfs_create_dir from genpd_debug_add.part.0+0x4c/0x144 genpd_debug_add.part.0 from genpd_debug_init+0x74/0x90 genpd_debug_init from do_one_initcall+0x5c/0x244 do_one_initcall from kernel_init_freeable+0x19c/0x1f4 kernel_init_freeable from kernel_init+0x1c/0x12c kernel_init from ret_from_fork+0x14/0x28 Bisecting tracks this crash back to commit 899f44531fe6 (“pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag”), which exchanges use of genpd->name with dev_name(&genpd->dev) in genpd_debug_add.part().
2025-03-06
not yet calculated
CVE-2024-58081

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: media: nuvoton: Fix an error check in npcm_video_ece_init() When function of_find_device_by_node() fails, it returns NULL instead of an error code. So the corresponding error check logic should be modified to check whether the return value is NULL and set the error code to be returned as -ENODEV.
2025-03-06
not yet calculated
CVE-2024-58082

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly verify the target vCPU is fully online _prior_ to clamping the index in kvm_get_vcpu(). If the index is “bad”, the nospec clamping will generate ‘0’, i.e. KVM will return vCPU0 instead of NULL. In practice, the bug is unlikely to cause problems, as it will only come into play if userspace or the guest is buggy or misbehaving, e.g. KVM may send interrupts to vCPU0 instead of dropping them on the floor. However, returning vCPU0 when it shouldn’t exist per online_vcpus is problematic now that KVM uses an xarray for the vCPUs array, as KVM needs to insert into the xarray before publishing the vCPU to userspace (see commit c5b077549136 (“KVM: Convert the kvm->vcpus array to a xarray”)), i.e. before vCPU creation is guaranteed to succeed. As a result, incorrectly providing access to vCPU0 will trigger a use-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu() bails out of vCPU creation due to an error and frees vCPU0. Commit afb2acb2e3a3 (“KVM: Fix vcpu_array[0] races”) papered over that issue, but in doing so introduced an unsolvable teardown conundrum. Preventing accesses to vCPU0 before it’s fully online will allow reverting commit afb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.
2025-03-06
not yet calculated
CVE-2024-58083

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool() Commit 2e4955167ec5 (“firmware: qcom: scm: Fix __scm and waitq completion variable initialization”) introduced a write barrier in probe function to store global ‘__scm’ variable. We all known barriers are paired (see memory-barriers.txt: “Note that write barriers should normally be paired with read or address-dependency barriers”), therefore accessing it from concurrent contexts requires read barrier. Previous commit added such barrier in qcom_scm_is_available(), so let’s use that directly. Lack of this read barrier can result in fetching stale ‘__scm’ variable value, NULL, and dereferencing it. Note that barrier in qcom_scm_is_available() satisfies here the control dependency.
2025-03-06
not yet calculated
CVE-2024-58084

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: tomoyo: don’t emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), for one can write a very very long line without new line character. To fix this warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE, for practically a valid line should be always shorter than 32KB where the “too small to fail” memory-allocation rule applies. One might try to write a valid line that is longer than 32KB, but such request will likely fail with -ENOMEM. Therefore, I feel that separately returning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant. There is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.
2025-03-06
not yet calculated
CVE-2024-58085

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor (`v3d->active_perfmon`) is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction, leaving the `v3d->active_perfmon` pointer stale. This can lead to undefined behavior and instability. This patch ensures that the active perfmon is stopped before being destroyed, aligning with the behavior introduced in commit 7d1fd3638ee3 (“drm/v3d: Stop the active perfmon before being destroyed”).
2025-03-06
not yet calculated
CVE-2024-58086

The Document Foundation–LibreOffice 
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme ‘vnd.libreoffice.command’ specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.
2025-03-04
not yet calculated
CVE-2025-1080

Unknown–URL Shortener | Conversion Tracking | AB Testing | WooCommerce 
The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting customers via CSRF attacks
2025-03-09
not yet calculated
CVE-2025-1362

Unknown–URL Shortener | Conversion Tracking | AB Testing | WooCommerce 
The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
2025-03-09
not yet calculated
CVE-2025-1363

Unknown–Contact Us By Lord Linus 
The Contact Us By Lord Linus WordPress plugin through 2.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.
2025-03-09
not yet calculated
CVE-2025-1382

PocketBook–InkPad Color 3 
A privilege escalation vulnerability in PocketBook InkPad Color 3 allows attackers to escalate to root privileges if they gain physical access to the device. This issue affects InkPad Color 3 in version U743k3.6.8.3671.
2025-03-04
not yet calculated
CVE-2025-1424

PocketBook–InkPad Color 3 
A Sudo privilege misconfiguration vulnerability in PocketBook InkPad Color 3 on Linux, ARM allows attackers to read file contents on the device.This issue affects InkPad Color 3: U743k3.6.8.3671.
2025-03-04
not yet calculated
CVE-2025-1425

Docker–Docker Desktop 
A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data-potentially including sensitive details-was written to log files in clear text whenever an HTTP GET request was made through a proxy. An attacker with read access to these logs could obtain the proxy information and leverage it for further attacks or unauthorized access. Starting with version 4.39.0, Docker Desktop no longer logs the proxy string, thereby mitigating this risk.
2025-03-06
not yet calculated
CVE-2025-1696

Perforce–Gliffy 
Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy prior to version 4.14.0-7 on Gliffy online allows attacker to enumerate valid user emails and potentially DOS the server
2025-03-05
not yet calculated
CVE-2025-1714

radareorg–radare2 
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.
2025-03-03
not yet calculated
CVE-2025-1864

warmcat–libwebsockets 
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32 platform. By default, the affected code is not executed unless one of the following conditions is met: LWS_WITHOUT_EXTENSIONS (default ON) is manually set to OFF in CMake. LWS_WITH_HTTP_STREAM_COMPRESSION (default OFF) is manually set to ON in CMake. Despite these conditions, when triggered in affected configurations, this vulnerability may allow attackers to manipulate pointers, potentially leading to memory corruption or unexpected behavior.
2025-03-03
not yet calculated
CVE-2025-1866

ithewei–libhv 
Inconsistent Interpretation of HTTP Requests (‘HTTP Request/Response Smuggling’) vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3.
2025-03-03
not yet calculated
CVE-2025-1867

Sage–Sage 200 Spain 
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to discover stored SMTP credentials.
2025-03-07
not yet calculated
CVE-2025-1886

Sage–Sage 200 Spain 
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker.
2025-03-07
not yet calculated
CVE-2025-1887

Mozilla–Firefox 
It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
not yet calculated
CVE-2025-1931

Mozilla–Firefox 
jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
not yet calculated
CVE-2025-1936

Mozilla–Firefox 
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
2025-03-04
not yet calculated
CVE-2025-1937

Trimble–SketchUp 
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25210.
2025-03-07
not yet calculated
CVE-2025-2024

MediaTek, Inc.–MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6895, MT6897, MT6983, MT6985, MT6989, MT8370, MT8390 
In da, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291064; Issue ID: MSV-2046.
2025-03-03
not yet calculated
CVE-2025-20653

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT During the update procedure, when overwrite element in a pre-allocated htab, the freeing of old_element is protected by the bucket lock. The reason why the bucket lock is necessary is that the old_element has already been stashed in htab->extra_elems after alloc_htab_elem() returns. If freeing the old_element after the bucket lock is unlocked, the stashed element may be reused by concurrent update procedure and the freeing of old_element will run concurrently with the reuse of the old_element. However, the invocation of check_and_free_fields() may acquire a spin-lock which violates the lockdep rule because its caller has already held a raw-spin-lock (bucket lock). The following warning will be reported when such race happens: BUG: scheduling while atomic: test_progs/676/0x00000003 3 locks held by test_progs/676: #0: ffffffff864b0240 (rcu_read_lock_trace){….}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830 #1: ffff88810e961188 (&htab->lockdep_key){….}-{2:2}, at: htab_map_update_elem+0x306/0x1500 #2: ffff8881f4eac1b8 (&base->softirq_expiry_lock){….}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0 Modules linked in: bpf_testmod(O) Preemption disabled at: [<ffffffff817837a3>] htab_map_update_elem+0x293/0x1500 CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G … 6.12.0+ #11 Tainted: [W]=WARN, [O]=OOT_MODULE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)… Call Trace: <TASK> dump_stack_lvl+0x57/0x70 dump_stack+0x10/0x20 __schedule_bug+0x120/0x170 __schedule+0x300c/0x4800 schedule_rtlock+0x37/0x60 rtlock_slowlock_locked+0x6d9/0x54c0 rt_spin_lock+0x168/0x230 hrtimer_cancel_wait_running+0xe9/0x1b0 hrtimer_cancel+0x24/0x30 bpf_timer_delete_work+0x1d/0x40 bpf_timer_cancel_and_free+0x5e/0x80 bpf_obj_free_fields+0x262/0x4a0 check_and_free_fields+0x1d0/0x280 htab_map_update_elem+0x7fc/0x1500 bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43 bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e bpf_prog_test_run_syscall+0x322/0x830 __sys_bpf+0x135d/0x3ca0 __x64_sys_bpf+0x75/0xb0 x64_sys_call+0x1b5/0xa10 do_syscall_64+0x3b/0xc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 … </TASK> It seems feasible to break the reuse and refill of per-cpu extra_elems into two independent parts: reuse the per-cpu extra_elems with bucket lock being held and refill the old_element as per-cpu extra_elems after the bucket lock is unlocked. However, it will make the concurrent overwrite procedures on the same CPU return unexpected -E2BIG error when the map is full. Therefore, the patch fixes the lock problem by breaking the cancelling of bpf_timer into two steps for PREEMPT_RT: 1) use hrtimer_try_to_cancel() and check its return value 2) if the timer is running, use hrtimer_cancel() through a kworker to cancel it again Considering that the current implementation of hrtimer_cancel() will try to acquire a being held softirq_expiry_lock when the current timer is running, these steps above are reasonable. However, it also has downside. When the timer is running, the cancelling of the timer is delayed when releasing the last map uref. The delay is also fixable (e.g., break the cancelling of bpf timer into two parts: one part in locked scope, another one in unlocked scope), it can be revised later if necessary. It is a bit hard to decide the right fix tag. One reason is that the problem depends on PREEMPT_RT which is enabled in v6.12. Considering the softirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced in v5.15, the bpf_timer commit is used in the fixes tag and an extra depends-on tag is added to state the dependency on PREEMPT_RT. Depends-on: v6.12+ with PREEMPT_RT enabled
2025-03-06
not yet calculated
CVE-2025-21825

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject mismatching sum of field_len with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits. Register-based arithmetics still allows for combining mismatching set key length and field length description, eg. set key length 10 and field description [ 5, 4 ] leading to pipapo width of 12.
2025-03-06
not yet calculated
CVE-2025-21826

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface() The documentation for usb_driver_claim_interface() says that “the device lock” is needed when the function is called from places other than probe(). This appears to be the lock for the USB interface device. The Mediatek btusb code gets called via this path: Workqueue: hci0 hci_power_on [bluetooth] Call trace: usb_driver_claim_interface btusb_mtk_claim_iso_intf btusb_mtk_setup hci_dev_open_sync hci_power_on process_scheduled_works worker_thread kthread With the above call trace the device lock hasn’t been claimed. Claim it. Without this fix, we’d sometimes see the error “Failed to claim iso interface”. Sometimes we’d even see worse errors, like a NULL pointer dereference (where `intf->dev.driver` was NULL) with a trace like: Call trace: usb_suspend_both usb_runtime_suspend __rpm_callback rpm_suspend pm_runtime_work process_scheduled_works Both errors appear to be fixed with the proper locking.
2025-03-06
not yet calculated
CVE-2025-21827

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don’t flush non-uploaded STAs If STA state is pre-moved to AUTHORIZED (such as in IBSS scenarios) and insertion fails, the station is freed. In this case, the driver never knew about the station, so trying to flush it is unexpected and may crash. Check if the sta was uploaded to the driver before and fix this.
2025-03-06
not yet calculated
CVE-2025-21828

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the warning “__rxe_cleanup+0x12c/0x170 [rdma_rxe]” The Call Trace is as below: ” <TASK> ? show_regs.cold+0x1a/0x1f ? __rxe_cleanup+0x12c/0x170 [rdma_rxe] ? __warn+0x84/0xd0 ? __rxe_cleanup+0x12c/0x170 [rdma_rxe] ? report_bug+0x105/0x180 ? handle_bug+0x46/0x80 ? exc_invalid_op+0x19/0x70 ? asm_exc_invalid_op+0x1b/0x20 ? __rxe_cleanup+0x12c/0x170 [rdma_rxe] ? __rxe_cleanup+0x124/0x170 [rdma_rxe] rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe] ib_destroy_qp_user+0x118/0x190 [ib_core] rdma_destroy_qp.cold+0x43/0x5e [rdma_cm] rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core] rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server] process_one_work+0x21d/0x3f0 worker_thread+0x4a/0x3c0 ? process_one_work+0x3f0/0x3f0 kthread+0xf0/0x120 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30 </TASK> ” When too many rdma resources are allocated, rxe needs more time to handle these rdma resources. Sometimes with the current timeout, rxe can not release the rdma resources correctly. Compared with other rdma drivers, a bigger timeout is used.
2025-03-06
not yet calculated
CVE-2025-21829

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: landlock: Handle weird files A corrupted filesystem (e.g. bcachefs) might return weird files. Instead of throwing a warning and allowing access to such file, treat them as regular files.
2025-03-06
not yet calculated
CVE-2025-21830

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 commit 9d26d3a8f1b0 (“PCI: Put PCIe ports into D3 during suspend”) sets the policy that all PCIe ports are allowed to use D3. When the system is suspended if the port is not power manageable by the platform and won’t be used for wakeup via a PME this sets up the policy for these ports to go into D3hot. This policy generally makes sense from an OSPM perspective but it leads to problems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a specific old BIOS. This manifests as a system hang. On the affected Device + BIOS combination, add a quirk for the root port of the problematic controller to ensure that these root ports are not put into D3hot at suspend. This patch is based on https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com but with the added condition both in the documentation and in the code to apply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only the affected root ports.
2025-03-06
not yet calculated
CVE-2025-21831

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: block: don’t revert iter for -EIOCBQUEUED blkdev_read_iter() has a few odd checks, like gating the position and count adjustment on whether or not the result is bigger-than-or-equal to zero (where bigger than makes more sense), and not checking the return value of blkdev_direct_IO() before doing an iov_iter_revert(). The latter can lead to attempting to revert with a negative value, which when passed to iov_iter_revert() as an unsigned value will lead to throwing a WARN_ON() because unroll is bigger than MAX_RW_COUNT. Be sane and don’t revert for -EIOCBQUEUED, like what is done in other spots.
2025-03-06
not yet calculated
CVE-2025-21832

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE There is a WARN_ON_ONCE to catch an unlikely situation when domain_remove_dev_pasid can’t find the `pasid`. In case it nevertheless happens we must avoid using a NULL pointer.
2025-03-06
not yet calculated
CVE-2025-21833

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is a system call the default seccomp filters in docker block it as they only allow a specific set of known syscalls. This is true for other userspace applications which use seccomp to control their syscall surface. Since uretprobe is a “kernel implementation detail” system call which is not used by userspace application code directly, it is impractical and there’s very little point in forcing all userspace applications to explicitly allow it in order to avoid crashing tracked processes. Pass this systemcall through seccomp without depending on configuration. Note: uretprobe is currently only x86_64 and isn’t expected to ever be supported in i386. [kees: minimized changes for easier backporting, tweaked commit log]
2025-03-06
not yet calculated
CVE-2025-21834

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_midi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set incorrectly in these descriptors. This does not matter when the numbers of in and out ports are equal, but when they differ the host will receive broken descriptors with uninitialized stack memory leaking into the descriptor for whichever value is smaller. The precise meaning of “in” and “out” in the port counts is not clearly defined and can be confusing. But elsewhere the driver consistently uses this to match the USB meaning of IN and OUT viewed from the host, so that “in” ports send data to the host and “out” ports receive data from it.
2025-03-07
not yet calculated
CVE-2025-21835

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: reallocate buf lists on upgrade IORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it was created for legacy selected buffer and has been emptied. It violates the requirement that most of the field should stay stable after publish. Always reallocate it instead.
2025-03-07
not yet calculated
CVE-2025-21836

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: io_uring/uring_cmd: unconditionally copy SQEs at prep time This isn’t generally necessary, but conditions have been observed where SQE data is accessed from the original SQE after prep has been done and outside of the initial issue. Opcode prep handlers must ensure that any SQE related data is stable beyond the prep phase, but uring_cmd is a bit special in how it handles the SQE which makes it susceptible to reading stale data. If the application has reused the SQE before the original completes, then that can lead to data corruption. Down the line we can relax this again once uring_cmd has been sanitized a bit, and avoid unnecessarily copying the SQE.
2025-03-07
not yet calculated
CVE-2025-21837

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal device_del() can lead to new work being scheduled in gadget->work workqueue. This is observed, for example, with the dwc3 driver with the following call stack: device_del() gadget_unbind_driver() usb_gadget_disconnect_locked() dwc3_gadget_pullup() dwc3_gadget_soft_disconnect() usb_gadget_set_state() schedule_work(&gadget->work) Move flush_work() after device_del() to ensure the workqueue is cleaned up.
2025-03-07
not yet calculated
CVE-2025-21838

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move the conditional loading of hardware DR6 with the guest’s DR6 value out of the core .vcpu_run() loop to fix a bug where KVM can load hardware with a stale vcpu->arch.dr6. When the guest accesses a DR and host userspace isn’t debugging the guest, KVM disables DR interception and loads the guest’s values into hardware on VM-Enter and saves them on VM-Exit. This allows the guest to access DRs at will, e.g. so that a sequence of DR accesses to configure a breakpoint only generates one VM-Exit. For DR0-DR3, the logic/behavior is identical between VMX and SVM, and also identical between KVM_DEBUGREG_BP_ENABLED (userspace debugging the guest) and KVM_DEBUGREG_WONT_EXIT (guest using DRs), and so KVM handles loading DR0-DR3 in common code, _outside_ of the core kvm_x86_ops.vcpu_run() loop. But for DR6, the guest’s value doesn’t need to be loaded into hardware for KVM_DEBUGREG_BP_ENABLED, and SVM provides a dedicated VMCB field whereas VMX requires software to manually load the guest value, and so loading the guest’s value into DR6 is handled by {svm,vmx}_vcpu_run(), i.e. is done _inside_ the core run loop. Unfortunately, saving the guest values on VM-Exit is initiated by common x86, again outside of the core run loop. If the guest modifies DR6 (in hardware, when DR interception is disabled), and then the next VM-Exit is a fastpath VM-Exit, KVM will reload hardware DR6 with vcpu->arch.dr6 and clobber the guest’s actual value. The bug shows up primarily with nested VMX because KVM handles the VMX preemption timer in the fastpath, and the window between hardware DR6 being modified (in guest context) and DR6 being read by guest software is orders of magnitude larger in a nested setup. E.g. in non-nested, the VMX preemption timer would need to fire precisely between #DB injection and the #DB handler’s read of DR6, whereas with a KVM-on-KVM setup, the window where hardware DR6 is “dirty” extends all the way from L1 writing DR6 to VMRESUME (in L1). L1’s view: ========== <L1 disables DR interception> CPU 0/KVM-7289 [023] d…. 2925.640961: kvm_entry: vcpu 0 A: L1 Writes DR6 CPU 0/KVM-7289 [023] d…. 2925.640963: <hack>: Set DRs, DR6 = 0xffff0ff1 B: CPU 0/KVM-7289 [023] d…. 2925.640967: kvm_exit: vcpu 0 reason EXTERNAL_INTERRUPT intr_info 0x800000ec D: L1 reads DR6, arch.dr6 = 0 CPU 0/KVM-7289 [023] d…. 2925.640969: <hack>: Sync DRs, DR6 = 0xffff0ff0 CPU 0/KVM-7289 [023] d…. 2925.640976: kvm_entry: vcpu 0 L2 reads DR6, L1 disables DR interception CPU 0/KVM-7289 [023] d…. 2925.640980: kvm_exit: vcpu 0 reason DR_ACCESS info1 0x0000000000000216 CPU 0/KVM-7289 [023] d…. 2925.640983: kvm_entry: vcpu 0 CPU 0/KVM-7289 [023] d…. 2925.640983: <hack>: Set DRs, DR6 = 0xffff0ff0 L2 detects failure CPU 0/KVM-7289 [023] d…. 2925.640987: kvm_exit: vcpu 0 reason HLT L1 reads DR6 (confirms failure) CPU 0/KVM-7289 [023] d…. 2925.640990: <hack>: Sync DRs, DR6 = 0xffff0ff0 L0’s view: ========== L2 reads DR6, arch.dr6 = 0 CPU 23/KVM-5046 [001] d…. 3410.005610: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216 CPU 23/KVM-5046 [001] ….. 3410.005610: kvm_nested_vmexit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216 L2 => L1 nested VM-Exit CPU 23/KVM-5046 [001] ….. 3410.005610: kvm_nested_vmexit_inject: reason: DR_ACCESS ext_inf1: 0x0000000000000216 CPU 23/KVM-5046 [001] d…. 3410.005610: kvm_entry: vcpu 23 CPU 23/KVM-5046 [001] d…. 3410.005611: kvm_exit: vcpu 23 reason VMREAD CPU 23/KVM-5046 [001] d…. 3410.005611: kvm_entry: vcpu 23 CPU 23/KVM-5046 [001] d…. 3410. —truncated—
2025-03-07
not yet calculated
CVE-2025-21839

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: thermal/netlink: Prevent userspace segmentation fault by adjusting UAPI header The intel-lpmd tool [1], which uses the THERMAL_GENL_ATTR_CPU_CAPABILITY attribute to receive HFI events from kernel space, encounters a segmentation fault after commit 1773572863c4 (“thermal: netlink: Add the commands and the events for the thresholds”). The issue arises because the THERMAL_GENL_ATTR_CPU_CAPABILITY raw value was changed while intel_lpmd still uses the old value. Although intel_lpmd can be updated to check the THERMAL_GENL_VERSION and use the appropriate THERMAL_GENL_ATTR_CPU_CAPABILITY value, the commit itself is questionable. The commit introduced a new element in the middle of enum thermal_genl_attr, which affects many existing attributes and introduces potential risks and unnecessary maintenance burdens for userspace thermal netlink event users. Solve the issue by moving the newly introduced THERMAL_GENL_ATTR_TZ_PREV_TEMP attribute to the end of the enum thermal_genl_attr. This ensures that all existing thermal generic netlink attributes remain unaffected. [ rjw: Subject edits ]
2025-03-07
not yet calculated
CVE-2025-21840

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Fix cpufreq_policy ref counting amd_pstate_update_limits() takes a cpufreq_policy reference but doesn’t decrement the refcount in one of the exit paths, fix that.
2025-03-07
not yet calculated
CVE-2025-21841

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: amdkfd: properly free gang_ctx_bo when failed to init user queue The destructor of a gtt bo is declared as void amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device *adev, void **mem_obj); Which takes void** as the second parameter. GCC allows passing void* to the function because void* can be implicitly casted to any other types, so it can pass compiling. However, passing this void* parameter into the function’s execution process(which expects void** and dereferencing void**) will result in errors.
2025-03-07
not yet calculated
CVE-2025-21842

Linux–Linux 
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: avoid garbage value in panthor_ioctl_dev_query() ‘priorities_info’ is uninitialized, and the uninitialized value is copied to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize ‘priorities_info’ to avoid this garbage value problem.
2025-03-07
not yet calculated
CVE-2025-21843

RSUPPORT Co.,Ltd.–RemoteView Agent (for Windows) 
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command with LocalSystem privilege.
2025-03-06
not yet calculated
CVE-2025-22447

Ad Inserter–Ad Inserter 
Ad Inserter – Ad Manager and AdSense Ads 2.8.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/includes/dst/dst.php.
2025-03-06
not yet calculated
CVE-2025-22623

CollaboraOnline–online 
Collabora Online is a collaborative online office suite based on LibreOffice. Macro support is disabled by default in Collabora Online, but can be enabled by an administrator. Collabora Online typically hosts each document instance within a jail and is allowed to download content from locations controlled by the net.lok_allow configuration option, which by default include the private IP ranges to enable access to the local network. If enabled, macros were allowed run executable binaries. By combining an ability to host executables, typically in the local network, in an allowed accessible location, with a macro enabled Collabora Online, it was then possible to install arbitrary binaries within the jail and execute them. These executables are restricted to the same jail file system and user as the document instance but can be used to bypass the additional limits on what network hosts are accessible and provide more flexibility as a platform for further attempts. This is issue is fixed in 24.04.12.4, 23.05.19, 22.05.25 and later macros.
2025-03-06
not yet calculated
CVE-2025-24796

RSUPPORT Co.,Ltd.–RemoteView Agent (for Windows) 
Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command with LocalSystem privilege.
2025-03-06
not yet calculated
CVE-2025-24864

Intermesh–groupoffice 
Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100.
2025-03-06
not yet calculated
CVE-2025-25191

danielgatis–rembg 
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allow_credentials is set to True, which would allow any website to send authenticated cross site requests.
2025-03-03
not yet calculated
CVE-2025-25302

ttop32–MouseTooltipTranslator 
The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user. Because pdf.mjs is imported in viewer.html and viewer.html is accessible to all URLs, an attacker can force the user’s browser to make a request to any arbitrary URL. After discussion with maintainer, patching this issue would require disabling a major feature of the extension in exchange for a low severity vulnerability. Decision to not patch issue.
2025-03-03
not yet calculated
CVE-2025-25303

n/a–n/a 
A Cross Site Scripting (XSS) vulnerability exists in TeamPasswordManager v12.162.284 and before that could allow a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the ‘name’ parameter when creating a new password in the “My Passwords” page.
2025-03-04
not yet calculated
CVE-2025-26091

rack–rack 
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
2025-03-04
not yet calculated
CVE-2025-27111

axios–axios 
axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if ⁠baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2.
2025-03-07
not yet calculated
CVE-2025-27152

LabRedesCefetRJ–WeGIA 
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the adicionar_status_atendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the status parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.16.
2025-03-03
not yet calculated
CVE-2025-27417

LabRedesCefetRJ–WeGIA 
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the adicionar_tipo_atendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the tipo parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.16.
2025-03-03
not yet calculated
CVE-2025-27418

LabRedesCefetRJ–WeGIA 
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the atendido_parentesco_adicionar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the descricao parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability fix in 3.2.16.
2025-03-03
not yet calculated
CVE-2025-27420

OpenIdentityPlatform–OpenDJ 
OpenDJ is an LDAPv3 compliant directory service. OpenDJ prior to 4.9.3 contains a denial-of-service (DoS) vulnerability that causes the server to become unresponsive to all LDAP requests without crashing or restarting. This issue occurs when an alias loop exists in the LDAP database. If an ldapsearch request is executed with alias dereferencing set to “always” on this alias entry, the server stops responding to all future requests. Fortunately, the server can be restarted without data corruption. This vulnerability is fixed in 4.9.3.
2025-03-05
not yet calculated
CVE-2025-27497

RustCrypto–AEADs 
aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_place_detached, the decrypted ciphertext (which is the correct ciphertext) is exposed even if the tag is incorrect. This is because in decrypt_inplace in asconcore.rs, tag verification causes an error to be returned with the plaintext contents still in buffer. The vulnerability is fixed in 0.4.3.
2025-03-03
not yet calculated
CVE-2025-27498

fleetdm–fleet 
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time (JIT) provisioning is enabled, or create new accounts tied to forged assertions if f MDM enrollment is enabled. This vulnerability is fixed in 4.64.2, 4.63.2, 4.62.4, and 4.58.1.
2025-03-06
not yet calculated
CVE-2025-27509

conda-forge–conda-forge-metadata 
conda-forge-metadata provides programatic access to conda-forge’s metadata. conda-forge-metadata uses an optional dependency – “conda-oci-mirror” which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in remote code execution.
2025-03-04
not yet calculated
CVE-2025-27510

laravel–framework 
Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.
2025-03-05
not yet calculated
CVE-2025-27515

pallets–jinja 
Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja’s sandbox does catch calls to str.format and ensures they don’t escape the sandbox. However, it’s possible to use the |attr filter to get a reference to a string’s plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment’s attribute lookup. This vulnerability is fixed in 3.1.6.
2025-03-05
not yet calculated
CVE-2025-27516

livewire–volt 
Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0.
2025-03-05
not yet calculated
CVE-2025-27517

truefoundry–cognita 
Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixed in commit 75079c3d3cf376381489b9a82ee46c69024e1a15.
2025-03-07
not yet calculated
CVE-2025-27518

truefoundry–cognita 
Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setup using Docker. Because the docker environment sets up the backend uvicorn server with auto reload enabled, when an attacker overwrites the /app/backend/__init__.py file, the file will automatically be reloaded and executed. This allows an attacker to get remote code execution in the context of the Docker container. This vulnerability is fixed in commit a78bd065e05a1b30a53a3386cc02e08c317d2243.
2025-03-07
not yet calculated
CVE-2025-27519

intlify–vue-i18n 
Vue I18n is the internationalization plugin for Vue.js. @intlify/message-resolver and @intlify/vue-i18n-core are vulnerable to Prototype Pollution through the entry function: handleFlatJson. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service (DoS) a the minimum consequence. Moreover, the consequences of this vulnerability can escalate to other injection-based attacks, depending on how the library integrates within the application. For instance, if the polluted property propagates to sensitive Node.js APIs (e.g., exec, eval), it could enable an attacker to execute arbitrary commands within the application’s context.
2025-03-07
not yet calculated
CVE-2025-27597

labring–FastGPT 
FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intranet. This issue is fixed in 4.9.0.
2025-03-06
not yet calculated
CVE-2025-27600

Apache Software Foundation–Apache Camel 
Bypass/Injection vulnerability in Apache Camel-Bean component under particular conditions. This issue affects Apache Camel: from 4.10.0 through <= 4.10.1, from 4.8.0 through <= 4.8.4, from 3.10.0 through <= 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is only present in the following situation. The user is using one of the following HTTP Servers via one the of the following Camel components * camel-servlet * camel-jetty * camel-undertow * camel-platform-http * camel-netty-http and in the route, the exchange will be routed to a camel-bean producer. So ONLY camel-bean component is affected. In particular:  * The bean invocation (is only affected if you use any of the above together with camel-bean component). * The bean that can be called, has more than 1 method implemented. In these conditions an attacker could be able to forge a Camel header name and make the bean component invoking other methods in the same bean. The vulnerability arises due to a bug in the default filtering mechanism that only blocks headers starting with “Camel”, “camel”, or “org.apache.camel.”.  Mitigation: You can easily work around this in your Camel applications by removing the headers in your Camel routes. There are many ways of doing this, also globally or per route. This means you could use the removeHeaders EIP, to filter out anything like “cAmel, cAMEL” etc, or in general everything not starting with “Camel”, “camel” or “org.apache.camel.”.
2025-03-09
not yet calculated
CVE-2025-27636

Back to topBulletinsRead More