High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| 0xPolygonZero–plonky2 |
Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floor(num_routed_wires / 3) always include the 0 -> 0 input-output pair. Thus a malicious prover can always prove that f(0) = 0 for any lookup table f (unless its length happens to be divisible by 26). The cause of problem is that the LookupTableGate-s are padded with zeros. A workaround from the user side is to extend the table (by repeating some entries) so that its length becomes divisible by 26. This vulnerability is fixed in 1.0.1. | 2025-01-30 | 8.6 | CVE-2025-24802 |
| 1000 Projects–Employee Task Management System |
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 7.3 | CVE-2025-0846 |
| 1000 Projects–Employee Task Management System |
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 7.3 | CVE-2025-0847 |
| aakashbhagat — single_user_chat |
The Single-user-chat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the ‘single_user_chat_update_login’ function in all versions up to, and including, 0.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to update option values to ‘login’ on the WordPress site. This may be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration. | 2025-01-30 | 8.1 | CVE-2024-13646 |
| ABB–FLXEON |
Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older. | 2025-01-27 | 10 | CVE-2024-48841 |
| ABB–FLXEON |
Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficient to prevent unauthorized HTTPS requests. This issue affects FLXEON: through <= 9.3.4. | 2025-01-29 | 9.4 | CVE-2024-48849 |
| ABB–FLXEON |
Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through <= 9.3.4. | 2025-01-29 | 9.4 | CVE-2024-48852 |
| Acronis–Acronis Cyber Protect Cloud Agent |
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | 2025-01-31 | 7 | CVE-2025-24830 |
| Akamai–Enterprise Application Access |
An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant’s 128-bit connector GUID, they can execute debug commands on that connector. | 2025-01-29 | 8 | CVE-2025-24527 |
| Alessandro Piconi – SabLab–Internal Link Builder |
Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi – SabLab Internal Link Builder allows Cross Site Request Forgery. This issue affects Internal Link Builder: from n/a through 1.0. | 2025-01-31 | 7.1 | CVE-2025-23989 |
| AlgolPlus–Advanced Dynamic Pricing for WooCommerce |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce allows Reflected XSS. This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through 4.9.0. | 2025-01-31 | 7.1 | CVE-2025-24632 |
| Alpine–Halo9 |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the PBAP_DecodeVCARD function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. | 2025-01-31 | 8.8 | CVE-2024-23963 |
| Alpine–Halo9 |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. | 2025-01-31 | 7.5 | CVE-2024-23962 |
| anssilaitila–Shared Files Frontend File Upload Form & Secure File Sharing |
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the dfxp file. This issue affects only Apache-based environments, where dfxp files are handled by default. | 2025-01-31 | 7.2 | CVE-2024-13504 |
| apple — ipados |
The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user’s Apple Account. | 2025-01-27 | 9.1 | CVE-2024-54512 |
| apple — ipados |
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | 2025-01-27 | 7.8 | CVE-2024-54517 |
| apple — ipados |
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | 2025-01-27 | 7.8 | CVE-2024-54522 |
| apple — ipados |
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2. | 2025-01-27 | 7.8 | CVE-2025-24085 |
| apple — ipados |
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3 and iPadOS 18.3. A malicious app may be able to gain root privileges. | 2025-01-27 | 7.8 | CVE-2025-24107 |
| apple — ipados |
A type confusion issue was addressed with improved checks. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected app termination. | 2025-01-27 | 7.5 | CVE-2025-24129 |
| apple — ipados |
A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service. | 2025-01-27 | 7.5 | CVE-2025-24177 |
| apple — macos |
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory. | 2025-01-27 | 7.8 | CVE-2024-54509 |
| apple — macos |
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the file system. | 2025-01-27 | 7.5 | CVE-2024-54557 |
| apple — macos |
This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An attacker may be able to cause unexpected app termination. | 2025-01-27 | 7.5 | CVE-2025-24120 |
| apple — macos |
An integer overflow was addressed through improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to elevate privileges. | 2025-01-27 | 7.8 | CVE-2025-24156 |
| apple — safari |
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption. | 2025-01-27 | 8.8 | CVE-2024-54543 |
| apple — safari |
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection. | 2025-01-27 | 8.8 | CVE-2025-24150 |
| apple — safari |
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.3, Safari 18.3. A malicious app may be able to bypass browser extension authentication. | 2025-01-27 | 7.5 | CVE-2025-24169 |
| Apple–GarageBand |
The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may lead to arbitrary code execution. | 2025-01-30 | 7.8 | CVE-2024-44142 |
| Apple–macOS |
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3. An app may be able to access removable volumes without user consent. | 2025-01-27 | 9.8 | CVE-2025-24093 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to determine a user’s current location. | 2025-01-27 | 9.8 | CVE-2025-24102 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 9.8 | CVE-2025-24106 |
| Apple–macOS |
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data. | 2025-01-27 | 9.8 | CVE-2025-24109 |
| Apple–macOS |
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory. | 2025-01-27 | 9.8 | CVE-2025-24118 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 9.8 | CVE-2025-24123 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 9.8 | CVE-2025-24124 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system. | 2025-01-27 | 9.8 | CVE-2025-24130 |
| Apple–macOS |
This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia 15.3. An app may be able to gain elevated privileges. | 2025-01-27 | 9.8 | CVE-2025-24135 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a maliciously crafted file may lead to an unexpected app termination. | 2025-01-27 | 9.8 | CVE-2025-24139 |
| Apple–macOS |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Deleting a conversation in Messages may expose user contact information in system logging. | 2025-01-27 | 9.8 | CVE-2025-24146 |
| Apple–macOS |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or corrupt kernel memory. | 2025-01-27 | 9.8 | CVE-2025-24151 |
| Apple–macOS |
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory. | 2025-01-27 | 9.8 | CVE-2025-24154 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 9.8 | CVE-2025-24163 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences. | 2025-01-27 | 9.8 | CVE-2025-24174 |
| Apple–macOS |
A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution. | 2025-01-27 | 8 | CVE-2025-24137 |
| Apple–macOS |
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to read and write files outside of its sandbox. | 2025-01-27 | 7.1 | CVE-2024-54537 |
| Apple–macOS |
An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2. Private Browsing tabs may be accessed without authentication. | 2025-01-27 | 7.5 | CVE-2024-54542 |
| Apple–macOS |
A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges. | 2025-01-27 | 7.8 | CVE-2025-24159 |
| Apple–macOS |
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges. | 2025-01-27 | 7.1 | CVE-2025-24176 |
| Apple–tvOS |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox. | 2025-01-27 | 8.2 | CVE-2024-54468 |
| Apple–tvOS |
A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing a maliciously crafted image may lead to arbitrary code execution. | 2025-01-27 | 8.1 | CVE-2024-54499 |
| Apple–visionOS |
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 and iPadOS 18.2. Password autofill may fill in passwords after failing authentication. | 2025-01-27 | 9.1 | CVE-2024-54530 |
| Apple–visionOS |
An input validation issue was addressed. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker on the local network may be able to cause unexpected system termination or corrupt process memory. | 2025-01-27 | 9.8 | CVE-2025-24126 |
| Apple–visionOS |
This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash. | 2025-01-27 | 9.8 | CVE-2025-24162 |
| Aridius–XYZ |
A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the function loadMore of the component News. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | 2025-01-29 | 7.3 | CVE-2025-0841 |
| artbees–Jupiter X Core |
The Jupiter X Core plugin for WordPress is vulnerable to Local File Inclusion to Remote Code Execution in all versions up to, and including, 4.8.7 via the get_svg() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. In this specific case, an attacker can create a form that allows SVG uploads, upload an SVG file with malicious content and then include the SVG file in a post to achieve remote code execution. This means it is relatively easy to gain remote code execution as a contributor-level user and above by default. | 2025-02-01 | 8.8 | CVE-2025-0366 |
| Awesome TOGI–Awesome Event Booking |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Awesome TOGI Awesome Event Booking allows Reflected XSS. This issue affects Awesome Event Booking: from n/a through 2.7.1. | 2025-01-31 | 7.1 | CVE-2025-24560 |
| AWS–DeepJavaLibrary |
A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations. | 2025-01-29 | 9.8 | CVE-2025-0851 |
| Bhaskar Dhote–Post Carousel Slider |
Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Post Carousel Slider allows Stored XSS. This issue affects Post Carousel Slider: from n/a through 2.0.1. | 2025-01-31 | 7.1 | CVE-2025-23977 |
| Bryan Shanaver @ fiftyandfifty.org–CloudFlare(R) Cache Purge |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Bryan Shanaver @ fiftyandfifty.org CloudFlare(R) Cache Purge allows Reflected XSS. This issue affects CloudFlare(R) Cache Purge: from n/a through 1.2. | 2025-01-31 | 7.1 | CVE-2025-22332 |
| Cacti–cacti |
Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used as a key in an array that is used as part of a system command, causing a command execution vulnerability. This vulnerability is fixed in 1.2.29. | 2025-01-27 | 9.1 | CVE-2025-22604 |
| Cacti–cacti |
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29. | 2025-01-27 | 7.6 | CVE-2024-54146 |
| Canon Inc.–Satera MF656Cdw |
Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. | 2025-01-28 | 9.8 | CVE-2024-12647 |
| Canon Inc.–Satera MF656Cdw |
Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. | 2025-01-28 | 9.8 | CVE-2024-12648 |
| Canon Inc.–Satera MF656Cdw |
Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. | 2025-01-28 | 9.8 | CVE-2024-12649 |
| ChargePoint–Home Flex |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the onboardee module. The issue results from improper access control. An attacker can leverage this vulnerability to execute code in the context of root. | 2025-01-31 | 8.8 | CVE-2024-23920 |
| ChargePoint–Home Flex |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanapp module. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. | 2025-01-31 | 8.8 | CVE-2024-23921 |
| ChargePoint–Home Flex |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. | 2025-01-31 | 8.8 | CVE-2024-23968 |
| ChargePoint–Home Flex |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. | 2025-01-31 | 8.8 | CVE-2024-23969 |
| ChargePoint–Home Flex |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. | 2025-01-31 | 8.8 | CVE-2024-23971 |
| Clodeo–Shipdeo |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Clodeo Shipdeo allows Reflected XSS. This issue affects Shipdeo: from n/a through 1.2.8. | 2025-01-27 | 7.1 | CVE-2025-23457 |
| Cloudflare–octorpki |
When copying files with rsync, octorpki uses the “-a” flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service ) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation. | 2025-01-29 | 7.5 | CVE-2021-3978 |
| CodePeople–Music Store |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CodePeople Music Store allows Reflected XSS. This issue affects Music Store: from n/a through 1.1.19. | 2025-01-27 | 7.1 | CVE-2025-24626 |
| CodeSolz–Better Find and Replace |
Missing Authorization vulnerability in CodeSolz Better Find and Replace allows Privilege Escalation. This issue affects Better Find and Replace: from n/a through 1.6.7. | 2025-01-27 | 8.8 | CVE-2025-24734 |
| Codezips–Gym Management System |
A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/submit_plan_new.php. The manipulation of the argument planid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-01-29 | 7.3 | CVE-2025-0803 |
| Contec Health–CMS8000 Patient Monitor |
Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution. | 2025-01-30 | 9.8 | CVE-2024-12248 |
| Contec Health–CMS8000 Patient Monitor |
Contec Health CMS8000 Patient Monitor sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so. This could serve as a backdoor and lead to a malicious actor being able to upload and overwrite files on the device. | 2025-01-30 | 7.5 | CVE-2025-0626 |
| CRM Perks–WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Reflected XSS. This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.6. | 2025-01-27 | 7.1 | CVE-2025-24708 |
| dani-garcia–vaultwarden |
vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Attacker can obtain owner rights of other organization. Hacker should know the ID of victim organization (in real case the user can be a part of the organization as an unprivileged user) and be the owner/admin of other organization (by default you can create your own organization) in order to attack. This vulnerability is fixed in 1.33.0. | 2025-01-27 | 8.1 | CVE-2025-24365 |
| dani-garcia–vaultwarden |
vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjust the settings in such a way that it would use a shell command. It then also needed to craft a special favicon image which would have the commands embedded to run during for example sending a test email. This vulnerability is fixed in 1.33.0. | 2025-01-27 | 7.2 | CVE-2025-24364 |
| David F. Carr–RSVPMaker Volunteer Roles |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in David F. Carr RSVPMaker Volunteer Roles allows Reflected XSS. This issue affects RSVPMaker Volunteer Roles: from n/a through 1.5.1. | 2025-01-27 | 7.1 | CVE-2025-23531 |
| Dell–Enterprise SONiC OS |
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. | 2025-01-30 | 8 | CVE-2025-23374 |
| Dell–NetWorker |
Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | 2025-01-30 | 7.8 | CVE-2025-21107 |
| Dell–PowerProtect DD |
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service. | 2025-02-01 | 7.1 | CVE-2024-51534 |
| Dell–PowerProtect DD |
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege. | 2025-02-01 | 7.8 | CVE-2024-53295 |
| DeluxeThemes–Media Manager for UserPro |
The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the add_capto_img() function in all versions up to, and including, 3.11.0. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | 2025-01-30 | 9.8 | CVE-2024-12822 |
| DeluxeThemes–Media Manager for UserPro |
The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the upm_upload_media() function in all versions up to, and including, 3.12.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | 2025-01-30 | 8.8 | CVE-2024-12821 |
| DumbWareio–DumbDrop |
Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it’s possible to inject malicious payloads into files ran on schedule or upon certain service actions. As the service is not required to run with authentication enabled, this may permit wholly unprivileged users root access. Otherwise, anybody with a PIN. | 2025-01-31 | 9.6 | CVE-2025-24891 |
| elextensions–ELEX WordPress HelpDesk & Customer Ticketing System |
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the ‘eh_crm_agent_add_user’ AJAX action in all versions up to, and including, 3.2.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new administrative user accounts. | 2025-02-01 | 8.8 | CVE-2024-12171 |
| EmbedAI–EmbedAI |
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription’s information of others users by changing the “SUSCBRIPTION_ID” param of the endpoint “/demos/embedai/subscriptions/show/ |
2025-01-30 | 8.6 | CVE-2025-0739 |
| EmbedAI–EmbedAI |
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain chat messages belonging to other users by changing the “CHAT_ID” of the endpoint “/embedai/chats/load_messages?chat_id= |
2025-01-30 | 8.6 | CVE-2025-0740 |
| EmbedAI–EmbedAI |
A Stored Cross-Site Scripting vulnerability has been found in EmbedAI. This vulnerability allows an authenticated attacker to inject a malicious JavaScript code into a message that will be executed when a user opens the chat. | 2025-01-30 | 8.6 | CVE-2025-0747 |
| EmbedAI–EmbedAI |
an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker change his subscription plan without paying by making a POST request changing the parameters of the “/demos/embedai/pmt_cash_on_delivery/pay” endpoint. | 2025-01-30 | 7.5 | CVE-2025-0744 |
| EmbedAI–EmbedAI |
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the “/embedai/app/uploads/database/ |
2025-01-30 | 7.5 | CVE-2025-0745 |
| Emili Castells–DPortfolio |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Emili Castells DPortfolio allows Reflected XSS. This issue affects DPortfolio: from n/a through 2.0. | 2025-01-31 | 7.1 | CVE-2025-24534 |
| Emote Interactive–Remote Mouse Server |
Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS commands over theproduct’s custom control protocol. A Metasploit module was written and tested against version 4.110, the current version when this CVE was reserved. | 2025-01-28 | 9.8 | CVE-2022-3365 |
| Eniture Technology–LTL Freight Quotes Worldwide Express Edition |
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Eniture Technology LTL Freight Quotes – Worldwide Express Edition allows SQL Injection. This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.0.20. | 2025-01-27 | 9.3 | CVE-2025-24664 |
| Eniture Technology–Small Package Quotes Unishippers Edition |
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Eniture Technology Small Package Quotes – Unishippers Edition allows SQL Injection. This issue affects Small Package Quotes – Unishippers Edition: from n/a through 2.4.8. | 2025-01-27 | 9.3 | CVE-2025-24665 |
| Eniture Technology–Small Package Quotes Worldwide Express Edition |
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Eniture Technology Small Package Quotes – Worldwide Express Edition allows SQL Injection. This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through 5.2.17. | 2025-01-27 | 9.3 | CVE-2025-24667 |
| Faaiq–Pretty Url |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Faaiq Pretty Url allows Reflected XSS. This issue affects Pretty Url: from n/a through 1.5.4. | 2025-01-31 | 7.1 | CVE-2025-22564 |
| Fabio Savina–WP OpenSearch |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Fabio Savina WP OpenSearch allows Stored XSS. This issue affects WP OpenSearch: from n/a through 1.0. | 2025-01-31 | 7.1 | CVE-2025-23671 |
| FlightGear–SimGear |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. | 2025-01-28 | 8.6 | CVE-2025-0781 |
| GFI–Kerio Control |
An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and /nonauth/guestConfirm.cs and /nonauth/expiration.cs pages is not properly sanitized before being used to generate a Location HTTP header in a 302 HTTP response. This can be exploited to perform Open Redirect or HTTP Response Splitting attacks, which in turn lead to Reflected Cross-Site Scripting (XSS). Remote command execution can be achieved by leveraging the upgrade feature in the admin interface. | 2025-01-31 | 8.8 | CVE-2024-52875 |
| github.com/golang/glog–github.com/golang/glog |
When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process’s log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists. | 2025-01-28 | 7.1 | CVE-2024-45339 |
| Go standard library–crypto/x509 |
Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed. | 2025-01-28 | 7.5 | CVE-2025-22865 |
| Go toolchain–cmd/go |
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file. | 2025-01-28 | 8.8 | CVE-2024-45340 |
| Google–Android |
In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.8 | CVE-2018-9373 |
| Google–Android |
In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-34732 |
| Google–Android |
In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-34733 |
| Google–Android |
In _DevmemXReservationPageAddress of devicemem_server.c, there is a possible use-after-free due to improper casting. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-34748 |
| Google–Android |
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-40649 |
| Google–Android |
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-40651 |
| Google–Android |
In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-40669 |
| Google–Android |
In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-40670 |
| Google–Android |
In onCreate of ChooserActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-40672 |
| Google–Android |
In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2025-01-28 | 8.4 | CVE-2024-40677 |
| Google–Chrome |
Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) | 2025-01-29 | 8.8 | CVE-2025-0762 |
| IBM–Security Verify Directory |
IBM Security Verify Directory 10.0 through 10.0.3 is vulnerable to a denial of service when sending an LDAP extended operation. | 2025-01-31 | 7.5 | CVE-2024-45650 |
| icontrolwp — icontrolwp |
The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.5 via deserialization of untrusted input from the reqpars parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. | 2025-01-30 | 9.8 | CVE-2024-13742 |
| Imagination Technologies–Graphics DDK |
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. | 2025-01-31 | 9.8 | CVE-2024-47891 |
| Imagination Technologies–Graphics DDK |
Software installed and run as a non-privileged user may conduct improper read/write operations on imported/exported DMA buffers. | 2025-01-31 | 7.8 | CVE-2024-46974 |
| Imagination Technologies–Graphics DDK |
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. | 2025-01-31 | 7.8 | CVE-2024-47898 |
| Imagination Technologies–Graphics DDK |
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. | 2025-01-31 | 7.8 | CVE-2024-47899 |
| Imagination Technologies–Graphics DDK |
Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory. | 2025-01-31 | 7.8 | CVE-2024-47900 |
| ISC–BIND 9 |
It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1. | 2025-01-29 | 7.5 | CVE-2024-11187 |
| ISC–BIND 9 |
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver’s CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1. | 2025-01-29 | 7.5 | CVE-2024-12705 |
| Ivan Chernyakov–LawPress Law Firm Website Management |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Ivan Chernyakov LawPress – Law Firm Website Management allows Reflected XSS. This issue affects LawPress – Law Firm Website Management: from n/a through 1.4.5. | 2025-01-27 | 7.1 | CVE-2025-23756 |
| ivanm — wp_image_uploader |
The WP Image Uploader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the gky_image_uploader_main_function() function. This makes it possible for unauthenticated attackers to delete arbitrary files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-01-30 | 8.8 | CVE-2024-13707 |
| ivanm — wp_image_uploader |
The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the gky_image_uploader_main_function() function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | 2025-01-30 | 8.8 | CVE-2024-13720 |
| jablonczay–Scroll Styler |
Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler. This issue affects Scroll Styler: from n/a through 1.1. | 2025-01-31 | 7.1 | CVE-2025-23990 |
| James Andrews–Full Circle |
Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle allows Stored XSS. This issue affects Full Circle: from n/a through 0.5.7.8. | 2025-01-31 | 7.1 | CVE-2025-23980 |
| JetBrains–ReSharper |
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible | 2025-01-28 | 7.8 | CVE-2025-23385 |
| jiangweifang–Live2DWebCanvas |
The Live2DWebCanvas plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ClearFiles() function in all versions up to, and including, 1.9.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | 2025-01-31 | 8.1 | CVE-2024-13767 |
| Jonathan Lau–CubePM |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jonathan Lau CubePM allows Reflected XSS. This issue affects CubePM: from n/a through 1.0. | 2025-01-27 | 7.1 | CVE-2025-23574 |
| jyothisjoy — eventer |
The Eventer plugin for WordPress is vulnerable to SQL Injection via the ‘event’ parameter in the ‘eventer_get_attendees’ function in all versions up to, and including, 3.9.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | 2025-01-28 | 7.5 | CVE-2024-11135 |
| kpgraham–Link Fixer |
The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-31 | 7.2 | CVE-2025-0809 |
| leduchuy89vn–Affiliate Tools Vit Nam |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in leduchuy89vn Affiliate Tools Việt Nam allows Reflected XSS. This issue affects Affiliate Tools Việt Nam: from n/a through 0.3.17. | 2025-01-31 | 7.1 | CVE-2025-23759 |
| Lewe–TeamCal Neo |
SQL injection vulnerability in TeamCal Neo, version 3.8.2. This could allow an attacker to retrieve, update and delete all database information by injecting a malicious SQL statement via the ‘abs’ parameter in ‘/teamcal/src/index.php’. | 2025-01-31 | 9.8 | CVE-2025-0929 |
| Mahbubur Rahman–Post Meta |
Cross-Site Request Forgery (CSRF) vulnerability in Mahbubur Rahman Post Meta allows Reflected XSS. This issue affects Post Meta: from n/a through 1.0.9. | 2025-01-31 | 7.1 | CVE-2025-24549 |
| makewebbetter–MWB HubSpot for WooCommerce CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics |
The MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hubwoo_save_updates() function in all versions up to, and including, 1.5.9. This makes it possible for authenticated attackers, with Contributor-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | 2025-01-30 | 8.8 | CVE-2024-10591 |
| ManageEngine–Applications Manager |
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function. | 2025-01-29 | 8.1 | CVE-2024-41140 |
| Marcel Pol–Gwolle Guestbook |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Marcel Pol Gwolle Guestbook allows Reflected XSS. This issue affects Gwolle Guestbook: from n/a through 4.7.1. | 2025-01-31 | 7.1 | CVE-2025-24710 |
| Marian Kanev–Cab fare calculator |
Missing Authorization vulnerability in Marian Kanev Cab fare calculator allows Stored XSS. This issue affects Cab fare calculator: from n/a through 1.1. | 2025-01-27 | 7.1 | CVE-2025-23982 |
| Metagauss User Registration Forms–RegistrationMagic |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Metagauss User Registration Forms RegistrationMagic allows Reflected XSS. This issue affects RegistrationMagic: from n/a through 6.0.3.3. | 2025-01-31 | 7.1 | CVE-2025-24686 |
| Microsoft–Azure AI Face Service |
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network. | 2025-01-29 | 9.9 | CVE-2025-21415 |
| Microsoft–Microsoft Account |
Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network. | 2025-01-29 | 7.5 | CVE-2025-21396 |
| MicroWorld–eScan Antivirus |
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-01-29 | 8.1 | CVE-2025-0798 |
| Milan Petrovic–GD Mail Queue |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Milan Petrovic GD Mail Queue allows Reflected XSS. This issue affects GD Mail Queue: from n/a through 4.3. | 2025-01-31 | 7.1 | CVE-2025-24608 |
| Mohammad Hossein Aghanabi–Hide Login+ |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Mohammad Hossein Aghanabi Hide Login+ allows Reflected XSS. This issue affects Hide Login+: from n/a through 3.5.1. | 2025-01-31 | 7.1 | CVE-2025-22341 |
| moreconvert–WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features) |
The WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.8.7 via the download_pdf_file() function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to extract data from wishlists that they should not have access to. | 2025-01-30 | 7.5 | CVE-2024-13694 |
| MORKVA–Morkva UA Shipping |
Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP Local File Inclusion. This issue affects Morkva UA Shipping: from n/a through 1.0.18. | 2025-01-27 | 8.1 | CVE-2025-24685 |
| MORKVA–Shipping for Nova Poshta |
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in MORKVA Shipping for Nova Poshta allows SQL Injection. This issue affects Shipping for Nova Poshta: from n/a through 1.19.6. | 2025-01-27 | 9.3 | CVE-2025-24612 |
| Moxa–PT-7728 Series |
Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack. This vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. Attackers could potentially disrupt operations by shutting down the affected systems. Due to the critical nature of this security risk, we strongly recommend taking immediate action to prevent its potential exploitation. | 2025-01-29 | 7.5 | CVE-2024-7695 |
| mySCADA–myPRO Manager |
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system. | 2025-01-29 | 9.8 | CVE-2025-20014 |
| mySCADA–myPRO Manager |
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system. | 2025-01-29 | 9.8 | CVE-2025-20061 |
| n/a–n/a |
An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file. | 2025-01-27 | 9.8 | CVE-2024-57052 |
| n/a–n/a |
Password Vulnerability in Safety production process management system v1.0 allows a remote attacker to escalate privileges, execute arbitrary code and obtain sensitive information via the password and account number parameters. | 2025-01-29 | 9.8 | CVE-2024-57395 |
| n/a–n/a |
CMSimple 5.16 allows the user to edit log.php file via print page. | 2025-01-27 | 9.1 | CVE-2024-57548 |
| n/a–n/a |
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface “ntp_sync.cgi”,which allows remote attackers to execute arbitrary commands via parameter “ntp_server” passed to the “ntp_sync.cgi” binary through a POST request. | 2025-01-27 | 9.8 | CVE-2024-57590 |
| n/a–n/a |
DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface apc_client_pin.cgi, which allows remote attackers to execute arbitrary commands via the parameter “wps_pin” passed to the apc_client_pin.cgi binary through a POST request. | 2025-01-27 | 9.8 | CVE-2024-57595 |
| n/a–n/a |
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding. | 2025-01-27 | 8.8 | CVE-2024-48416 |
| n/a–n/a |
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands. | 2025-01-27 | 8.8 | CVE-2024-48418 |
| n/a–n/a |
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access to the web interface to inject and execute arbitrary shell commands, with “root” privileges. | 2025-01-27 | 8.8 | CVE-2024-48419 |
| n/a–n/a |
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic. | 2025-01-27 | 8.8 | CVE-2024-48420 |
| n/a–n/a |
Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection. | 2025-01-29 | 8.8 | CVE-2024-54851 |
| n/a–n/a |
An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service’s methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol’s submitQuery method over an unauthorized XPC connection. | 2025-01-28 | 8.8 | CVE-2024-55968 |
| n/a–n/a |
Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to execute arbitrary cod and obtain sensitive information. | 2025-01-27 | 8.1 | CVE-2024-57373 |
| n/a–n/a |
Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to 3.17B901C allows unauthenticated users to execute remote code execution. | 2025-01-28 | 8.8 | CVE-2024-57376 |
| n/a–n/a |
The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remote attackers to reach the administration panel and discover hostname and version information by sending an arbitrary username and a blank password to the /WmAdmin/#/login/ URI. | 2025-01-29 | 7.5 | CVE-2024-23733 |
| n/a–n/a |
AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the source code. Attackers may use these keys to access the backend API or other sensitive information. | 2025-01-28 | 7.5 | CVE-2024-48310 |
| n/a–n/a |
In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 requests on TCP port 9675 or 7547. Rebooting does not resolve the permanent Denial of Service. | 2025-01-27 | 7.5 | CVE-2024-56316 |
| n/a–n/a |
Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim’s browser. After a user logs in, they are authenticated and the session identifier is valid. Then, a remote attacker can access the victim’s web panel with the same session identifier. | 2025-01-28 | 7.5 | CVE-2024-56529 |
| n/a–n/a |
In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges, enabling attackers to escalate privileges by replacing or placing a malicious executable in the service path. | 2025-01-27 | 7.3 | CVE-2024-57276 |
| n/a–n/a |
RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allow attackers to impersonate Admin users via using a crafted cookie. | 2025-01-29 | 7.2 | CVE-2024-57436 |
| n/a–n/a |
Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_File::ParseStream and related functions. | 2025-01-29 | 7.8 | CVE-2024-57509 |
| n/a–n/a |
An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the ogs_dbi_auth_info function in lib/dbi/subscription.c file. | 2025-01-28 | 7.5 | CVE-2024-57519 |
| n/a–n/a |
An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function. | 2025-01-27 | 7.5 | CVE-2024-57546 |
| n/a–n/a |
Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files. | 2025-01-27 | 7.5 | CVE-2024-57547 |
| n/a–n/a |
CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request. | 2025-01-27 | 7.5 | CVE-2024-57549 |
| N/A–VMware AVI Load Balancer |
Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. A malicious user with network access may be able to use specially crafted SQL queries to gain database access. | 2025-01-28 | 8.6 | CVE-2025-22217 |
| needyamin–Library Card System |
A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This issue affects some unknown processing of the file admin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-01-29 | 7.3 | CVE-2025-0842 |
| needyamin–Library Card System |
A vulnerability was found in needyamin Library Card System 1.0. It has been classified as critical. Affected is an unknown function of the file admindashboard.php of the component Admin Panel. The manipulation of the argument email/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-01-29 | 7.3 | CVE-2025-0843 |
| New Rock Technologies–OM500 IP-PBX |
Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud. | 2025-01-30 | 9.8 | CVE-2025-0680 |
| NI–Vision Development Module |
Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file. | 2025-01-27 | 7.8 | CVE-2024-12740 |
| Ninos Ego–FlashCounter |
Cross-Site Request Forgery (CSRF) vulnerability in Ninos Ego FlashCounter allows Stored XSS. This issue affects FlashCounter: from n/a through 1.1.8. | 2025-01-31 | 7.1 | CVE-2025-23978 |
| NotFound–CGD Arrange Terms |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound CGD Arrange Terms allows Reflected XSS. This issue affects CGD Arrange Terms: from n/a through 1.1.3. | 2025-01-27 | 7.1 | CVE-2025-23752 |
| NotFound–Simple Locator |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Simple Locator allows Reflected XSS. This issue affects Simple Locator: from n/a through 2.0.4. | 2025-01-27 | 7.1 | CVE-2025-22513 |
| Notifikacie.sk–Notifikcie.sk |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Notifikacie.sk Notifikácie.sk allows Reflected XSS. This issue affects Notifikácie.sk: from n/a through 1.0. | 2025-01-31 | 7.1 | CVE-2025-23596 |
| NVIDIA–NVIDIA Container Toolkit |
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | 2025-01-28 | 7.6 | CVE-2024-0135 |
| NVIDIA–NVIDIA Container Toolkit |
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | 2025-01-28 | 7.6 | CVE-2024-0136 |
| NVIDIA–NVIDIA GPU Display Driver, vGPU software |
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering. | 2025-01-28 | 7.1 | CVE-2024-0150 |
| NVIDIA–NVIDIA vGPU software |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering. | 2025-01-28 | 7.8 | CVE-2024-0146 |
| OneTeamSoftware–Radio Buttons and Swatches for WooCommerce |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in OneTeamSoftware Radio Buttons and Swatches for WooCommerce allows Reflected XSS. This issue affects Radio Buttons and Swatches for WooCommerce: from n/a through 1.1.20. | 2025-01-31 | 7.1 | CVE-2025-24551 |
| Overt Software Solutions LTD–EZPZ SAML SP Single Sign On (SSO) |
Cross-Site Request Forgery (CSRF) vulnerability in Overt Software Solutions LTD EZPZ SAML SP Single Sign On (SSO) allows Cross Site Request Forgery. This issue affects EZPZ SAML SP Single Sign On (SSO): from n/a through 1.2.5. | 2025-01-31 | 7.1 | CVE-2025-24749 |
| partitionnumerique — music_sheet_viewer |
The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the read_score_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. | 2025-01-30 | 7.5 | CVE-2024-13671 |
| Paytm–Paytm Payment Donation |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Paytm Paytm Payment Donation allows Reflected XSS. This issue affects Paytm Payment Donation: from n/a through 2.3.1. | 2025-01-31 | 7.1 | CVE-2025-24635 |
| Pdfcrowd–Save as PDF plugin by Pdfcrowd |
Deserialization of Untrusted Data vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Object Injection. This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 4.4.0. | 2025-01-27 | 9.8 | CVE-2025-24671 |
| Pedro Marcelo–Issuu Panel |
Cross-Site Request Forgery (CSRF) vulnerability in Pedro Marcelo Issuu Panel allows Stored XSS. This issue affects Issuu Panel: from n/a through 2.1.1. | 2025-01-31 | 7.1 | CVE-2025-23976 |
| Pioneer–DMH-WT7600NEX |
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telematics functionality, which operates over HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. | 2025-01-31 | 8.1 | CVE-2024-23928 |
| Pioneer–DMH-WT7600NEX |
This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the telematics functionality. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. | 2025-01-31 | 8 | CVE-2024-23929 |
| PortOne–PORTONE |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in PortOne PORTONE 우커머스 ê²°ì œ allows Reflected XSS. This issue affects PORTONE 우커머스 ê²°ì œ: from n/a through 3.2.4. | 2025-01-31 | 7.1 | CVE-2025-24609 |
| pwncollege–dojo |
pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom (unprivileged) dojo pages causes ability for users to create stored XSS. | 2025-01-30 | 7.6 | CVE-2025-24885 |
| pwncollege–dojo |
pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users (admin not required) to perform an LFI from the CTFd container. When a user clones or updates repositories, a check is performed to see if the repository had contained any symlinks. A malicious user could craft a repository with symlinks pointed to sensitive files and then retrieve them using the CTFd website. | 2025-01-30 | 7.7 | CVE-2025-24886 |
| Red Hat–Red Hat Advanced Cluster Security 3 |
A flaw was found in the Red Hat Advanced Cluster Security (RHACS) portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/* endpoints, the front-end generates a DOM table-element (id=”pdf-table”). This information is then populated with unsanitized data using innerHTML. An attacker with some control over the data rendered can trigger a cross-site scripting (XSS) vulnerability. | 2025-01-27 | 8.9 | CVE-2022-4975 |
| Red Hat–Red Hat OpenShift GitOps |
A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied. | 2025-01-28 | 8.2 | CVE-2024-13484 |
| Royal-Flush–Royal Core |
The Royal Core plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ‘royal_restore_backup’ function in all versions up to, and including, 2.9.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | 2025-01-30 | 8.8 | CVE-2024-12129 |
| Silicon Labs–Gecko OS |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP GET requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. | 2025-01-31 | 8.8 | CVE-2024-23973 |
| Silicon Labs–Gecko OS |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the http_download command. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. | 2025-01-31 | 7.5 | CVE-2024-24731 |
| SKT Themes–SKT Donation |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in SKT Themes SKT Donation allows Reflected XSS. This issue affects SKT Donation: from n/a through 1.9. | 2025-01-31 | 7.1 | CVE-2025-24535 |
| smub–Contact Form & SMTP Plugin for WordPress by PirateForms |
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. | 2025-01-30 | 7.3 | CVE-2024-13453 |
| snowflakedb–snowflake-connector-python |
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.connector.pandas_tools module is vulnerable to SQL injection. This vulnerability affects versions 2.2.5 through 3.13.0. Snowflake fixed the issue in version 3.13.1. | 2025-01-29 | 7 | CVE-2025-24793 |
| snowflakedb–snowflake-jdbc |
Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0. | 2025-01-29 | 7.8 | CVE-2025-24789 |
| SonicWall–NetExtender |
A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation. | 2025-01-30 | 7.8 | CVE-2025-23007 |
| SourceCodester–Best Employee Management System |
A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of the component Administrative Endpoint. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-01-29 | 7.3 | CVE-2025-0802 |
| SWIT–WP Sessions Time Monitoring Full Automatic |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in SWIT WP Sessions Time Monitoring Full Automatic allows Reflected XSS. This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through 1.1.1. | 2025-01-31 | 7.1 | CVE-2025-24718 |
| TandoorRecipes–recipes |
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute commands on the server. In the case of the provided Docker Compose file as root. This vulnerability is fixed in 1.5.24. | 2025-01-28 | 9.9 | CVE-2025-23211 |
| TandoorRecipes–recipes |
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The file upload feature allows to upload arbitrary files, including html and svg. Both can contain malicious content (XSS Payloads). This vulnerability is fixed in 1.5.28. | 2025-01-28 | 8.7 | CVE-2025-23213 |
| TandoorRecipes–recipes |
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The external storage feature allows any user to enumerate the name and content of files on the server. This vulnerability is fixed in 1.5.28. | 2025-01-28 | 7.7 | CVE-2025-23212 |
| TeamViewer–Remote Full Client |
Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection. | 2025-01-28 | 7.8 | CVE-2025-0065 |
| ThemeGlow–Cleanup Directory Listing & Classifieds WordPress Plugin |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ThemeGlow Cleanup – Directory Listing & Classifieds WordPress Plugin allows Reflected XSS. This issue affects Cleanup – Directory Listing & Classifieds WordPress Plugin: from n/a through 1.0.4. | 2025-01-31 | 7.1 | CVE-2025-24563 |
| themerex — addons |
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ‘trx_addons_uploads_save_data’ function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible. | 2025-01-28 | 9.8 | CVE-2024-13448 |
| ThimPress–FundPress |
Deserialization of Untrusted Data vulnerability in ThimPress FundPress allows Object Injection. This issue affects FundPress: from n/a through 2.0.6. | 2025-01-27 | 9.8 | CVE-2025-24601 |
| Ulrich Sossou–The Loops |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Ulrich Sossou The Loops allows Reflected XSS. This issue affects The Loops: from n/a through 1.0.2. | 2025-01-27 | 7.1 | CVE-2025-23754 |
| Unknown–Altra Side Menu |
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks | 2025-01-27 | 7.2 | CVE-2024-12773 |
| Unknown–Bulk Me Now! |
The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-01-30 | 7.1 | CVE-2024-12638 |
| Unknown–Bulk Me Now! |
The Bulk Me Now! WordPress plugin through 2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2025-01-30 | 7.1 | CVE-2024-12708 |
| Unknown–Competition Form |
The Competition Form WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-01-29 | 7.1 | CVE-2024-12749 |
| Unknown–Dental Optimizer Patient Generator App |
The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-01-27 | 7.1 | CVE-2024-13052 |
| Unknown–Dyn Business Panel |
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-01-27 | 7.1 | CVE-2024-13055 |
| Unknown–Dyn Business Panel |
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-01-27 | 7.1 | CVE-2024-13056 |
| Unknown–Dyn Business Panel |
The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack. | 2025-01-27 | 7.1 | CVE-2024-13057 |
| Unknown–tourmaster |
The tourmaster WordPress plugin before 5.3.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting. | 2025-01-30 | 7.1 | CVE-2024-12400 |
| Unknown–WC Affiliate |
The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-01-27 | 7.1 | CVE-2024-12321 |
| Unknown–WP Triggers Lite |
The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-01-27 | 7.1 | CVE-2024-13094 |
| Vanquish–WooCommerce Customers Manager |
The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_assign_new_roles() function in all versions up to, and including, 31.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator. | 2025-02-01 | 8.8 | CVE-2024-13343 |
| visualmodo — borderless |
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.9 via the ‘write_config’ function. This is due to a lack of sanitization on an imported JSON file. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute code on the server. | 2025-01-30 | 7.2 | CVE-2024-11600 |
| vllm-project–vllm |
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py implements hf_model_weights_iterator to load the model checkpoint, which is downloaded from huggingface. It uses the torch.load function and the weights_only parameter defaults to False. When torch.load loads malicious pickle data, it will execute arbitrary code during unpickling. This vulnerability is fixed in v0.7.0. | 2025-01-27 | 7.5 | CVE-2025-24357 |
| VMware–VMware Aria Operations for Logs |
VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs | 2025-01-30 | 8.5 | CVE-2025-22218 |
| VMware–VMware Aria Operations |
VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known. | 2025-01-30 | 7.7 | CVE-2025-22222 |
| wcmp–MultiVendorX The Ultimate WooCommerce Multivendor Marketplace Solution |
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included | 2025-01-31 | 9.8 | CVE-2025-0493 |
| wcproducttable–WooCommerce Product Table Lite |
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.9.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. The same ‘sc_attrs’ parameter is vulnerable to Reflected Cross-Site Scripting as well. | 2025-01-31 | 7.3 | CVE-2024-13472 |
| westguardsolutions — ws_form |
The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability is partially fixed in 1.10.13 and completely fixed in 1.10.14. | 2025-01-28 | 7.2 | CVE-2024-13509 |
| WisdmLabs–Edwiser Bridge |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in WisdmLabs Edwiser Bridge allows Reflected XSS. This issue affects Edwiser Bridge: from n/a through 3.0.8. | 2025-01-27 | 7.1 | CVE-2025-24593 |
| Wondershare–Dr.Fone |
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by SYSTEM automatically. | 2025-01-30 | 7.8 | CVE-2025-0834 |
| WP Busters–Passwordless WP Login with your glance or fingerprint |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in WP Busters Passwordless WP – Login with your glance or fingerprint allows Reflected XSS. This issue affects Passwordless WP – Login with your glance or fingerprint: from n/a through 1.1.6. | 2025-01-27 | 7.1 | CVE-2025-23792 |
| wpdesk–Flexible Wishlist for WooCommerce Ecommerce Wishlist & Save for later |
The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wishlist_name’ parameter in all versions up to, and including, 1.2.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-29 | 7.2 | CVE-2024-13696 |
| wpmessiah — safe_ai_malware_protection_for_wp |
The Safe Ai Malware Protection for WP plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db() function in all versions up to, and including, 1.0.17. This makes it possible for unauthenticated attackers to retrieve a complete dump of the site’s database. | 2025-01-30 | 7.5 | CVE-2024-12269 |
| WpMultiStoreLocator–WP Multi Store Locator |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WpMultiStoreLocator WP Multi Store Locator allows Reflected XSS. This issue affects WP Multi Store Locator: from n/a through 2.4.7. | 2025-01-27 | 7.1 | CVE-2025-24680 |
| Zoom Communications, Inc–Zoom Workplace App for Linux |
Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access. | 2025-01-30 | 8.8 | CVE-2025-0147 |
nnn
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| Acronis–Acronis Cyber Protect Cloud Agent |
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | 2025-01-31 | 6.3 | CVE-2025-24827 |
| Acronis–Acronis Cyber Protect Cloud Agent |
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | 2025-01-31 | 6.3 | CVE-2025-24829 |
| Acronis–Acronis Cyber Protect Cloud Agent |
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | 2025-01-31 | 6.6 | CVE-2025-24831 |
| alexreservations–Alex Reservations: Smart Restaurant Booking |
The Alex Reservations: Smart Restaurant Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘rr_form’ shortcode in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-30 | 6.4 | CVE-2024-13380 |
| anzia–Ni Sales Commission For WooCommerce |
The Ni Sales Commission For WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ‘niwoosc_ajax’ AJAX endpoint in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugins settings and modify commission amounts. | 2025-01-31 | 4.3 | CVE-2024-13424 |
| Apache Software Foundation–Apache Hive |
Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attacker should be an authorized user of the product to perform this attack. Users are recommended to upgrade to version 4.0.0, which fixes this issue. The problem occurs when an application doesn’t use a constant-time algorithm for validating a signature. The method Arrays.equals() returns false right away when it sees that one of the input’s bytes are different. It means that the comparison time depends on the contents of the arrays. This little thing may allow an attacker to forge a valid signature for an arbitrary message byte by byte. So it might allow malicious users to submit splits/work with selected signatures to LLAP without running as a privileged user, potentially leading to DDoS attack. More details in the reference section. | 2025-01-28 | 6.5 | CVE-2024-23953 |
| Apache Software Foundation–Apache Hive |
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to upgrade to version 4.0.1, which fixes this issue. | 2025-01-28 | 5.5 | CVE-2024-29869 |
| apple — ipados |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service. | 2025-01-27 | 6.5 | CVE-2024-54497 |
| apple — ipados |
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service. | 2025-01-27 | 6.5 | CVE-2025-24131 |
| apple — ipados |
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication. | 2025-01-27 | 5.3 | CVE-2024-54488 |
| apple — ipados |
This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to access user-sensitive data. | 2025-01-27 | 5.5 | CVE-2024-54541 |
| apple — ipados |
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service. | 2025-01-27 | 5.5 | CVE-2025-24086 |
| apple — ipados |
This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of protected system files. | 2025-01-27 | 5.5 | CVE-2025-24104 |
| apple — ipados |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may be able to fingerprint the user. | 2025-01-27 | 5.5 | CVE-2025-24117 |
| apple — ipados |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 5.5 | CVE-2025-24127 |
| apple — ipados |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 5.5 | CVE-2025-24161 |
| apple — macos |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app with root privileges may be able to execute arbitrary code with kernel privileges. | 2025-01-27 | 6.7 | CVE-2025-24153 |
| apple — macos |
The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables. | 2025-01-27 | 5.5 | CVE-2024-54536 |
| apple — macos |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. | 2025-01-27 | 5.5 | CVE-2024-54549 |
| apple — macos |
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data. | 2025-01-27 | 5.5 | CVE-2025-24087 |
| apple — macos |
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3. A malicious app may be able to access arbitrary files. | 2025-01-27 | 5.5 | CVE-2025-24096 |
| apple — macos |
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 5.5 | CVE-2025-24112 |
| apple — macos |
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system. | 2025-01-27 | 5.5 | CVE-2025-24114 |
| apple — macos |
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3. Files downloaded from the internet may not have the quarantine flag applied. | 2025-01-27 | 5.3 | CVE-2025-24140 |
| apple — macos |
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app may be able to cause unexpected system termination or corrupt kernel memory. | 2025-01-27 | 5.5 | CVE-2025-24152 |
| apple — macos |
A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access user-sensitive data. | 2025-01-27 | 4.7 | CVE-2025-24094 |
| apple — macos |
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences. | 2025-01-27 | 4.4 | CVE-2025-24116 |
| apple — macos |
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious app may be able to create symlinks to protected regions of the disk. | 2025-01-27 | 4.4 | CVE-2025-24136 |
| apple — safari |
The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user. | 2025-01-27 | 6.5 | CVE-2025-24143 |
| apple — safari |
The issue was addressed with improved UI. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. Visiting a malicious website may lead to user interface spoofing. | 2025-01-27 | 4.3 | CVE-2025-24113 |
| apple — safari |
The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing. | 2025-01-27 | 4.3 | CVE-2025-24128 |
| Apple–macOS |
A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An attacker with user privileges may be able to read kernel memory. | 2025-01-27 | 5.5 | CVE-2024-54507 |
| Apple–macOS |
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to read sensitive location information. | 2025-01-27 | 5.5 | CVE-2024-54519 |
| Apple–macOS |
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files. | 2025-01-27 | 5.5 | CVE-2024-54520 |
| Apple–macOS |
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to capture keyboard events from the lock screen. | 2025-01-27 | 5.5 | CVE-2024-54539 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to access protected user data. | 2025-01-27 | 5.5 | CVE-2024-54547 |
| Apple–macOS |
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information. | 2025-01-27 | 5.5 | CVE-2025-24092 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges. | 2025-01-30 | 5.1 | CVE-2025-24099 |
| Apple–macOS |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data. | 2025-01-27 | 5.5 | CVE-2025-24101 |
| Apple–macOS |
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access protected user data. | 2025-01-27 | 5.5 | CVE-2025-24103 |
| Apple–macOS |
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data. | 2025-01-27 | 5.5 | CVE-2025-24108 |
| Apple–macOS |
A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read files outside of its sandbox. | 2025-01-27 | 5.5 | CVE-2025-24115 |
| Apple–macOS |
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system. | 2025-01-27 | 5.5 | CVE-2025-24122 |
| Apple–macOS |
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data. | 2025-01-27 | 5.5 | CVE-2025-24134 |
| Apple–macOS |
This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious application may be able to leak sensitive user information. | 2025-01-27 | 5.5 | CVE-2025-24138 |
| Apple–macOS |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to disclosure of user information. | 2025-01-27 | 5.5 | CVE-2025-24149 |
| Apple–macOS |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs. | 2025-01-27 | 4 | CVE-2024-54550 |
| Apple–macOS |
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | 2025-01-27 | 4.3 | CVE-2025-24160 |
| Apple–tvOS |
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process crash. | 2025-01-27 | 6.5 | CVE-2024-54478 |
| Apple–tvOS |
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | 2025-01-27 | 5.3 | CVE-2024-54518 |
| Apple–tvOS |
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | 2025-01-27 | 5.8 | CVE-2024-54523 |
| Apple–visionOS |
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service. | 2025-01-27 | 6.5 | CVE-2025-24158 |
| areoi — all_bootstrap_blocks |
The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the “Accordion” widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-30 | 6.4 | CVE-2024-13549 |
| argoproj–argo-cd |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write access to the repository and can exploit it, either intentionally or unintentionally, by committing an invalid Secret to repository and triggering a Sync. Once exploited, any user with read access to Argo CD can view the exposed secret data. The vulnerability is fixed in v2.13.4, v2.12.10, and v2.11.13. | 2025-01-30 | 6.8 | CVE-2025-23216 |
| artbees–Jupiter X Core |
The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG feature. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. | 2025-02-01 | 6.5 | CVE-2025-0365 |
| atakanau–Automatically Hierarchic Categories in Menu |
The Automatically Hierarchic Categories in Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘autocategorymenu’ shortcode in all versions up to, and including, 2.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-30 | 6.4 | CVE-2024-13466 |
| athemes–aThemes Addons for Elementor |
The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-02-01 | 6.4 | CVE-2024-13547 |
| Axiomatic–Bento4 |
A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-01-27 | 6.3 | CVE-2025-0751 |
| Axiomatic–Bento4 |
A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-01-27 | 6.3 | CVE-2025-0753 |
| Axiomatic–Bento4 |
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. | 2025-01-30 | 5.6 | CVE-2025-0870 |
| badhonrocks–Divi Torque Lite |
The Divi Torque Lite – Best Divi Addon, Extensions, Modules & Social Modules plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-29 | 6.4 | CVE-2025-0353 |
| BdThemes–Ultimate Store Kit Elementor Addons |
Missing Authorization vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.3.0. | 2025-01-27 | 4.3 | CVE-2025-24584 |
| Benjamin Piwowarski–PAPERCITE |
Missing Authorization vulnerability in Benjamin Piwowarski PAPERCITE allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PAPERCITE: from n/a through 0.5.18. | 2025-01-27 | 5.4 | CVE-2025-23849 |
| Bentley–ProjectWise Integration Server |
Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call. | 2025-01-31 | 6.4 | CVE-2024-53007 |
| BestWebSoft–Google Captcha |
Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity Spoofing. This issue affects Google Captcha: from n/a through 1.78. | 2025-01-27 | 5.3 | CVE-2025-24628 |
| Blokhaus–Minterpress |
Missing Authorization vulnerability in Blokhaus Minterpress allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Minterpress: from n/a through 1.0.5. | 2025-01-27 | 6.5 | CVE-2025-23529 |
| bowo — system_dashboard |
The System Dashboard plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the Filename parameter in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrative user into performing an action such as clicking on a link. | 2025-01-30 | 6.1 | CVE-2024-12299 |
| Brainvireinfo–Dynamic URL SEO |
Cross-Site Request Forgery (CSRF) vulnerability in Brainvireinfo Dynamic URL SEO allows Cross Site Request Forgery. This issue affects Dynamic URL SEO: from n/a through 1.0. | 2025-01-31 | 5.4 | CVE-2025-23985 |
| brechtvds–Custom Related Posts |
The Custom Related Posts plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on three AJAX actions in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to search posts and link/unlink relations. | 2025-02-01 | 5.4 | CVE-2024-12825 |
| Cacti–cacti |
Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply going to Logs tab and selecting the name of the local file will show its content on the web UI. This vulnerability is fixed in 1.2.29. | 2025-01-27 | 6 | CVE-2024-45598 |
| Cacti–cacti |
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29. | 2025-01-27 | 6.3 | CVE-2024-54145 |
| CampCodes–School Management Software |
A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 6.3 | CVE-2025-0849 |
| Canonical Ltd.–Juju |
An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller’s filesystem. | 2025-01-31 | 4.9 | CVE-2023-0092 |
| casterfm–WPRadio WordPress Radio Streaming Plugin |
The WPRadio – WordPress Radio Streaming Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wpradio_player’ shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-31 | 6.4 | CVE-2024-13397 |
| Cesanta–Frozen |
An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input. | 2025-01-27 | 5.3 | CVE-2025-0695 |
| Cesanta–Frozen |
A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input. | 2025-01-27 | 5.3 | CVE-2025-0696 |
| ChargePoint–Home Flex |
This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CURLOPT_SSL_VERIFYHOST setting. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. | 2025-01-31 | 6.5 | CVE-2024-23970 |
| Cianet–ONU GW24AC |
A vulnerability was found in Cianet ONU GW24AC up to 20250127. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Login. The manipulation of the argument browserLang leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 4.3 | CVE-2025-0869 |
| cimatti–WordPress Contact Forms by Cimatti |
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the accua_forms_download_submitted_file() function in all versions up to, and including, 1.9.4. This makes it possible for unauthenticated attackers to download other user submitted forms. | 2025-02-01 | 5.3 | CVE-2024-12184 |
| clinked–Clinked Client Portal |
The Clinked Client Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘clinked-login-button’ shortcode in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-30 | 6.4 | CVE-2024-12524 |
| Cloud Foundry–Cloud Foundry UAA |
A UAA configured with multiple identity zones, does not properly validate session information across those zones. A User authenticated against a corporate IDP can re-use their jsessionid to access other zones. | 2025-01-31 | 5.4 | CVE-2025-22216 |
| code-projects–Chat System |
A vulnerability was found in code-projects Chat System up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/addnewmember.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 6.3 | CVE-2025-0882 |
| code-projects–Chat System |
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/add_chatroom.php. The manipulation of the argument chatname/chatpass leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-02-02 | 6.3 | CVE-2025-0967 |
| code-projects–Job Recruitment |
A vulnerability was found in code-projects Job Recruitment 1.0. It has been classified as problematic. This affects an unknown part of the file /parse/_call_job_search_ajax.php. The manipulation of the argument n leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-01-31 | 6.3 | CVE-2025-0934 |
| code-projects–Job Recruitment |
A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as problematic. This issue affects some unknown processing of the file _call_job_search_ajax.php. The manipulation of the argument job_type leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-01-29 | 4.3 | CVE-2025-0806 |
| code-projects–Simple Plugins Car Rental Management |
A vulnerability, which was classified as critical, has been found in code-projects Simple Plugins Car Rental Management 1.0. Affected by this issue is some unknown functionality of the file /admin/approve.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 6.3 | CVE-2025-0874 |
| CodeBard–CodeBard Help Desk |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CodeBard CodeBard Help Desk allows Stored XSS. This issue affects CodeBard Help Desk: from n/a through 1.1.2. | 2025-01-31 | 6.5 | CVE-2025-22757 |
| codection–Import and export users and customers |
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in codection Import and export users and customers allows Retrieve Embedded Sensitive Data. This issue affects Import and export users and customers: from n/a through 1.27.12. | 2025-01-27 | 5.9 | CVE-2025-24689 |
| CodegearThemes–Designer |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CodegearThemes Designer allows DOM-Based XSS. This issue affects Designer: from n/a through 1.6.0. | 2025-01-31 | 6.5 | CVE-2025-23987 |
| Codezips–Gym Management System |
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/updateplan.php. The manipulation of the argument planid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 6.3 | CVE-2025-0880 |
| Codezips–Gym Management System |
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/saveroutine.php. The manipulation of the argument rname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-01-30 | 6.3 | CVE-2025-0881 |
| Contec Health–CMS8000 Patient Monitor |
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario. | 2025-01-30 | 5.9 | CVE-2025-0683 |
| creativeinteractivemedia–AnimateGL Animations for WordPress Elementor & Gutenberg Blocks Animations |
The AnimateGL Animations for WordPress – Elementor & Gutenberg Blocks Animations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘agl_json’ AJAX action in all versions up to, and including, 1.4.23. This makes it possible for unauthenticated attackers to update the plugin’s settings. | 2025-02-01 | 5.3 | CVE-2024-12620 |
| cyberchimps — responsive_blocks |
The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘section_tag’ parameter in all versions up to, and including, 1.9.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-01-30 | 6.4 | CVE-2024-13732 |
| David F. Carr–RSVPMarker |
Missing Authorization vulnerability in David F. Carr RSVPMarker . This issue affects RSVPMarker : from n/a through 11.4.5. | 2025-01-27 | 5.3 | CVE-2025-24600 |
| dcooperman–MagicForm |
The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a missing capability check on the plugin’s AJAX actions in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke those actions in order to delete or view logs, modify forms or modify plugin settings. | 2025-02-01 | 6.3 | CVE-2025-0939 |
| devitemsllc–HT Event WordPress Event Manager Plugin for Elementor |
The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via the ‘render’ function in /includes/widgets/htevent_sponsor.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, scheduled, and draft template data. | 2025-01-31 | 4.3 | CVE-2024-13216 |
| dsky–Site Search 360 |
The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘ss360-resultblock’ shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-02-01 | 6.4 | CVE-2024-11780 |
| dwbooster — cp_contact_form |
The CP Contact Form with PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.52. This is due to missing or incorrect nonce validation on the cp_contact_form_paypal_check_init_actions() function. This makes it possible for unauthenticated attackers to add discount codes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-01-30 | 6.5 | CVE-2024-13758 |
| ecpay — ecpay_ecommerce_for_woocommerce |
The ECPay Ecommerce for WooCommerce plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘clear_ecpay_debug_log’ AJAX action in all versions up to, and including, 1.1.2411060. This makes it possible for authenticated attackers, with Subscriber-level access and above, to clear the plugin’s log files. | 2025-01-30 | 4.3 | CVE-2024-13652 |
| elementor — website_builder |
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.25.10 via the ‘elementor-template’ shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the content of Private, Pending, and Draft Templates. The vulnerability was partially patched in version 3.24.4. | 2025-01-30 | 4.3 | CVE-2024-8494 |
| EmbedAI–EmbedAI |
A Reflected Cross-Site Scripting vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to craft a malicious URL leveraging the”/embedai/users/show/ |