CVE-2025-22457 - Critical Stack-Based Buffer Overflow Vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways
CVE-2025-31334 - WinRAR Vulnerability Bypasses "Mark of the Web" Security Warning, Allows Arbitrary Code Execution in Versions Prior to 7.11
CVE-2025-20212: Cisco AnyConnect VPN Server Vulnerability and Exploit Details
CVE-2024-42325 - Zabbix API user.get Unintended Information Disclosure Vulnerability
CVE-2024-45700 - Zabbix Server DoS Vulnerability: Uncontrolled Resource Exhaustion and Service Crash
CVE-2024-36469: Exploiting Username Enumeration in Authentication Systems Using Timing Differences
CVE-2024-36465: Zabbix SQL Injection Vulnerability Allowing Low Privilege Users API Access
CVE-2025-22231: VMware Aria Operations Local Privilege Escalation Vulnerability Exploited - A Deep Dive
CVE-2024-56325 - Authentication Bypass Issue: A Closer Look at Exploiting and Protecting Pinot
CVE-2025-30065 - Critical Vulnerability Discovered in Schema Parsing of parquet-avro Module in Apache Parquet
Uncovering CVE-2025-31103: Untrusted Data Deserialization Vulnerability in a-blog cms and Its Exploitation
CVE-2025-1268: Exploring an Out-of-Bounds Vulnerability in EMF Recode Processing of Various Generic Plus Printer Drivers
CVE-2025-1861 - PHP Vulnerability in HTTP Redirect Parsing Due to Limited Location Buffer
CVE-2025-1736 - PHP Header Injection Vulnerability: How to Prevent and Mitigate the Risk
CVE-2025-1217: PHP HTTP Request Module's Vulnerability to Incorrectly Parsed Folded Headers and Potential Exploits
CVE-2024-12619 - Unauthorized Access to Internal Projects in GitLab CE/EE Versions 16. to 17.8.6, 17.9 to 17.9.3, and 17.10 to 17.10.1
CVE-2024-10307: Uncontrolled CPU Consumption in GitLab EE/CE caused by Maliciously Crafted Files
CVE-2025-2294: Critical Local File Inclusion Vulnerability in Kubio AI Page Builder Plugin for WordPress
CVE-2025-2857: Firefox Sandbox Escape - A Continued Threat for Windows Users Following Chrome's Vulnerability
CVE-2025-2867: Critical Vulnerability Found in the GitLab Duo with Amazon Q - Protect Your Sensitive Data Now!
CVE-2024-9773: A Critical Vulnerability Exploitable in GitLab EE's Harbor Registry Integration
CVE-2025-31160 - Local Users Can Cause a Denial of Service in atop 2.11. Process Monitor
Understanding CVE-2025-2783: Sandbox Escape Vulnerability in Google Chrome's Mojo Component
CVE-2025-2825: Authentication Bypass Vulnerability in CrushFTP and How to Protect Your Data and Systems
CVE-2025-27835: Uncovering a Dangerous Buffer Overflow Vulnerability in Artifex Ghostscript Prior to Version 10.05.
CVE-2025-27831 - Buffer Overflow Vulnerability in Artifex Ghostscript DOCXWRITE and TXTWRITE devices
CVE-2025-22230: Authentication Bypass Vulnerability in VMware Tools for Windows - Exploit Details and Remediation Steps
CVE-2025-2725 - Critical Vulnerability Found in H3C Magic Series Devices Allowing Command Injection via HTTP POST Request Handler
CVE-2025-24514 - Critical Security Vulnerability in ingress-nginx Allows for Arbitrary Code Execution and Secret Disclosure
CVE-2025-1974: Kubernetes Ingress-Nginx Controller Arbitrary Code Execution and Unauthorized Secrets Disclosure
CVE-2025-24513 - Security Issue Detected in Ingress-NGINX: Directory Traversal Vulnerability, Potential DoS, and Limited Secret Disclosure
CVE-2025-1098: Arbitrary Code Execution Vulnerability in ingress-nginx Via Malicious Ingress Annotations
CVE-2025-1097 - Exploiting Arbitrary Code Execution in ingress-nginx through 'auth-tls-match-cn' Annotation Injection
CVE-2025-26512: SnapCenter versions prior to 6..1P1 and 6.1P1 vulnerable to privilege escalation allowing SnapCenter Server user to become a remote admin
CVE-2025-30208: Vite Frontend Development Tooling Vulnerability Allows Bypass and Arbitrary File Exposures
CVE-2023-25610: Buffer Underwrite Vulnerability in Fortinet FortiOS, FortiProxy, and FortiOS-6K7K Administrative Interfaces
CVE-2025-29806 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability without a Designated CWE
CVE-2025-27553 - Relative Path Traversal Vulnerability in Apache Commons VFS Before 2.10.
CVE-2025-0927 - Uncovering the Heap Overflow Vulnerability in the Linux Kernel's HFS+ File System Implementation
CVE-2025-2645: A Deep Dive into the PHPGurukul Art Gallery Management System 1. Vulnerability and Exploit
CVE-2025-2620: Critical Vulnerability Found in D-Link DAP-162 1.03 - Exploit Details and How to Safeguard Your Device
CVE-2025-30204: Golang-jwt Vulnerability: A Comprehensive Analysis
CVE-2019-16151: FortiOS Vulnerability Exploited for Redirection Attacks and JavaScript Injection
CVE-2025-29927 - A Deep Dive Into the Next.js Authorization Bypass Vulnerability
CVE-2021-25635 - Improper Certificate Validation in LibreOffice Allows Spoofing of Document Signatures
CVE-2025-29814: Improper Authorization in Microsoft Partner Center Leading to Privilege Escalation
CVE-2025-2538: Understanding the Improper Authentication Vulnerability in Esri ArcGIS Enterprise Deployments
CVE-2025-29923: Out-of-Order Responses in go-redis Versions Prior to 9.5.5, 9.6.3, and 9.7.3
CVE-2025-23120 - Critical Vulnerability Allowing Remote Code Execution for Domain Users: Exploit Details and Mitigation Strategies
CVE-2024-4990: A Deep Dive Into the Vulnerability in yiisoft/yii2 v2..48
CVE-2025-2505: WordPress Age Gate Plugin Local PHP File Inclusion Vulnerability
CVE-2025-22228: BCryptPasswordEncoder.matches() Vulnerability Allowing Incorrect Password Matches for Passwords Over 72 Characters
CVE-2025-2476: Google Chrome Lens Vulnerability – Critical 'Use After Free' Bug in Prior Versions (Up to 134..6998.117)
CVE-2025-30154 - reviewdog/action-setup Compromised: Secrets Exposed in GitHub Actions Workflow Logs
CVE-2025-29783 - Remote Code Execution Vulnerability in vLLM using Mooncake Configuration
CVE-2025-27018 - Apache Airflow MySQL Provider SQL Injection Vulnerability Fixed in v6.2.
CVE-2024-10441 - Remote Code Execution Vulnerability in Synology BeeStation Manager and DiskStation Manager
CVE-2025-29907 - Denial of Service Vulnerability in jsPDF prior to 3..1 via User-Controlled addImage Method Argument
CVE-2024-56346: A Deep Dive into the Critical Vulnerability in IBM's AIX 7.2/7.3 nimesis NIM Master Service
CVE-2023-22514: High Severity RCE Vulnerability in Sourcetree for Mac and Windows
CVE-2025-0755: Buffer Overflow Vulnerability in MongoDB C driver library
CVE-2021-32584: Uncovering an Improper Access Control Vulnerability in FortiWLC
CVE-2020-29010 - FortiOS Sensitive Information Exposure Vulnerability Potentially Affecting SSL VPN Events Logs
CVE-2020-9295: Undetected Malware Exploit in Fortinet Products
CVE-2025-30066 - tj-actions Changed-Files Vulnerability Enables Remote Attackers to Uncover Secrets through Action Logs
CVE-2025-29775: xml-crypto Signature Bypass Vulnerability - Update to Stay Secure
CVE-2025-29774: Xml-crypto library vulnerability poses authentication and authorization issues
CVE-2023-33300 - Fortinet FortiNAC Command Injection Vulnerability in Inter-Server Communication Port: Exploit Details and Analysis
CVE-2024-26006: Cross-site Scripting (XSS) Vulnerability in FortiOS and FortiProxy Web SSL VPN UI via Malicious Samba Server
CVE-2024-8176: Exploring a Stack Overflow Vulnerability in the libexpat library
CVE-2025-1257 - Denial of Service Vulnerability in GitLab EE Affecting API Inputs
CVE-2024-12380: GitLab EE/CE Repository Mirroring Settings - Sensitive Authentication Information Exposure
CVE-2024-7296 - GitLab EE Security Patch to Address User Onboarding Exploit and Ensure Maximum Member Limit Control
CVE-2020-36843: EdDSA-Java Signature Malleability Exploit in Versions through .3.
CVE-2025-25291: Authentication Bypass Vulnerability Found in ruby-saml Parsers
CVE-2025-25292: Authentication Bypass Vulnerability Found in Ruby-SAML Prior to Versions 1.12.4 and 1.18. Due to Parser Differential
CVE-2025-27407: Remote Code Execution in GraphQL-Ruby Prior to Versions 1.11.8, 1.12.25, 1.13.24, 2..32, 2.1.14, 2.2.17, and 2.3.21
CVE-2025-22870: Understanding the Vulnerability in Proxy Pattern Matching for IPv6 Addresses Including Zone ID
CVE-2025-20138: Critical Vulnerability in CLI of Cisco IOS XR Software Allows Root Access
CVE-2025-2240: Out-of-Memory Vulnerability in Smallrye Fault Tolerance May Lead to Denial of Service
CVE-2025-29891 - Bypass/Injection Vulnerability in Apache Camel
CVE-2025-21864 - Linux Kernel Vulnerability Resolved: tcp: drop secpath at the same time as we currently drop dst
CVE-2025-21862: drop_monitor Vulnerability in Linux Kernel Fixed - Incorrect Initialization Order
CVE-2025-24201 - Out-of-Bounds Write Issue Addressed in visionOS, iOS, iPadOS, macOS, and Safari to Prevent Unauthorized Actions
CVE-2025-26633 - Improper Neutralization in Microsoft Management Console: A Potential Risk for Bypassing Security Features Locally
CVE-2025-26630: Use After Free Vulnerability in Microsoft Office Access Paving the Way for Unauthorized Local Code Execution
CVE-2025-26629 Exploit: Use After Free Vulnerability in Microsoft Office - A Comprehensive Analysis and Guide on Mitigation
CVE-2025-24997 - Critical Null Pointer Dereference in Windows Kernel Memory Posing a Local DOS Attack Risk
CVE-2025-24994: Improper Access Control in Windows Cross Device Service that Allows an Authorized Attacker to Elevate Privileges Locally
CVE-2025-24991: Out-of-bounds read in Windows NTFS allows authorized attacker local information disclosure.
CVE-2025-24993 - A Detailed Analysis of Heap-based Buffer Overflow in Windows NTFS Allowing Unauthorized Local Code Execution
CVE-2025-24984 - Unauthorized Information Disclosure via Sensitive Data Insertion in Windows NTFS Log Files
CVE-2025-24985 - Overcoming Integer Overflow or Wraparound in the Windows Fast FAT Driver for Local Unauthorized Code Execution
CVE-2025-24983: Use After Free Vulnerability in Windows Win32 Kernel Subsystem
CVE-2025-24076: Unauthorized Access Control in Windows Cross Device Service Leads to Potential Privilege Escalation
CVE-2025-24071 - Exposure of Sensitive Information in Windows File Explorer Allows Unauthorized Attacker to Perform Spoofing Over a Network
CVE-2024-45324 - Use of Externally-Controlled Format String Vulnerability in Fortinet Products Leads to Unauthorized Code Execution
CVE-2025-27363: Exploring the Out of Bounds Write Vulnerability in FreeType 2.13. and Below
CVE-2025-1661 - Local File Inclusion Vulnerability in HUSKY - Products Filter Professional for WooCommerce Plugin in WordPress
CVE-2025-27610 - Exposure of Sensitive Files due to Insufficient Path Sanitization in Rack::Static
CVE-2025-24813 - Path Equivalence 'file.Name' (Internal Dot) Vulnerability in Apache Tomcat (Remote Code Execution, Information Disclosure, Malicious Content Injection)
CVE-2025-25977: Arbitrary Code Execution in Canvg v4..2 through StyleElement Class Constructor - Security Advisory and Exploit Details
CVE-2025-26865 - Improper Neutralization of Special Elements Used in a Template Engine Vulnerability in Apache OFBiz
CVE-2025-27636 - Bypass/Injection Vulnerability in Apache Camel-Bean Component Under Particular Conditions
CVE-2023-52971: MariaDB Server 10.10-10.11 and 11.-11.4 Crash in JOIN::fix_all_splittings_in_plan - Exploit Details, References, and Code Snippets
CVE-2023-52969: MariaDB Server Vulnerability Leading to Crashes Without Backtrace - Analyzing Exploit Details, Make_aggr_tables_info, and Optimize_stage2 Functions
CVE-2023-52970 - MariaDB Server Crash Vulnerability in Item_direct_view_ref::derived_field_transformer_for_where
CVE-2023-52968 - MariaDB Server Vulnerability Leading to the find_field_in_table Crash in Various Versions
CVE-2025-27840: Espressif ESP32 Chips Allow 29 Hidden HCI Commands, Including xFC02 (Write Memory)
CVE-2025-26643: Uncovering the Spoofing Vulnerability in Microsoft Edge (Chromium-based) and How to Act Against It
CVE-2025-27607: Python JSON Logger RCE Vulnerability Due to Missing Dependency
CVE-2025-27152 - Axios Promise-Based HTTP Client Vulnerability, SSRF and Credential Leakage Exploit
CVE-2025-27816 - Arctera InfoScale 7.-8..2: .NET Remoting Vulnerability with Insecure Deserialization
CVE-2025-27516 - Arbitrary Code Execution Vulnerability by Bypassing Jinja's Sandboxed Environment
CVE-2025-27513 - Denial of Service Vulnerability in OpenTelemetry.API Package for dotnet Applications
CVE-2025-20206: A Critical Cisco Secure Client IPC Channel Vulnerability Posing Risks to Windows Systems
CVE-2025-25015 - Prototype Pollution in Kibana Leads to Arbitrary Code Execution
CVE-2025-1919: Out-of-Bounds Read Vulnerability in Google Chrome - A Comprehensive Analysis of the Exploit, Impact, and Remediation
CVE-2025-1316: Exploiting Edimax IC-710 Camera for Remote Code Execution
CVE-2025-1080 – Exploit in LibreOffice URI Scheme to Hijack MS SharePoint Server Integration
CVE-2025-27507: Zitadel Identity Infrastructure Software Insecure Direct Object Reference (IDOR) Vulnerabilities, Affecting LDAP Configurations and More
CVE-2025-27111: Log Injection Vulnerability in Rack Middleware and How to Protect Your Ruby Server
CVE-2025-1937: Uncovering Memory Safety Bugs in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7
CVE-2025-1933: Critical Vulnerability in JIT Compiler for WASM i32 Return Values on 64-bit CPUs
CVE-2025-1930: Windows AudioIPC Use-After-Free Vulnerability in Firefox and Thunderbird: Exploiting StreamData for Sandbox Escape
CVE-2025-22224 - VMware ESXi and Workstation TOCTOU Vulnerability Allows Malicious Actors with Local Admin Privileges to Exploit Out-of-Bounds Write and Execute Code
CVE-2025-22226: VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability in HGFS - Potential Memory Leak Exploit
CVE-2025-22225: Understanding the VMware ESXi Arbitrary Write Vulnerability and its Impact on VMX Process Sandbox Escapes
CVE-2025-0360: The Impact of Incorrect User Privilege Levels in VAPIX Service Account D-Bus API
CVE-2025-0912 - WordPress Donations Widget PHP Object Injection Vulnerability in All Versions up to and Including 3.19.4
CVE-2025-27219 - Analysis of Dos vulnerability in CGI Gem before .4.2 for Ruby
CVE-2025-27220: Understanding the ReDoS Vulnerability in CGI Gem for Ruby and How to Mitigate It
CVE-2025-27221: Vulnerability in URI Gem for Ruby - An In-depth Review of Inadvertent Leakage of Authentication Credentials and How to Fix It
CVE-2025-24023: Timing Attack Vulnerability in Flask-AppBuilder Prior to Version 4.5.3 Enables Username Enumeration by Unauthenticated Users
CVE-2025-0555 – A GitLab-EE XSS Vulnerability: Bypass Security Controls and Execute Arbitrary Scripts
CVE-2025-26970: Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ark Theme Core allows Code Injection
CVE-2025-0475: GitLab CE/EE Unintended Content Rendering Leads to XSS Vulnerability
CVE-2024-8186: GitLab CE/EE Vulnerability Leads to XSS Exploits Through HTML Injection in Child Item Search
CVE-2025-1819 - Critical Vulnerability in Tenda AC7 120M Routers Leads to OS Command Injection
CVE-2025-25724: list_item_verbose Buffer Overflow Vulnerability in libarchive's tar/util.c Leading to Denial of Service and Unspecified Impact
CVE-2025-1808: Critical SQL Injection Vulnerability Found in Pixsoft E-Saphira 1.7.24
CVE-2025-1799 - Critical Vulnerability Found in Zorlan SkyCaiji 2.9 Leading to Server-Side Request Forgery
CVE-2025-1791 - Critical Remote Unrestricted File Upload Vulnerability Discovered in Zorlan SkyCaiji 2.9
CVE-2025-1671 - Privilege Escalation Vulnerability in the Academist Membership Plugin for WordPress
CVE-2025-26466: OpenSSH Vulnerability Leads to Potential Denial of Service Attack
CVE-2025-0769: PixelYourSite - Your smart PIXEL (TAG) and API Manager 10.1.1.1 Found to Be Vulnerable
CVE-2025-22274 - HTML Injection Vulnerability in CyberArk Endpoint Privilege Manager (SaaS version 24.7.1)
CVE-2025-22270: CyberArk Endpoint Privilege Manager SaaS Administration Panel Code Injection Vulnerability
CVE-2025-1319 - WordPress Site Mailer Plugin Vulnerability: Stored Cross-Site Scripting in Email API Deliverability & Email Log
CVE-2024-10860: A Warning to WordPress Users – Unauthorized Submission of Data in NextMove Lite – Thank You Page for WooCommerce Plugin
CVE-2025-1413: Critical Vulnerability found in DaVinci Resolve on macOS, Opening a Pathway to Dylib Hijacking & Privilege Escalation
CVE-2025-25728: Bosscomm IF740 Firmware Vulnerability Exposed: Plaintext HTTP Communication Opens Door to Man-in-the-Middle Attacks
CVE-2024-51138: Vigor Router Stack-Based Buffer Overflow Vulnerability in URL Parsing Functionality
CVE-2025-1450: Stored XSS Vulnerability in Floating Chat Widget for WordPress - Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty Plugin (up to Version 3.3.5)
CVE-2024-50693 – Insecure Direct Object References (IDOR) vulnerability discovered in SunGrow iSolarCloud before October 31, 2024 remediation
CVE-2025-20161: Command Injection Vulnerability in Cisco Nexus 300 and 900 Series Switches Software Upgrade Process
CVE-2025-20111: Unmasking the vulnerability in Cisco Nexus Switches' health monitoring diagnostics
CVE-2025-1634: Quarkus-Resteasy Extension Memory Leak Vulnerability – Flaw Affects Application Performance and Availability
CVE-2024-53427 - decNumberCopy Stack-based Buffer Overflow in jq 1.7.1 when Dealing with NaN Values
CVE-2024-47051: Critical Security Vulnerabilities in Mautic versions before 5.2.3 - RCE via Asset Upload and Path Traversal
CVE-2024-12434: SureMembers WordPress Plugin Sensitive Information Exposure Vulnerability via REST API
CVE-2025-22869: Denial of Service Attack on SSH Servers Implementing File Transfer Protocols via Slow Key Exchange
CVE-2025-22868 - Memory Consumption Vulnerability: Malformed Tokens Can Lead to Denial of Service Attacks
CVE-2022-49731: Linux Kernel Vulnerability Resolved in ata_host_alloc_pinfo() Function
CVE-2021-4453: Fixing a potential GPU metrics table memory leak in drm/amd/pm of the Linux kernel
CVE-2025-26601: Use-After-Free Vulnerability found in X.Org and Xwayland
CVE-2025-26599: Exploring the Uninitialized Pointer Flaw in X.Org and Xwayland - The Journey towards a Potential Exploit
CVE-2025-26600 - Use-After-Free Flaw Found in X.Org and Xwayland: Exploit Details, Code Snippets, and Original References
CVE-2025-26594: Uncovering A Use-After-Free Flaw in X.Org and Xwayland
CVE-2025-26597: Buffer Overflow Vulnerability in X.Org and Xwayland - Exploits, Code Snippet, and References
CVE-2025-26596: A Deep Dive into the Heap Overflow Flaw in X.Org and Xwayland with Exploit Details and Code Snippets
CVE-2025-26595 - Buffer Overflow Vulnerability Found in X.Org and Xwayland, Exploit Details, and Mitigation Steps
CVE-2025-26598: Uncovering the Out-of-Bounds Write Flaw in X.Org and Xwayland
CVE-2025-1128: Critical Vulnerability in Everest Forms Plugin for WordPress Allows Arbitrary File Upload, Read, and Deletion
CVE-2025-27144 - Go JOSE 4.x Prior to 4..5: Excessive Memory Consumption in JWT Parsing Leads to Denial of Service
CVE-2025-27364: Remote Code Execution Vulnerability Found in MITRE Caldera Server
CVE-2025-27112: Navidrome Authentication Bypass Vulnerability in Subsonic API Endpoints
CVE-2025-1632: Vulnerability in libarchive up to 3.7.7 – Function List of bsdunzip.c Leads to Null Pointer Dereference
CVE-2025-24490 - Mattermost SQL Injection Vulnerability in Board Reordering
CVE-2025-20051 - Arbitrary File Read Vulnerability in Mattermost Boards Due to Insufficient Input Validation
CVE-2025-25279: Mattermost Vulnerability in Board Import Validation Allows Arbitrary File Reading
CVE-2025-24526: Unauthorized Channel Export in Mattermost (versions 10.1.x <= 10.1.3, 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2)
CVE-2025-0690 - GRUB2: Critical Out-of-Bounds Write Vulnerability
CVE-2025-1412: Privilege Escalation Vulnerability in Mattermost Versions 9.11.x <= 9.11.6, 10.4.x <= 10.4.1
CVE-2025-26776: Unrestricted Upload of File with Dangerous Type Vulnerability in NotFound Chaty Pro, Allowing Web Shell Uploads to Web Servers
CVE-2025-21704: Linux Kernel Vulnerability - USB CDC-ACM Control Transfer Buffer Size Memory Corruption
CVE-2025-1510 - Arbitrary Shortcode Execution Vulnerability in Custom Post Type Date Archives Plugin for WordPress
CVE-2025-25767 - Vertical Privilege Escalation in MRCMS v3.1.2: UserController.java Allows Attackers to Arbitrarily Delete Users
CVE-2025-25770 - Wangmarket v4.10 to v5. Cross-Site Request Forgery (CSRF) vulnerability in AgencyUserController.java
CVE-2025-25604: Totolink X500R V9.1.u.6369_B20230113 Command Injection Vulnerability via vif_disable Function in mtkwifi.lua
CVE-2025-25875: Uncovering a Vulnerability in ITSourcecode Simple ChatBox up to Version 1. and Exploring How to Exploit it
CVE-2025-25505: Exploring Buffer Overflow Vulnerability in Tenda AC6 15.03.05.16_multi sub_452A4 Function
CVE-2025-1538: Critical heap-based buffer overflow vulnerability in D-Link DAP-132 version 1.00
CVE-2025-1470: Handling NULL Pointer Dereferences and Memory Allocation Failures in Eclipse OMR
CVE-2025-24893 - Arbitrary Remote Code Execution Vulnerability in XWiki Platform through SolrSearch
CVE-2024-55457 - MasterSAM Star Gate 11 Directory Traversal Vulnerability in /adama/adama/downloadService
CVE-2025-24989 - Improper Access Control in Power Pages Leading to Privilege Escalation and Bypassing User Registration Control
CVE-2025-21355: Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network
CVE-2025-25196: Authorization Bypass Vulnerability in OpenFGA Versions Prior to v1.8.4
CVE-2025-0624 - Critical Security Flaw Found in Grub2 Allowing Remote Code Execution and Bypass of Secure Boot Protections
CVE-2025-1426 - Heap Buffer Overflow Exploit in GPU on Google Chrome for Android Devices
CVE-2022-46283 – Uncovering the Withdrawn Vulnerability
CVE-2025-0633 - A Sneak Peek into Heap-based Buffer Overflow in iniparser_dumpsection_ini() and How to Exploit it
CVE-2025-25474: DCMTK v3.6.9+ DEV Buffer Overflow Vulnerability in /dcmimgle/diinpxt.h
CVE-2025-25473 - NULL Pointer Dereference Vulnerability in FFmpeg's libavformat/mov.c Component: Exploit Details and Patches Unveiled
CVE-2025-25471 - NULL Pointer Dereference Vulnerability in FFmpeg
CVE-2025-25472: Buffer Overflow in DCMTK git master v3.6.9+ DEV leading to Denial of Service (DoS)
CVE-2025-25475 - A NULL Pointer Dereference Vulnerability in DCMTK v3.6.9+ DEV Causing Denial of Service (DoS) Exploitation
CVE-2025-24928 - Stack-based Buffer Overflow in Libxml2: A Deep Dive into xmlSnprintfElements in valid.c
CVE-2025-27113: A Comprehensive Analysis of the NULL Pointer Dereference Issue in libxml2
CVE-2025-25894: OS Command Injection Vulnerability Discovered in D-Link DSL-3782 v1.01
CVE-2025-25896: Buffer Overflow Vulnerability in D-Link DSL-3782 v1.01 Leading to Denial of Service Attacks
CVE-2025-25895: OS Command Injection Vulnerability Found in D-Link DSL-3782 Firmware v1.01
CVE-2025-25467 - Insufficient Tracking and Releasing Memory in libx264 Git Master - Exploit Analysis and PoC
CVE-2025-25468: Understanding the Memory Leak Vulnerability in FFmpeg git-master Before Commit d5873b
CVE-2025-25469 - Memory Leak Vulnerability in FFmpeg git-master before commit d5873b Discovered in libavutil/iamf.c Component
CVE-2025-25893 - D-Link DSL-3782 v1.01: OS Command Injection Vulnerability via Critical Parameters
CVE-2024-56171 - Exploring the Use-After-Free vulnerability in libxml2 before 2.12.10 and 2.13.x before 2.13.6
CVE-2025-26465 - Exploiting VerifyHostKeyDNS Vulnerability in OpenSSH for Machine-in-the-Middle Attacks
CVE-2025-24895 - Critical Vulnerability in CIE.AspNetCore.Authentication Allows Attackers to Impersonate Users
CVE-2025-26620 - Duende.AccessTokenManagement Race Condition Impacts Select Users
CVE-2024-4028: Keycloak Vulnerability - Stored Cross-Site Scripting (XSS) Attack via Malicious Payloads as Permissions
CVE-2025-21702: Linux Kernel pfifo_tail_enqueue Vulnerability Resolved - Potential Exploit for Privilege Escalation
CVE-2025-1414: Memory Safety Bugs in Firefox 135 Allow Potential Arbitrary Code Execution
CVE-2025-1035 - Path Traversal Vulnerability in Komtera Technologies KLog Server Allows Arbitrary File Access
CVE-2025-0864: Reflected Cross-Site Scripting vulnerability in Active Products Tables for WooCommerce
CVE-2025-0422 - Remote Code Execution Vulnerability in "bestinformed Web" Application
CVE-2025-1390 - Libcap's PAM Module Incorrectly Recognizes Group Names, Leading to Privilege Escalation
CVE-2021-30369 - A Deep Dive into the Disputed Vulnerability
CVE-2025-0714: Critical Vulnerability in Password Storage of Mobatek's MobaXterm (Versions < 25.)
CVE-2025-23840 – Reflected XSS Vulnerability in WP-NOTCAPTCHA Plugin
CVE-2025-0001 - Abacus ERP Authenticated Arbitrary File Read Vulnerability in Older Versions
CVE-2025-26779 - Improper Limitation of Pathname to a Restricted Directory in Fahad Mahmood Keep Backup Daily Paves Way for Path Traversal Attack
CVE-2025-1354: A Problematic Vulnerability Discovered in Asus RT-N12E 2...19 with Potential for Exploitation
CVE-2025-1337 - Eastnets PaymentSafe 2.5.26. Vulnerability Found: Cross Site Scripting Exploit Through BIC Search Component
CVE-2025-26793 - Hirsch Enterphone MESH Default Credential Vulnerability Exposes Private Resident Information in Multiple Buildings
CVE-2024-12562 - s2Member Pro Plugin for WordPress is Vulnerable to PHP Object Injection Through Unauthenticated Attacks
"CVE-2025-1005: Stored Cross-Site Scripting (XSS) Vulnerability Found in the ElementsKit Elementor Addons Plugin for WordPress - Image Accordion Widget"
CVE-2025-1302: Remote Code Execution vulnerability in jsonpath-plus before 10.3.
CVE-2025-0998 - Out of Bounds Memory Access Vulnerability in V8 Engine of Google Chrome Allows Remote Code Execution
CVE-2024-31144: Xapi Metadata Backup and Restore Vulnerability in Xen Project - Exploit Details and Mitigation
CVE-2022-28693 – Unprotected Alternative Channel of Return Branch Target Prediction in Some Intel(R) Processors: Potential Information Disclosure via Local Access
CVE-2025-25296 - Label Studio Cross-Site Scripting (XSS) Vulnerability in Projects Upload-Example Endpoint Prior to Version 1.16.
CVE-2025-25290: ReDoS Vulnerability in @octokit/request Affecting Version 1.. to 9.2.
CVE-2025-25289 - ReDoS Vulnerability in @octokit/request-error Library Affecting Versions Prior to 6.1.7
CVE-2025-25285 - Regular Expression Denial-of-Service (ReDoS) Vulnerability in @octokit/endpoint
CVE-2025-25288: ReDoS Attack via Malicious Link Parameter in Octokit Pagination Plugin
CVE-2025-26506 - A Potential Remote Code Execution and Elevation of Privilege Vulnerability Affecting HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers
CVE-2025-25988 - Cross Site Scripting Vulnerability in HooskCMS v1.8 leading to Denial of Service Attacks
CVE-2025-25204: GitHub's `gh attestation verify` Bug Allows Unauthorized Deployment of Malicious Artifacts
CVE-2024-57790: IXON B.V. IXrouter IX240 Hardcoded Root Credentials Vulnerability - Unauthorized Access and Exploitation Risks
CVE-2024-56463: Cross-Site Scripting Vulnerability in IBM QRadar SIEM 7.5 - Exploit Details & How to Mitigate the Risk
CVE-2025-25740: Stack-based Buffer Overflow Vulnerability in D-Link DIR-853 A1 FW1.20B07 Router
CVE-2024-56180: Critical Vulnerability in Apache EventMesh Allows Remote Code Execution through Deserialization of Untrusted Data
CVE-2025-24641: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability in rickonline_nl Better WishList API Allows Stored XSS
CVE-2025-0821 - Time-based SQL Injection Vulnerability in Bit Assist Plugin for WordPress
CVE-2024-52577 - Apache Ignite Class Serialization Filters Bypass Vulnerability
CVE-2025-26791: DOMPurify before 3.2.4 Template Literal Regular Expression Vulnerability and Exploit Details
CVE-2025-26519 - Exploring the Out-of-Bounds Write Vulnerability in musl libc and its Exploitation
CVE-2024-55904: Remote Privileged Authenticated Arbitrary Command Execution Vulnerability in IBM DevOps & UrbanCode Deploy
CVE-2025-22961 - Critical Information Disclosure Vulnerability in GatesAir Maxiva UAXT, VAXT Transmitters: Exploiting Incorrect Access Control for Unauthorized Database Access
CVE-2025-22960 - Session Hijacking Vulnerability in GatesAir Maxiva UAXT and VAXT Transmitters
CVE-2024-56908: Perfex CRM < 3.2.1 Vulnerability Allows Authenticated Attackers to Upload Arbitrary Files via upload_sales_file Endpoint
CVE-2023-34402: Arbitrary File Write Vulnerability in Mercedes-Benz NTG6 Head Unit
CVE-2023-34406 - Critical Vulnerability Discovered in Mercedes Benz NTG 6 Head Units: Integer Overflow Exploit Revealed
CVE-2024-57378: Wazuh SIEM 4.8.2 Broken Access Control Vulnerability Allowing Unauthorized Internal User Creation and Potential Privilege Escalation
CVE-2023-34398 - Mercedes-Benz Head-Unit NTG6 Profile Import Export Vulnerability Involving Boost Library
CVE-2023-34399: Mercedes-Benz NTG6 Head-Unit Integer Overflow in Boost Library Causing Vulnerability in Profile Settings Import/Export
CVE-2025-1127 Critical Exploit: Leveraging Unprivileged User Execution and Unauthorized Data Modification
CVE-2025-26511 - Instaclustr Fork of Stratio's Cassandra-Lucene-Index Plugin Vulnerability: Bypassing RBAC and Privilege Escalation
CVE-2025-25357 - SQL Injection vulnerability uncovered in PHPGurukul Land Record System v1.
CVE-2025-24904 - Vulnerability in libsignal-service-rs Allows for Injection of Plaintext Content Envelopes
CVE-2025-21701: Resolved Linux Kernel Vulnerability in net: Avoid Race Between Device Unregistration and ethnl ops
CVE-2025-1247: Critical Vulnerability Found in Quarkus REST Allowing Data Leakage Between Concurrent Requests
CVE-2025-1094 - SQL Injection Vulnerability in PostgreSQL libpq Functions and Command Line Utility Programs
CVE-2025-21700: Linux Kernel Vulnerability Fixed in net: sched - Disallow Replacing of Child qdisc from One Parent to Another
CVE-2025-1198: GitLab CE/EE ActionCable Long-Lived Connections Issue with Revoked Personal Access Tokens
CVE-2024-7102 - Unauthorized Pipeline Trigger in GitLab CE/EE Affecting Versions 16.4 to 17.5.
CVE-2024-36293: Exploring The Improper Access Control Vulnerability In Intel(R) Processors With Intel(R) SGX
CVE-2022-31631 - SQL Injection Vulnerability in PHP PDO::quote() Function for SQLite
CVE-2025-0108: Authentication Bypass Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2025-25343 - Tenda AC6 V15.03.05.16 Firmware Buffer Overflow Vulnerability in the formexeCommand Function
CVE-2025-1215: Memory Corruption Vulnerability in Vim (up to version 9.1.1096) due to --log Argument Manipulation
CVE-2025-1146 - Critical Falcon Sensor Security Vulnerability: TLS Connection Validation Logic Error
CVE-2025-25741: D-Link DIR-853 A1 FW1.20B07 Stack-based Buffer Overflow Vulnerability in SetIPv6PppoeSettings Module
CVE-2025-25199: Memory leak vulnerability in go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation (CNG)
CVE-2025-25746: Exploring a Stack-based Buffer Overflow Vulnerability in D-Link DIR-853 A1 FW1.20B07
CVE-2025-25742: Uncovering a Stack-Based Buffer Overflow Vulnerability in D-Link DIR-853 A1 FW1.20B07
CVE-2025-25743: Uncovering Command Injection Vulnerability in D-Link DIR-853 A1 FW1.20B07's SetVirtualServerSettings Module
CVE-2025-25184: Rack::CommonLogger Log Injection Vulnerability in Ruby Web Applications
CVE-2025-0516: A Deep Dive into GitLab CE/EE's Improper Authorization Vulnerability (Versions 17.7-17.7.4, 17.8-17.8.2)
CVE-2025-1212 - Critical Information Disclosure Vulnerability in GitLab CE/EE Requires Immediate Patching
CVE-2025-1244 - Emacs Text Editor Vulnerable to Command Injection Flaw, Allowing Remote Code Execution
CVE-2025-1042 - Unauthorized Repository Access: Insecure Direct Object Reference Vulnerability in GitLab EE
CVE-2025-0376: Cross-Site Scripting (XSS) Vulnerability in GitLab CE/EE - Affecting Versions 13.3 to 17.8.1
CVE-2024-12379: GitLab CE/EE Denial of Service Vulnerability Impacting Availability Due to Unbounded Symbol Creation Using Personal Access Tokens
CVE-2025-23359 - NVIDIA Container Toolkit for Linux TOCTOU Vulnerability: Exploiting Default Configurations for Unauthorized Host File System Access
CVE-2025-1243 - Temporal api-go Library Data Converter Bypass in UpdateWorkflowExecution API
CVE-2024-53880: NVIDIA Triton Inference Server Integer Overflow Vulnerability in Model Loading API Leads to Potential Denial of Service
CVE-2020-3432: Understanding the Vulnerability in Cisco AnyConnect Secure Mobility Client for macOS
CVE-2024-54772 - Timing Attack Vulnerability in MikroTik RouterOS Winbox Service for User Account Enumeration
CVE-2025-1240 - WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability Discovered and Exploited
CVE-2024-32037 - GeoNetwork Information Leakage via Search End-Point Response Headers in Versions Prior to 4.2.10 and 4.4.5
CVE-2022-3180: WPGateway Plugin for WordPress Privilege Escalation Vulnerability - Creating Malicious Administrator Accounts
CVE-2025-25202 - Ash Authentication Revoked Token Vulnerability in Elixir Applications
CVE-2025-26494: Server-Side Request Forgery (SSRF) Vulnerability in Salesforce Tableau Server Allows Authentication Bypass
CVE-2025-26495: Cleartext Storage of Sensitive Information Vulnerability Found in Salesforce Tableau Server
CVE-2025-24434 - Critical Improper Authorization Vulnerability Found in Adobe Commerce
CVE-2025-21418 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability: Technical Analysis and Exploit Details
CVE-2025-21420: Exploring the Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
CVE-2025-21400: Unveiling the Microsoft SharePoint Server Remote Code Execution Vulnerability - A Comprehensive Analysis
CVE-2025-21406 - Unleashing the Hidden Dangers of Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21391 - Windows Storage Elevation of Privilege Vulnerability: A Deep Dive into Exploitation Techniques and Mitigations
CVE-2025-21387: Unpacking the Microsoft Excel Remote Code Execution Vulnerability: Analysis, Impact, and Mitigations
CVE-2025-21376: A Deep Dive into Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2025-21377: NTLM Hash Disclosure Spoofing Vulnerability - When Attackers Exploit Weaknesses and Compromise Security
CVE-2025-21381: Uncovering the Microsoft Excel Remote Code Execution Vulnerability – A Deep Dive
CVE-2025-21369: Critical Microsoft Digest Authentication Remote Code Execution Vulnerability - Understanding, Detection, and Mitigation
CVE-2025-21351: Windows Active Directory Domain Services API Denial of Service Vulnerability - Technical Breakdown and Exploitation Guide
CVE-2025-21337: Exploring a Windows NTFS Elevation of Privilege Vulnerability and How to Mitigate the Risks
CVE-2025-21254: Internet Connection Sharing (ICS) Denial of Service (DoS) Vulnerability Exposed - A Deep Dive on Exploit Analysis, Code Snippets, and Mitigation Techniques
CVE-2025-21198 Exploited: Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability Unveiled with Code Examples and References
CVE-2025-21208: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-21179: DHCP Client Service Denial of Service Vulnerability - A Deep Dive into the Exploit and Mitigation Techniques
CVE-2025-21181: In-Depth Analysis of the Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2019-15002: Understanding the Exploitable CSRF Vulnerability in Atlassian Jira Versions 7.6.4 to 8.1.
CVE-2025-24472: Authentication Bypass Vulnerability in FortiOS and FortiProxy Allows Remote Attackers to Gain Super-Admin Privileges
CVE-2024-40591: Improper Privilege Assignment Vulnerability in Fortinet FortiOS Allows Unauthorized Super-Admin Access
CVE-2025-24976: Docker Distribution Vulnerability in Token Authentication
Critical Vulnerability CVE-2025-22467 Found in Ivanti Connect Secure: Stack-Based Buffer Overflow can Lead to Remote Code Execution
CVE-2024-12797: Critical Vulnerability in OpenSSL's RFC725 Raw Public Keys Authentication
CVE-2025-26491 - A Deep Dive into the Duplicate Vulnerability of CVE-2025-26494
CVE-2025-26411: Authenticated Attacker Gains Remote Root Access in Wattsense Bridge Devices through Plugin Manager
CVE-2025-26410 - Uncovering Hard-Coded Credentials in Wattsense Bridge Devices Firmware
CVE-2025-26409: Exploitable Security Vulnerability in Wattsense Bridge Devices Serial Interface Uncovered
CVE-2025-26408 - The Vulnerability of JTAG Interface on Wattsense Bridge Devices for Firmware Exploitation with Physical Access
CVE-2023-4998: Understanding the Exploit, Code Snippets, and Withdrawal by the CVE Numbering Authority
CVE-2025-1165: Critical Vulnerability Found in Lumsoft ERP 8 - Unrestricted File Upload Exploit
CVE-2025-24970 - Netty Framework Vulnerability: SslHandler Packet Validation Issue Can Lead to Native Crash
CVE-2025-25193: Netty Vulnerability in Unsafe Reading of Environment File Could Cause Denial of Service
CVE-2025-1158: Exploring the Critical SQL Injection Vulnerability in ESAFENET CDG 5.6.3.154.205_20250114
CVE-2025-24016: Critical Remote Code Execution Vulnerability in Wazuh (4.4. - 4.9.1)
CVE-2025-24200: Authorization Bypass in Apple Devices due to Improper State Management - A Detailed Analysis and Recommended Remediation
CVE-2024-54658: Understanding the Memory Handling Issue Affecting Web Content Processing and Solutions in iOS 17.4, iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4
CVE-2025-1153: Memory Corruption Vulnerability in GNU Binutils 2.43/2.44: Exploitation and Mitigation
CVE-2024-27859: iOS, iPadOS, tvOS, watchOS, visionOS, and macOS Vulnerability Fixed with Improved Memory Handling
CVE-2025-25188 - Hickory DNS: Security vulnerability in DNSSEC validation leads to misplacement of trust
CVE-2025-25186: Net::IMAP Vulnerability - Denial of Service by Memory Exhaustion in Ruby's Response Parser
CVE-2025-21693: Resolving Linux Kernel Vulnerability in mm: zswap
CVE-2025-21691: Linux Kernel Cachestat Vulnerability Resolved with Permission Checks
CVE-2025-21689 - USB: Serial: quatech2: Fixing Null-ptr-deref Issue in Linux Kernel's qt2_process_read_urb()
CVE-2025-21687 - Patch Overview for Linux Kernel Vulnerability: vfio/platform Bounds Check on Read/Write Syscalls
CVE-2024-12133 - Dissecting the Vulnerability in libtasn1 Inefficient Certificate Data Processing Leading to DOS Attacks
CVE-2024-12243: GnuTLS Vulnerability Due to Inefficient libtasn1 Algorithm Leading to Denial-of-Service
CVE-2025-21684: Linux kernel vulnerability in gpio xilinx resolved
CVE-2025-21685 - Resolving Linux Kernel Vulnerability in Lenovo Yoga Tab2 Pro-138 Fast Charger
CVE-2024-57949: Linux Kernel Vulnerability in irqchip/gic-v3-its Fixed
CVE-2024-13440 - SQL Injection Vulnerability in the Super Store Finder WordPress Plugin
CVE-2025-0169 - Stored XSS Vulnerability in DWT - Directory & Listing WordPress Theme Versions up to 3.3.4
CVE-2025-0316: WP Directorybox Manager Plugin for WordPress Authentication Bypass Vulnerability - A Detailed Analysis and Exploit Guide
CVE-2024-8377 - Exploring the Rejected Vulnerability: A Look at the Exploit, Code Snippets, and Original References
CVE-2025-25183: vLLM Cache Reuse Vulnerability Due to Python's Hash Function Changes in Version 3.12
CVE-2022-26388: Hard-Coded Password Vulnerability in Resting Electrocardiograph Devices - Authentication Abuse Risks and Exploit Details
CVE-2024-10383: XSS Vulnerability in GitLab Web IDE Affecting gitlab-web-ide-vscode-fork Component
CVE-2025-23085 - Memory Leak Vulnerability in Node.js HTTP/2 Server
CVE-2025-1061: Critical Vulnerability in Nextend Social Login Pro for WordPress Leading to Authentication Bypass
CVE-2025-0674 - Authentication Bypass Vulnerability in Multiple Elber Products: Unauthorized Password Management Access and Exploitation
CVE-2025-21404 - Microsoft Edge (Chromium-based) Spoofing Vulnerability: Understanding the Exploit and Mitigation Steps
CVE-2025-21408: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability – A Deep Dive into the Exploit and How to Mitigate It
CVE-2025-21342 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability: What You Need to Know
CVE-2025-21253: Microsoft Edge for iOS and Android Spoofing Vulnerability - A Deep Dive
CVE-2025-21267: Microsoft Edge (Chromium-based) Spoofing Vulnerability Discovered - Here's the Full Analysis, Code Snippet, and Exploit Details
CVE-2024-57672 Unveiled: Exploiting an Issue in Floodlight v1.2 to Perform Local DoS Attacks via the Topology Manager, TopologyInstance, and Routing Modules
CVE-2025-24786: WhoDB Path Traversal Vulnerability in Database Management Tool
CVE-2025-23217: Mitmweb SSRF Vulnerability Allows Malicious Clients to Access Internal API and Potential RCE
CVE-2024-36558 - Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1._2019_07_15_16.19.24_cob_h Cleartext Transmission of Sensitive Information Vulnerability
CVE-2025-22866: PPC64LE Architecture Scalar Leakage in P-256 Implementation - Exploit Details and Mitigation Strategies
CVE-2025-0994: Addressing the Deserialization Vulnerability in Trimble Cityworks and Office Companion Versions
CVE-2023-5878: Honeywell OneWireless WDM Command Injection Vulnerability and Patch Release
CVE-2024-37358: Uncovering Apache James' Vulnerability to Denial of Service Attacks via IMAP Literals
CVE-2025-0522: Critical Vulnerability in LikeBot WordPress Plugin - Stored XSS via CSRF
CVE-2025-1066: OpenPLC_V3 Arbitrary File Upload Vulnerability Exploitation and Mitigation
CVE-2024-57699: Stack Exhaustion Vulnerability in Netplex Json-smart 2.5. – 2.5.1 Causing Denial of Service (DoS)
[CVE-2024-57079] Prototype Pollution Vulnerability in @zag-js/core v.50. Allows Attackers to Cause a Denial of Service (DoS)
CVE-2024-57080 - Prototype Pollution in vxe-table v4.8.10 Leading to Denial of Service Attacks
CVE-2024-57075: Understanding Prototype Pollution and Denial of Service Vulnerability in Eazy-Logger v4..1
CVE-2024-57077 - Utils-extend 1..8 Prototype Pollution and Exploit Details
CVE-2025-23419: How an Attacker Can Bypass Client Certificate Authentication in Nginx Servers using Session Resumption
CVE-2025-21087: Exploring the High CPU and Memory Utilization Vulnerability in Client/Server SSL Profiles and DNSSEC Signing Operations
CVE-2025-20029 – Command Injection Vulnerability in iControl REST and BIG-IP TMOS Shell (tmsh) Save Command
CVE-2025-20124 - Arbitrary Command Execution in Cisco ISE API due to Insecure Deserialization
CVE-2025-20125: Unauthorized Access and Data Manipulation in Cisco ISE API
CVE-2024-2878: Unusual Search Terms Causing Denial of Service in GitLab CE/EE Branch Names
CVE-2024-3976: Unauthorized Disclosure of Confidential Issues in GitLab CE/EE
CVE-2024-5528: Subdomain Takeover Vulnerability in GitLab CE/EE Pages
CVE-2024-1539: GitLab EE Information Disclosure Vulnerability Affecting Multiple Versions - Details, References, and Exploit
CVE-2025-0665 - libcurl: Eventfd File Descriptor Incorrectly Closed Twice Due to Threaded Name Resolve
CVE-2025-0725 - Buffer Overflow Vulnerability in libcurl's Automatic gzip Decompression with zlib 1.2..3 or Older
CVE-2025-0167: Curl's Rare Credential Leak - How the Combination of .netrc Default and HTTP Redirects Leads to Password Exposure
CVE-2023-52924 - Linux Kernel netfilter Vulnerability: nf_tables Expired Set Elements
CVE-2025-25246 - Unauthenticated Remote Code Execution Vulnerability in NETGEAR XR100, XR100v2, and XR500 Gaming Routers
CVE-2025-1028: Unauthenticated Arbitrary File Upload Vulnerability in Contact Manager Plugin for WordPress (Versions <= 8.6.4)
CVE-2025-23114 - Veeam Updater Component Vulnerability: Man-in-the-Middle Attackers Can Execute Arbitrary Code on Vulnerable Servers
CVE-2025-0509: Bypassing Sparkle's (Ed)DSA Signature Checks in Versions Prior to 2.64
CVE-2025-0444: Understanding the Use After Free Vulnerability in Skia in Google Chrome 133..6943.53
CVE-2025-0451 - Chrome Extension API Vulnerability: Analyzing the Inappropriate Implementation in Extensions and its Exploits
CVE-2025-0445: A Detailed Breakdown of the Use-After-Free Vulnerability in V8 Engine of Google Chrome (Version ≤ 133..6943.53)
CVE-2025-1013: Discovering and Mitigating Race Condition Vulnerability in Firefox and Thunderbird, Leading to Privacy Leaks
CVE-2025-1020: Memory Safety Vulnerabilities in Firefox 134 and Thunderbird 134 - Exploits, Fixes, and What You Need to Know
CVE-2025-1017: Memory Safety Vulnerabilities in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 Leading to Potential Arbitrary Code Execution
CVE-2025-1012: Uncovering the Race Condition during Concurrent Delazification leading to Use-After-Free Vulnerability in Older Versions of Firefox and Thunderbird
CVE-2025-1016: Memory Safety Vulnerabilities in Firefox, Thunderbird, and Firefox ESR versions
CVE-2025-1014 - Improper Certificate Length Validation in Firefox, Firefox ESR, and Thunderbird
CVE-2025-1018: Fullscreen Notification Spoofing in Firefox and Thunderbird
CVE-2025-1019: Exploiting Browser Window Z-Order to Hide Fullscreen Notifications and Perform Spoofing Attacks
CVE-2025-1015: Thunderbird Address Book URI Security Vulnerability - Unsanitized Links Leading to Potential Malicious Payloads
CVE-2025-1009: Use-After-Free Vulnerability in Crafted XSLT Data Impacting Firefox and Thunderbird
CVE-2025-1011 - Critical WebAssembly Code Generation Vulnerability in Firefox, Firefox ESR, and Thunderbird
CVE-2025-1010: A Use-After-Free Vulnerability in the Custom Highlight API and Its Exploit Details
CVE-2024-27137 - Apache Cassandra Man-in-the-Middle JMX Interface Exploit (Java 11)
CVE-2025-23015: Privilege Escalation vulnerability in Apache Cassandra through Unsafe Actions
CVE-2025-22918 - Exploiting Insecure Permissions in Polycom RealPresence Group 500 <=20: Unauthorized Access to Administrative Functions using Automatically Loaded Cookies
CVE-2024-56903: Geovision GV-ASWeb Version 6.1.1. and Below Allows Attackers to Modify POST to GET for Critical Functionalities and Exploiting CSRF Attacks
CVE-2024-56902: Geovision GV-ASManager Web Application Information Disclosure Vulnerability
CVE-2025-25181: SQL Injection Vulnerability in Advantive VeraCore through 2025.1.
CVE-2025-25064: SQL Injection Vulnerability Found in ZimbraSync Service SOAP Endpoint in Zimbra Collaboration
CVE-2025-25065: Breaking Down the SSRF Vulnerability in Zimbra Collaboration RSS Feed Parser
CVE-2024-57968 - Exploiting Advantive VeraCore's File Upload Vulnerability to Gain Unauthorized Access
CVE-2025-22978: CSV Injection Vulnerability Discovered in eladmin <=2.7 Exception Log Download Module
CVE-2024-12511 - Unrestricted Address Book Access Leading to SMB/FTP Settings Manipulation and Potential Credential Capturing in Printers
CVE-2024-50656: XSS Vulnerability in ITSourceCode Placement Management System 1. - Full Name Field Exploitation
CVE-2025-24898 - Rust-OpenSSL Use After Free Vulnerability
CVE-2024-56161 - Improper Signature Verification in AMD CPU ROM Microcode Patch Loader: Exploit Details, Affected Models, and Mitigation Techniques
CVE-2024-45569: Memory Corruption caused by Parsing Malformed ML IE Frame Content
CVE-2024-38416 - Information Disclosure During Audio Playback: An In-Depth Analysis with Code Snippets and Exploit Details
CVE-2025-20631: Wlan AP Driver Vulnerability - Possible Out of Bounds Write, Local Escalation of Privilege, and How to Patch It
CVE-2025-0938 - Python Standard Library Vulnerability in 'urllib.parse.urlsplit' and 'urlparse' Handling of Square Brackets in Domain Names
CVE-2025-23001 - Host Header Injection Vulnerability in CTFd 3.7.5: Exploit Details, Code Snippet, and Original References
CVE-2024-57432 - Insecure Permissions in macrozheng mall-tiny 1..1: Hardcoded JWT Signing Keys and User Information Exposure
CVE-2024-53584: OpenPanel v.3.4 OS Command Injection Vulnerability via Timezone Parameter
CVE-2024-47857: SSH Communication Security Vulnerability in PrivX Versions 18.-36. – Impersonation and Unauthorized Access Exploit
CVE-2025-23215 - PMD and PMD Designer Release Signing Key Compromise and Mitigation
CVE-2025-22994: O2OA 9.1.3 Cross Site Scripting (XSS) Vulnerability in Meetings - Settings
CVE-2024-53582: Uncovering Directory Traversal Vulnerability in OpenPanel v.3.4 File Manager - Copy and View Functions
CVE-2025-21683 - Linux Kernel bpf_sk_select_reuseport() Memory Leak Vulnerability Resolved
CVE-2025-21682 - Linux Kernel Vulnerability Resolved in Eth: Bnxt
CVE-2025-21679: Fixing the Linux Kernel Vulnerability - Btrfs Error Handling in "get_canonical_dev_path"
CVE-2025-21681: Linux Kernel Open vSwitch Lockup Fixed on TX to Unregistering Netdev with Carrier
CVE-2025-21672: Linux Kernel AFS Merge Preference Rule Failure Condition Resolved
CVE-2025-21675 - Linux kernel vulnerability resolved in net/mlx5: Clear port select structure when failed to create
CVE-2025-21676: Addressing Linux Kernel Vulnerability in net:fec Handling page_pool_dev_alloc_pages Error
CVE-2025-21669: Resolved Linux Kernel Vulnerability - Discarding Packets If Transport Changes
CVE-2025-21670: Preventing NULL Pointer Dereference in Linux Kernel vsock/bpf with Early Transport Check
CVE-2025-21673 Linux Kernel Vulnerability Resolved - smb: client: Fix Double Free of TCP_Server_Info::hostname
CVE-2025-21678 - Resolved Linux Kernel Vulnerability: GTP Device Destruction with UDP Socket's Netns Dismantle
CVE-2025-21667 - Preventing Linux Kernel Vulnerability in iomap Write Operations
CVE-2025-21666: Linux Kernel vsock Null Pointer Dereference Vulnerability Patched
CVE-2025-21665 - A Deep Dive into Addressing Linux Kernel Filemap Vulnerability: Avoiding 64-bit offset truncation to 32 bits
CVE-2025-21668: Linux Kernel Vulnerability in pmdomain: imx8mp-blk-ctrl - Resolved
CVE-2024-57948: Linux Kernel Fix for Corrupted List in mac802154
CVE-2024-52875 - Critical Vulnerability in GFI Kerio Control 9.2.5 to 9.4.5: Open Redirect, HTTP Response Splitting, and Remote Code Execution
CVE-2024-13101 - WP MediaTagger WordPress Plugin Allows Stored XSS Attacks in Versions Up to 4.1.1
CVE-2024-47900 - Unauthorized GPU Access Vulnerability: Exploiting Improper GPU System Calls for OOB Kernel Memory Access
CVE-2024-47891 - Unprivileged Users Exploiting Improper GPU System Calls to Trigger Use-After-Free Kernel Exceptions
CVE-2022-1736: Ubuntu GNOME-Control-Center Default Remote Desktop Sharing Vulnerability and Exploit Details
CVE-2023-0092 - Exploiting a Juju Controller Model File Disclosure Vulnerability
CVE-2020-11936: GDBus setgid Privilege Escalation Vulnerability Unveiled with Code Snippets and Exploit Details
CVE-2024-23921 Revealed: ChargePoint Home Flex Charging Stations Vulnerable to Network-Adjacent Attacks
CVE-2024-23928 - Pioneer DMH-WT760NEX Devices Vulnerability: Certificate Validation Flaw Leads to Compromised Integrity of Downloaded Information
CVE-2023-6195: Server Side Request Forgery (SSRF) Vulnerability in GitLab CE/EE Affecting Imports from GitHub Repositories
CVE-2024-1211: Critical Cross-site Request Forgery Vulnerability in GitLab CE/EE with JWT OmniAuth Provider
CVE-2025-24500: Unauthenticated Access To PAM Database Information
CVE-2025-22220: Privilege Escalation Vulnerability Found in VMware Aria Operations for Logs
CVE-2025-23216: Argo CD Vulnerability Exposes Secret Data in Error Messages and Diff View
CVE-2025-22218: Understanding Information Disclosure Vulnerability in VMware Aria Operations for Logs
CVE-2025-23007 - A Deep Dive into the NetExtender Windows Client Log Export Function Vulnerability, Unauthorized Access to Sensitive Windows System Files, and the Potential for Privilege Escalation
CVE-2025-21415: Authentication Bypass by Spoofing in Azure AI Face Service - Detailed Exploit Analysis and Sample Code
CVE-2025-21396 - Missing Authorization in Microsoft Account Allows Unauthorized Attacker to Elevate Privileges Over a Network
CVE-2025-0851 - Path Traversal Vulnerability in Deep Java Library Affecting ZipUtils.unzip and TarUtils.untar Functions
CVE-2024-11187: BIND 9 Resource Consumption Vulnerability Exploitation with Specially Crafted Zone Queries
CVE-2024-12705: Exposing a Vulnerability in DNS-over-HTTPS (DoH): Flood Attacks to Exhaust DNS Resolver's CPU and Memory Resources
CVE-2025-24884 - Kube-audit-rest Discloses Previous Values of Kubernetes Secrets in Audit Messages
CVE-2025-24793 – Snowflake Connector for Python SQL Injection Vulnerability Fixed in 3.13.1
CVE-2025-24795: Snowflake Connector for Python Temporary Credential Caching Vulnerability and Remediation
CVE-2025-24794 - Snowflake Connector for Python OCSP Response Cache Vulnerability and Remediation
CVE-2025-24790 - Snowflake JDBC Driver Vulnerability: Temporary Credential Cached in World Readable Files
CVE-2025-24789: Privilege Escalation Vulnerability in Snowflake JDBC Driver with EXTERNALBROWSER Authentication on Windows
CVE-2025-24882: Regclient Docker and OCI Registry Client Vulnerability, Overview of Exploit Details and Mitigation
CVE-2025-24374 - Improper Output Escaping in Twig Template Engine's Null Coalescing Operator Leading to Potential Security Risks
CVE-2025-0762: Uncovering DevTools Use After Free Vulnerability in Google Chrome (Versions Prior to 132..6834.159)
CVE-2025-0617: Exploring Denial of Service Vulnerability in HX Console of Versions 10.. and Prior
Exploring CVE-2024-57965: Understanding the Axios Vulnerability and its Resolution in Version 1.7.8
CVE-2024-48310 - AutoLib Software Systems OPAC v20.10 Exposed API Keys: Exploit Details, Risks, and How to Prevent It
CVE-2024-55968: Security Vulnerability in DTEX DEC-M (DTEX Forwarder) 6.1.1 Allows Privilege Escalation in macOS
CVE-2024-40672: Bypassing Factory Reset Protections in Android ChooserActivity.java
CVE-2024-40673: Java ZipFile Dynamic Code Loading Vulnerability
CVE-2024-40676: Bypassing Intent Security Checks in AccountManagerService.java and Installing Unknown Apps
CVE-2024-40677 - Bypassing Factory Reset Protections in AdvancedPowerUsageDetail.java
CVE-2024-40675: Local Denial of Service Vulnerability in parseUriInternal of Intent.java
CVE-2024-40674: Uncovering a Denial of Service Vulnerability in validateSsid of WifiConfigurationUtil.java
CVE-2024-40669: Local Escalation of Privilege in TBD due to Use After Free
CVE-2024-40649 - Critical Use-After-Free Vulnerability in TBD of TBD Leading to Local Privilege Escalation
CVE-2025-22217: Unmasking the Unauthenticated Blind SQL Injection Vulnerability in Avi Load Balancer
CVE-2025-23045: Arbitrary Code Execution Vulnerability in Computer Vision Annotation Tool (CVAT) and How to Mitigate It
CVE-2025-0065: Privilege Escalation Vulnerability in TeamViewer Clients for Windows Versions Prior to 15.62
CVE-2025-0290: Critical Vulnerability in GitLab CE/EE Leads to Unresponsive Background Jobs
CVE-2024-23953 - Breaking Apache Hive's LlapSignerImpl Security Through Array Comparison Vulnerability
CVE-2025-23084: Critical Vulnerability in Node.js Affecting Windows Drive Names Handling
CVE-2024-45341: A Deep Dive into the Vulnerability Involving URI Name Constraint in IPv6 Addresses with Zone IDs
CVE-2024-45336: HTTP Client Vulnerability - Sensitive Headers Sent After Cross-Domain Redirect
CVE-2024-45339 – A Vulnerability in Default Log Writable Directories Leading to a Privileged Process Overwriting Sensitive Files
CVE-2023-50316 - IBM Sterling B2B Integrator SQL Injection Vulnerability and Exploit Details
CVE-2022-31749: Argument Injection Vulnerability in WatchGuard Fireware OS in the Diagnose and Import PAC Commands
CVE-2025-24163 - App Termination Vulnerability During File Parsing in iPadOS, macOS, visionOS, iOS, watchOS, and tvOS Fixed by Improved Checks
CVE-2025-24162 - VisionOS 2.3 and Other Apple Products Security Update: Preventing Unexpected Web Content Process Crashes Caused by Maliciously Crafted Web Content
CVE-2025-24174: Comprehensive Analysis and Fix for Privacy Preferences Bypass Vulnerability in macOS
CVE-2025-24161: Parsing File Vulnerability Leading to Unexpected App Termination, and How it was Fixed in Multiple Apple Operating Systems
CVE-2025-24154: Addressing an Out-of-Bounds Write Vulnerability in macOS, visionOS, iOS, and iPadOS to Improve System Security
CVE-2025-24158 - Memory Handling Vulnerability in VisionOS: Exploit Analysis, Mitigation, and Remediation
Understanding CVE-2025-24159: An App Able to Execute Arbitrary Code with Kernel Privileges
CVE-2025-24149: Out-of-Bounds Read Addressed with Improved Bounds Checking
CVE-2025-24146: Deleting Conversations in Messages Exposes User Contact Information in System Logging and How to Fix It
CVE-2025-24150: Addressing a Critical Privacy Issue in macOS, Safari, iOS, and iPadOS - Command Injection via URL Copying in Web Inspector
CVE-2025-24151: Dealing with an App Level Memory Vulnerability in macOS
CVE-2025-24160: Addressing Security Vulnerability in Multiple Apple Operating Systems with Improved Checks
CVE-2025-24141: Authentication Bug in iOS and iPadOS Allows Unauthorized Access to Photos
CVE-2025-24137: Type Confusion Issue Addressed and Improved Checks in Popular Operating Systems
CVE-2025-24139: Parsing a Maliciously Crafted File May Lead to Unexpected App Termination in macOS
CVE-2025-24138 - Malicious Application Exploit Leak Sensitive User Information, How to Mitigate and Secure Your System
CVE-2025-24134 - Addressing Information Disclosure through Improved Privacy Controls in macOS Sequoia 15.3
CVE-2025-24135: macOS Sequoia 15.3 Privilege Escalation Vulnerability Analysis and Mitigation with Improved Message Validation
CVE-2025-24118 - iPadOS/macOS Kernel Memory Write and System Termination Vulnerability
CVE-2025-24123: Improved Checks Address File Parsing Vulnerability on Multiple Apple Operating Systems
CVE-2025-24124 - Improved Checks Patch Critical File Parsing Vulnerability in Multiple Apple OS Versions
CVE-2025-24130: An In-Depth Analysis of macOS File System Security Vulnerability, Exploitation Techniques, and Remediations
CVE-2025-24122 - Intel-Based Mac Downgrade Issue and How It Was Fixed with Code-Signing Restrictions
CVE-2025-24126: Addressing an Input Validation Vulnerability in VisionOS, iOS, iPadOS, macOS Sequoia, WatchOS, and TvOS
CVE-2025-24109 - Addressing the Downgrade Issue with Code-Signing Restrictions in macOS to Prevent Unauthorized Access to Sensitive User Data
CVE-2025-24115: macOS Path Handling Security Vulnerability Fixed with Improved Validation
CVE-2025-24106: Parsing File Vulnerability in macOS Causing Unexpected App Termination, Fixed with Improved Checks
CVE-2025-24113 - UI Spoofing Vulnerability in macOS, Safari, iOS, iPadOS, and visionOS - How the Issue Was Addressed and Fixed with Improved UI
CVE-2025-24102 - Addressing Unauthorized Location Access with Improved Checks in iPadOS, macOS Sequoia, macOS Sonoma, and macOS Ventura
CVE-2025-24103: Improved Validation of Symlinks Prevents Unauthorized access to Protected User Data
CVE-2025-24092: Addressing Sensitive Location Information Exposure with Improved Data Protection
CVE-2025-24104 - SECURITY VULNERABILITY IN RESTORING SYMLINKS FROM MALICIOUS BACKUP FILES ON APPLE DEVICES: IPADOS AND IOS
CVE-2025-24085: Use After Free Vulnerability Addressed in VisionOS 2.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, and tvOS 18.3 with Improved Memory Management
CVE-2024-54542: Authentication Issue in Safari, macOS, watchOS, iOS, and iPadOS - How to Address it with Improved State Management
CVE-2024-54543 - Memory Corruption Vulnerability Patched in Various Operating Systems
CVE-2024-54520: macOS Path Handling Issue Overwrites Arbitrary Files – macOS Sonoma, Sequoia, and Ventura Updates Patch the Vulnerability
CVE-2024-54478 - Out-of-Bounds Access Issue Fixed in Various Apple Operating Systems
CVE-2024-54468 - Breaking Out of Sandbox in macOS, iOS, and iPadOS: Exploit Details, Fixes, and References
CVE-2024-48841 - Remote Code Execution Vulnerability in FLXEON 9.3.4 and Older
CVE-2025-24367 Exploiting Cacti Graph Template Functionality for Remote Code Execution
CVE-2025-24357 - vLLM Inference and Serving Library Arbitrary Code Execution via Malicious Pickle Data
CVE-2025-22604: Critical Cacti Vulnerability Allows Authenticated Users to Execute Commands via Malformed OIDs
CVE-2024-27256 - IBM MQ Container Cryptographic Algorithm Vulnerabilities in Versions 3.. to 3.1.3 CD, 2.. to 2..22 LTS, 2.4. to 2.4.8, 2.3. to 2.3.3, 2.2. to 2.2.2
CVE-2024-38320 - Weak Cryptographic Algorithms in IBM Storage Protect for Virtual Environments and Backup-Archive Client
CVE-2023-47159 - IBM Sterling File Gateway User Enumeration Vulnerability
CVE-2023-52292 - Stored Cross-Site Scripting Vulnerability in IBM Sterling File Gateway and Potential Credentials Disclosure
CVE-2024-52012 - Relative Path Traversal Vulnerability in Apache Solr Affects Windows Systems
CVE-2025-24814 - Apache Solr "FileSystemConfigSetService" Privilege Escalation Vulnerability
CVE-2022-49043: A Deep Dive into the Use-After-Free Vulnerability in XMLXIncludeAddNode in Libxml2
CVE-2025-0542 - G DATA Management Server Local Privilege Escalation Vulnerability
CVE-2024-35145: IBM Maximo Application Suite 9.. Monitor Component Cross-Site Scripting Vulnerability
CVE-2024-35114: Username Enumeration Vulnerability in IBM Control Center
CVE-2024-10552 - Stored Cross-Site Scripting (XSS) Vulnerability in Flexmls® IDX Plugin for WordPress
CVE-2025-0411: 7-Zip Mark-of-the-Web Bypass Vulnerability: A Remote Attack Vector Exploiting 7-Zip File Handling
CVE-2025-21262 - Microsoft Edge (Chromium-based) Spoofing Vulnerability: Details, Exploitation, and Mitigation Strategies
CVE-2024-35122: IBM i 7.2-7.5 File Level Local Denial of Service Vulnerability Exploitation and Remediation
CVE-2019-15690: Exploring the Heap Buffer Overflow Vulnerability in LibVNCServer .9.12 and Earlier Releases
CVE-2025-0314: Uncovering a Cross-Site Scripting Vulnerability in GitLab CE/EE
CVE-2024-11931: GitLab CI Lint Vulnerability Exposes Protected CI Variables for Users with Developer Role
CVE-2025-23006 - Critical Pre-authentication Deserialization Vulnerability in SMA100 Appliance Management Console and Central Management Console
CVE-2024-53299 - Apache Wicket 7.. Denial-of-Service (DoS) Vulnerability and Solutions
CVE-2024-52975: Fleet Server Logging Sensitive Information in INFO and ERROR Log Levels - Exploit Details, Code Snippets, and Original References
CVE-2024-52972: Unchecked Allocation of Resources in Kibana Poses a Critical Risk of Crash
CVE-2024-43710: Investigating a Server Side Request Forgery Vulnerability in Kibana's /api/fleet/health_check API
CVE-2024-43707: Unauthorized Access to Elastic Agent Policies in Kibana Revealing Sensitive Information
CVE-2025-24030 - Security Vulnerability in Envoy Gateway Allowing Unauthorized Admin Interface Access
CVE-2023-32340: IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability Exposed: Exploitation Details, Code Snippet, and Original References
CVE-2023-50309 - Stored Cross-Site Scripting Vulnerability in IBM Sterling B2B Integrator 6... through 6.1.2.5 and 6.2..: Exploit Details and Recommendations
CVE-2024-57723 - Lunasvg v3.. Segmentation Violation in Component Composition_source_over: Exploit Details, Code Snippet, and References
CVE-2024-57724: In-Depth Analysis of Segmentation Fault in Lunasvg v3.. and How to Exploit It
CVE-2024-57719 - Lunasvg v3.. Segmentation Violation in Blend_transformed_tiled_argb.isra. Component
CVE-2024-57721 - Lunasvg v3.. Segmentation Violation in Plutovg_Path_Add_Path Component
CVE-2025-0611: Understanding the Object Corruption in V8 in Google Chrome and Its Exploitation through a Crafted HTML Page
CVE-2025-0612 - Detailed Analysis and Exploitation of Out of Bounds Memory Access in V8 Engine in Google Chrome versions prior to 132..6834.110
CVE-2025-23047: Cilium's Insecure Default Access-Control-Allow-Origin Header Value Leads to Sensitive Data Exposure
CVE-2025-24403: Jenkins Azure Service Fabric Plugin Vulnerability - Missing Permission Check Allows Credential ID Enumeration
CVE-2025-24399: Jenkins OpenID Connect Authentication Plugin Vulnerability Allows Attackers to Gain Administrator Access
CVE-2025-24400 - Jenkins Eiffel Broadcaster Plugin Cache Key Vulnerability Leads to Illegitimate Signing of Events
CVE-2025-23028 - Cilium Denial of Service Vulnerability Found in Kubernetes Networks: Understanding the Exploit and How to Fix It
CVE-2025-20156 - Cisco Meeting Management REST API Privilege Escalation Vulnerability
CVE-2025-20128: ClamAV OLE2 Decryption Routine Vulnerability Causes Denial of Service
CVE-2024-31903: Critical Vulnerability in IBM Sterling B2B Integrator Standard Edition Leads to Arbitrary Code Execution
CVE-2025-0604 - Keycloak Authentication Bypass Vulnerability Due to LDAP Password Reset Issue in Active Directory Integration
CVE-2025-0395: Buffer Overflow Vulnerability in GNU C Library's assert() Function from Versions 2.13 to 2.40
CVE-2024-11218: A Vulnerability in `podman build` and `buildah` - Understanding the Container Breakout and Race Condition Exploit
CVE-2025-23090 - The Exploitation of Diagnostics_Channel Utility and Worker Threads in Node.js v20, v22, and v23
CVE-2025-23083: Manipulating Worker Threads via Diagnostics_Channel Utility in Node.js Versions 20, 22, and 23
CVE-2024-49749 - Remote Code Execution Vulnerability in DGifSlurp of dgif_lib.c Affecting Image Processing Libraries
CVE-2024-49747: A Deep Dive into the GATT_sr.cc Logic Error and Its Consequences
CVE-2024-49748 - Heap Buffer Overflow in gatts_process_primary_service_req Leading to Remote Code Execution
CVE-2024-49724: Bypassing Permissions and Launching Protected Activities in AccountManagerService.java
CVE-2024-49732 - A Deep Dive into Android's CompanionDeviceManagerService.java Missing Permission Check, Potential Local Escalation of Privilege
CVE-2024-49744 - Bypass Parcel Mismatch Mitigation in AccountManagerService.java via Unsafe Deserialization
CVE-2024-49734: Side Channel Information Disclosure Allowing Wi-Fi Access Points to Determine Websites Visited via VPN
CVE-2024-49733: Critical Vulnerability in ServiceListing.java Allowing Malicious Apps to Hide NLS from Settings and Cause Local Information Disclosure
CVE-2024-49736: Uncovering a Logic Error in MainClear.java that Allows Unauthorized Factory Reset
CVE-2024-49738: Exploring a Potential Out of Bounds Write in writeInplace of Parcel.cpp for Local Privilege Escalation
CVE-2024-49737 - A Closer Look at Local Privilege Escalation in WindowOrganizerController.java's applyTaskFragmentOperation
CVE-2024-49742 - Vulnerability in NotificationAccessConfirmationActivity.java: A Possible Way to Hide an App with Notification Access in Settings
CVE-2024-49735 - Local Escalation of Privilege Exploit Leveraging Resource Exhaustion to Override Permissions Settings
CVE-2024-43096 - Out of Bounds Write Vulnerability in build_read_multi_rsp of gatt_sr.cc
CVE-2024-43770: Out of Bounds Write Vulnerability in gatts_process_find_info of gatt_sr.cc Leading to Remote Code Execution
CVE-2024-43765: Tapjacking/Overlay Attack Exploit Threatening User Privacy
CVE-2024-43763: Dissecting a Potential Denial of Service Vulnerability in GATT_SR.CC
CVE-2024-24421: Exploiting Type Confusion in Magma <= 1.8. (Fixed in v1.9)
CVE-2023-40132 - Bypassing Content Providers Read Permissions in setActualDefaultRingtoneUri of RingtoneManager.java
CVE-2024-24445 - Null Dereference Vulnerability in OpenAirInterface CN5G AMF Causes Denial of Service
CVE-2023-27113: pearProjectApi v2.8.10 SQL Injection Vulnerability in project.php through organizationCode Parameter
CVE-2023-27112 - Critical SQL Injection Vulnerability in pearProjectApi v2.8.10 Project Code Parameter
CVE-2025-21555 - High Privileged Attacker Exploiting Vulnerability in MySQL Server's InnoDB Component to Cause Complete DOS and Unauthorized Data Manipulation
CVE-2025-21543 - Vulnerability in MySQL Server Product Allows High Privileged Attacker to Cause Complete DoS
CVE-2025-21540 - Vulnerability in MySQL Server: Security Privileges Compromise Through Low Privileged Attackers
CVE-2025-21536: Vulnerability in MySQL Server (Optimizer Component) Potentially Leading to Complete Denial-of-Service (DOS) Attacks
CVE-2025-21529 - Vulnerability in MySQL Server: Information Schema Component Leaves Systems Open to DoS Attacks
CVE-2025-21524 - Critical Vulnerability in JD Edwards EnterpriseOne Tools: Monitoring and Diagnostics SEC Component Prior to 9.2.9.
CVE-2025-21521 - Vulnerability in MySQL Server: Thread Pooling may lead to DOS Attacks
CVE-2025-21519: Uncovering a Critical Vulnerability in MySQL Server and How to Protect Yourself
CVE-2025-21518 - Vulnerability in MySQL Server: Optimizer Component
CVE-2025-21502 - Critical Vulnerability in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition: Hotspot Component
CVE-2025-21503 - Vulnerability in MySQL Server InnoDB Component Leading to Potential DoS Attacks and Server Crashes
CVE-2025-21494: A Comprehensive Analysis of a Vulnerability in MySQL Server
CVE-2025-21499 - MySQL Server Vulnerability (Server: DDL): A Complete Guide to Exploitation and Mitigation
CVE-2025-21490 - Vulnerability in MySQL Server (InnoDB Component) Causing DOS: Exploit Details, Code Snippet, and Original References
CVE-2024-42936 - Remote Code Execution Vulnerability in Ruijie RG-EW300N's mqlink.elf Service Component
CVE-2025-23369 - Signature Spoofing Vulnerability in GitHub Enterprise Server: Exploit Details and Code Snippets
CVE-2024-51417: Unauthorized Remote Access in System.Linq.Dynamic.Core Prior to Version 1.6.
CVE-2025-22150: Undici HTTP/1.1 Client Vulnerability due to Predictable Boundary in Multipart Requests
CVE-2025-0377: HashiCorp's go-slug Library Zip-Slip Vulnerability - Exploit Details, Code Snippets, and References
CVE-2025-22710 - StoreApps Smart Manager SQL Injection Vulnerability
CVE-2025-21664: Resolving Linux Kernel Vulnerability in dm thin with RCU-safe List Function
CVE-2025-21659 - Linux Kernel Vulnerability: Preventing Access to NAPI Instances from Another Namespace
CVE-2025-21660: Linux Kernel Vulnerability in ksmbd: Fix for Unexpectedly Changed Path in ksmbd_vfs_kern_path_locked
CVE-2025-21662: Linux Kernel net/mlx5 Vulnerability Resolved - Variable Completion Fixed in cmd_work_handler()
CVE-2025-21663: Linux Kernel Vulnerability Resolved in Nvidia Tegra MGBE Controllers
CVE-2024-57946 - Linux Kernel Vulnerability in Virtio-blk Resolved: Avoid Queue Freeze Deadlocks during System Suspend
CVE-2025-21656: Resolving Linux Kernel Vulnerability in hwmon (drivetemp)
CVE-2024-57940: Fixing the Infinite Loop in exfat_readdir() in the Linux Kernel
CVE-2024-57939: RISC-V Linux Kernel Vulnerability Fixed in die() Function
CVE-2024-57938: Linux Kernel Vulnerability in net/sctp Resolved
CVE-2024-57931 - Selinux: Ignore Unknown Extended Permissions - A Linux Kernel Vulnerability Resolved
CVE-2024-43709 - Elasticsearch OutOfMemory Vulnerability via Unconstrained Resource Allocation with SQL Functions
CVE-2025-23184: Analyzing the Apache CXF Denial of Service Vulnerability and Its Exploits
CVE-2025-23086 – Origin Misattribution Vulnerability in Brave Browser
CVE-2024-45091 - Sensitive Information Disclosure in IBM UrbanCode Deploy Log Files
CVE-2025-24014 - Segmentation Fault in Vim Before 9.1.1043 Caused by Scrolling Function in Silent Ex Mode
CVE-2025-22620 - Security Vulnerability in gitoxide's Permissions Handling Prior to .17.
CVE-2025-24010: Vite JavaScript Framework's CORS and WebSocket Vulnerability Allows Arbitrary Requests and Information Disclosure
CVE-2024-45647 - Exploiting Unverified Password Reset on Expired User Accounts in IBM Security Verify Access 10.. - 10..8
CVE-2025-21655: Linux Kernel io_uring/eventfd Vulnerability Resolved - Critical Update Required
CVE-2024-13176 - Timing Side-Channel Vulnerability in ECDSA Signature Computation
CVE-2023-52923 - Linux Kernel Netfilter Vulnerability Resolved: Improved Set Backend with GC Transaction API
CVE-2025-0590: Improper Permission Settings in Transsion Carlcare Mobile App Lead to Information Leakage Risk
CVE-2025-0585: Uncovering a SQL Injection Vulnerability in a+HRD from aEnrich Technology
CVE-2025-0576 - Mobotix M15 4.3.4.83 Cross Site Scripting Vulnerability Puts User Data At Risk
CVE-2024-41783: A Deep Dive into Command Injection Vulnerability in IBM Sterling Secure Proxy Versions 6... - 6.2..
CVE-2024-38337 - Exploiting IBM Sterling Secure Proxy's Incorrect Permission Assignments
CVE-2024-57929 - Resolved Linux Kernel Vulnerability: dm array - Fix Releasing a Faulty Array Block Twice in dm_array_cursor_end
CVE-2024-57922 - Fix for Divide-by-Zero Error in drm/amd/display on Linux Kernel
CVE-2024-57915 - A Detailed Look at the Withdrawn Security Vulnerability
CVE-2024-57913 - Linux Kernel Vulnerability Resolved in functionfs_bind to Prevent Kernel Panic due to Race Condition
CVE-2024-57917: Linux kernel vulnerability resolved - topology: Keep the cpumask unchanged when printing cpumap
CVE-2024-57904: iio: adc: at91: call input_free_device() in Linux Kernel
CVE-2025-21653: Linux Kernel net_sched cls_flow Vulnerability Resolved
CVE-2025-21648 - Resolving Linux Kernel Vulnerability: Netfilter Conntrack Maximum Hashtable Size Clamped to INT_MAX
CVE-2025-21647: Linux kernel vulnerability in sch_cake scheduler resolved
CVE-2025-21646 - Linux Kernel AFS Vulnerability: Fixing the Maximum Cell Name Length
CVE-2025-21651: Linux Kernel Vulnerability Resolved in net: hns3 - Preventing Auto-Enable Misc Vector
CVE-2025-21645: Linux Kernel Vulnerability Resolved in Platform/x86/amd/pmc
CVE-2025-21638: Linux Kernel Vulnerability Resolved in sctp:sysctl:auth_enable with Proper Handling of current->nsproxy
CVE-2025-21636: Resolving Linux Kernel Vulnerability - sctp: sysctl: plpmtud_probe_interval
CVE-2025-21640 - Linux Kernel SCTP Sysctl Cookie HMAC Algorithm Vulnerability Fix
CVE-2025-21639: Linux kernel vulnerability resolved in sctp sysctl rto_min/max
CVE-2025-21637: Linux Kernel SCTP Sysctl Vulnerability Resolved - Avoiding Usage of current->nsproxy
CVE-2025-21632 - Linux Kernel Vulnerability Resolved: Ensuring Active Shadow Stack before "Getting" Registers
CVE-2025-21631 - Linux Kernel Block, BFQ: Resolving waker_bfqq UAF after bfq_split_bfqq() Vulnerability
CVE-2025-23209: Remote Code Execution (RCE) Vulnerability in Craft CMS 4 and 5–What You Need to Know, and How to Protect Your Site
CVE-2018-9464 - Local Escalation of Privilege Exploit in Android Due to Missing Permission Check
CVE-2020-0436: What happened and why it was rejected by the CVE Numbering Authority?
CVE-2018-9461: Exploring the Race Condition Vulnerability in ShareIntentActivity.java
CVE-2018-9389 - A Deep Dive into the Heap Buffer Overflow Vulnerability in ip6_append_data of ip6_output.c
CVE-2018-9405 - BnDmAgent::onTransact in dm_agent.cpp: Possible Out of Bounds Write and Local Privilege Escalation
CVE-2018-9401: Kernel Memory Access in User Space - Local Escalation of Privilege Explained
CVE-2018-9387: Analyzing the Heap Overflow Vulnerability in mnh-sm.c Functions and Its Exploitation
CVE-2025-23208 - Zot Image Registry Group Revocation/Removal Ignored, leading to potential Unauthorized Access
CVE-2022-0303 - A Closer Look at the Alleged Vulnerability and Why It's Not a Concern
CVE-2021-21158: A Deep Dive into the Security Issue Initially Deemed Out of Scope for This CNA
CVE-2018-9383: Exploring the Out-of-Bounds Read Vulnerability in asn1_ber_decoder
CVE-2018-9384: Insights into Bypassing KASLR in Multiple Locations and Local Information Disclosure Exploitation
CVE-2022-20128 - Rejected Reason and Overview of the Withdrawn Vulnerability
CVE-2021-0447 Rejected: Understanding the Withdrawal and its Potential Impact on Security
CVE-2018-9434: Bypassing ASLR in Parcel.cpp and Gaining Privilege Escalation Unassisted
CVE-2018-9447: Exploiting Missing Null Check in EmergencyCallbackModeExitDialog.java
CVE-2018-9379 - Local Information Disclosure in MiniThumbFile.java Due to Confused Deputy
CVE-2018-9382: Analyzing the Wi-Fi Hotspot Vulnerability in WifiServiceImpl.java
CVE-2018-9375: Exploiting UserDictionaryProvider Vulnerability to Gain Local Privilege Escalation in Android Devices
CVE-2017-13322: Android PhoneInterfaceManager Logic Error Leads to Local Denial of Service, Potentially Impacting Access to Emergency Services
CVE-2025-21185: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability - Unraveling the intricacies!
CVE-2025-21325: Windows Secure Kernel Mode Elevation of Privilege Vulnerability - Comprehensive Analysis and Exploitation Guide
CVE-2019-3309: Understanding the Rejected Vulnerability and What to Learn From It
CVE-2025-0518 - Unchecked Return Value, Out-of-bounds Read Vulnerability in FFmpeg Allows Reading Sensitive Constants Within an Executable
CVE-2022-21384 Revisited: Analyzing the Duplicate of CVE-2021-39275 and Its Implications
CVE-2021-35685 - Duplicate of CVE-2022-21371: Exploring the Vulnerabilities and Exploits
CVE-2021-35684: Understanding the Duplicate Vulnerability - Revisiting CVE-2022-21306 and Its Exploitation
CVE-2024-57726 - Escalation of Privileges Vulnerability in SimpleHelp Remote Support Software v5.5.7 and Earlier
CVE-2024-57727 - Remote Path Traversal Vulnerabilities in SimpleHelp Remote Support Software v5.5.7 and Earlier Versions
CVE-2025-22146: Critical Vulnerability in Sentry SAML SSO Implementation and Steps to Mitigate the Risk
CVE-2024-54540: Apple Music Input Sanitization Vulnerability Fixed in Version 1.5..152 for Windows
CVE-2024-44136: Disabling Stolen Device Protection with Physical Access Exploit
CVE-2024-27856 – Preventing Unexpected App Termination and Arbitrary Code Execution: Improved Checks Implemented in macOS Sonoma, iOS, and iPadOS to Patch Security Flaw
CVE-2024-52005 - Git's Vulnerability to ANSI Escape Sequence Attacks in Sideband Channel
CVE-2025-22968 - D-Link DWR-M972V 1.05SSG Unrestricted Root Access Vulnerability: A Walkthrough
CVE-2024-12084: Uncovering a Heap-Based Buffer Overflow Vulnerability in rsync Daemon with Exploit Details and Solutions
CVE-2025-21629: Resolving Linux Kernel Vulnerability in net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets
CVE-2024-57897: Linux Kernel Vulnerability in drm/amdkfd Resolved: Correcting Migration DMA Map Direction
CVE-2024-57898: Linux Kernel Vulnerability Resolved - Wifi: cfg80211: Clear Link ID from Bitmap During Link Delete After Clean Up
CVE-2024-57901 - Linux Kernel af_packet Vulnerability Fixed: "vlan_get_protocol_dgram() vs MSG_PEEK"
CVE-2024-57888: Linux Kernel Vulnerability Resolved - Workqueue Warning Cancellation in Amdgpu
CVE-2024-57893: Patching the Linux Kernel Vulnerability in Handling SysEx Messages
CVE-2024-57894 - A Detailed Analysis of the Rejected Exploit with Code Snippets, Original References, and Exploit Breakdown
CVE-2024-57889 - Linux Kernel Vulnerability Resolved: "pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking"
CVE-2024-57883 - Linux Kernel Vulnerability: Independent PMD Page Table Shared Count in mm: hugetlb
CVE-2025-0446 - Inappropriate Implementation in Extensions in Google Chrome Allows UI Spoofing
CVE-2025-0448 - Inappropriate Implementation in Compositing in Google Chrome: Risks, Mitigation, and Recommendations
CVE-2025-0447 - A Closer Look at Google Chrome's Inappropriate Implementation in Navigation, How Attackers Could Exploit it, and How to Mitigate Risk
CVE-2025-0440: Inappropriate Implementation in Fullscreen Mode in Google Chrome on Windows Allows Remote UI Spoofing Attacks
CVE-2025-0441: Exploring The Inappropriate Implementation in Fenced Frames in Google Chrome (Prior to 132..6834.83)
CVE-2025-0443: Insufficient Data Validation in Extensions in Google Chrome: Exploit Details, Demonstrative Code Snippet, and Original References
CVE-2025-0439 - Uncovering the "Race in Frames" Vulnerability in Google Chrome
CVE-2025-0442: Remote UI Spoofing Attack in Google Chrome Prior to 132..6834.83
CVE-2025-0437: Out-of-bounds Read in Metrics in Google Chrome - Exploiting Heap Corruption and Remote Attack Possibilities
CVE-2025-0438 - Stack Buffer Overflow Vulnerability in Google Chrome Tracing Allows Remote Attackers to Potentially Exploit Stack Corruption
CVE-2025-0436: Unraveling the Integer Overflow Vulnerability in Skia within Google Chrome
CVE-2025-0434: Out of Bounds Memory Access in V8 Leads to Heap Corruption in Google Chrome
CVE-2025-0435: Inappropriate Implementation in Navigation in Google Chrome on Android Leading to UI Spoofing
CVE-2025-23061 - Mongoose.js Search Injection Vulnerability due to Incomplete Fix for CVE-2024-53900
CVE-2025-23013 - Local Privilege Escalation in Yubico pam-u2f Before 1.3.1
CVE-2025-23018 - A Deep Dive into IPv4-in-IPv6 and IPv6-in-IPv6 Tunneling Vulnerability and Its Exploit Details
CVE-2024-53263: Git LFS Credential Retrieval Vulnerability
CVE-2024-52006: Git Line-Based Protocol Security Flaw Due to Single Carriage Return Interpretation
CVE-2024-50349 - Git Credential Leakage via ANSI Escape Sequences in Hostname Printout
CVE-2024-56374: Uncovering the DoS Vulnerability in Django Versions 5.1, 5., and 4.2
CVE-2024-50338: Git Credential Manager Exposes Credentials Due to Mismatched Newline Handling
CVE-2025-21413: Unveiling Windows Telephony Service Remote Code Execution Vulnerability – Exploit Details, Code Snippets, and Original References
CVE-2025-21417: Uncovering a Dangerous Windows Telephony Service Remote Code Execution Vulnerability and How to Combat It
CVE-2025-21405: Visual Studio Elevation of Privilege Vulnerability - How it Works and How to Mitigate its Risks
CVE-2025-21403: An In-depth Look at the On-Premises Data Gateway Information Disclosure Vulnerability, Exploits, and Mitigation Techniques
CVE-2025-21409: A Deep Dive into Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21382: Windows Graphics Component Elevation of Privilege Vulnerability Exploits and Mitigations
CVE-2025-21365 - Microsoft Office Remote Code Execution Vulnerability Uncovered: Critical Implications and Exploit Details
CVE-2025-21357: Microsoft Outlook Remote Code Execution Vulnerability - Breaking Down the Exploit and Protecting Yourself
CVE-2025-21360 - Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability: A Deep Dive into the Exploit and Proposed Solutions
CVE-2025-21356: Microsoft Office Visio Remote Code Execution Vulnerability - A deep dive into the exploit, references and mitigation strategies
CVE-2025-21362: Microsoft Excel Remote Code Execution Vulnerability - How It Works, How To Exploit and Its Impact
CVE-2025-21343: An In-Depth Look at Windows Web Threat Defense User Service Information Disclosure Vulnerability
CVE-2025-21354: Microsoft Excel Remote Code Execution Vulnerability – Understanding the Issue, Exploiting the Flaw, and Mitigating Risks
CVE-2025-21348: Unveiling Microsoft SharePoint Server Remote Code Execution Vulnerability - A Comprehensive Analysis
CVE-2025-21345: Exploring the Microsoft Office Visio Remote Code Execution Vulnerability and Mitigation Strategies
CVE-2025-21344 Explained: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2025-21341: Uncovering Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21340 - Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability: An In-Depth Analysis and Exploit Guide
CVE-2025-21338 - Exploiting the GDI+ Remote Code Execution Vulnerability: Insights, Code Snippets, and Mitigation Strategies
CVE-2025-21335: Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Exploited
CVE-2025-21333: Understanding the Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability and Exploit Details
CVE-2025-21334: Exploring Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21327: Exploring the Windows Digital Media Elevation of Privilege Vulnerability in-depth
CVE-2025-21329: MapUrlToZone Security Feature Bypass Vulnerability Exploitation and Mitigation Techniques
CVE-2025-21324: Windows Digital Media Elevation of Privilege Vulnerability - Exploiting the flaw to gain unauthorized access
CVE-2025-21318: Exploring the Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21311 - A Deep Dive into the Exploitation of Windows NTLM V1 Elevation of Privilege Vulnerability
CVE-2025-21310 - Windows Digital Media Elevation of Privilege Vulnerability: Exploit Details, Code Snippets, and Original References
CVE-2025-21312 - A Deep Dive into Windows Smart Card Reader Information Disclosure Vulnerability
CVE-2025-21307 - A Deep Dive into Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
CVE-2025-21303: Windows Telephony Service Remote Code Execution Vulnerability - A Comprehensive Guide to Understanding and Mitigating the Risk
CVE-2025-21298 - Uncovering a Critical Windows OLE Remote Code Execution Vulnerability: Attack Surface, Exploit Details, and Mitigation Techniques
CVE-2025-21302: Unmasking the Windows Telephony Service Remote Code Execution Vulnerability and Crafting an Exploit
CVE-2025-21293 - Active Directory Domain Services Elevation of Privilege Vulnerability Explored: Code, Exploit Details, and References
CVE-2025-21295 - SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability: Analysis, Exploit Details, and Mitigation Steps
CVE-2025-21286: Deep Dive into the Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21276 - Windows MapUrlToZone Denial of Service Vulnerability
CVE-2025-21273 Unveils a Windows Telephony Service Remote Code Execution Vulnerability - Here's What You Need to Know
CVE-2025-21275 - Windows App Package Installer Elevation of Privilege Vulnerability: Exploiting Flaws to Gain Unauthorized Admin Access
CVE-2025-21274: Understanding the Windows Event Tracing Denial of Service Vulnerability, Exploit Details, and Mitigation
CVE-2025-21263: Windows Digital Media Elevation of Privilege Vulnerability – An In-depth Analysis of the Exploit with Code Snippets and Original References
CVE-2025-21260 - Exploring the Windows Digital Media Elevation of Privilege Vulnerability and How to Mitigate It
CVE-2025-21255: Windows Digital Media Elevation of Privilege Vulnerability - Exploit Breakdown and In-depth Analysis
CVE-2025-21251: How to Exploit a Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21245: Windows Telephony Service Remote Code Execution Vulnerability - A Comprehensive Analysis
CVE-2025-21241 Exploited: Windows Telephony Service Remote Code Execution Vulnerability Under the Hood
CVE-2025-21242: Understanding Windows Kerberos Information Disclosure Vulnerability, Its Exploits, and The Role of Patching in Preventing Security Breaches
CVE-2025-21230 - Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability: A Deep Dive into Exploiting the Weakness
CVE-2025-21226 - A Deep Dive into Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21211 - Secure Boot Security Feature Bypass Vulnerability Uncovered! Protect Your System Now!
CVE-2025-21213 - Secure Boot Security Feature Bypass Vulnerability: Understanding & Mitigating the Risk
CVE-2025-21186: In-Depth Analysis of Microsoft Access Remote Code Execution Vulnerability
CVE-2025-21187: Microsoft Power Automate Remote Code Execution Vulnerability – A Comprehensive Analysis
CVE-2025-21189 - Exploring the MapUrlToZone Security Feature Bypass Vulnerability and Potential Exploits
CVE-2025-21172: Microsoft .NET and Visual Studio Remote Code Execution Vulnerability Explained
CVE-2025-21176 - A Deep Dive into .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21171: An In-depth Analysis of the .NET Remote Code Execution Vulnerability
CVE-2025-21178 - Visual Studio Remote Code Execution Vulnerability: What You Need to Know and How to Protect Yourself
CVE-2025-21173: Exploiting a .NET Elevation of Privilege Vulnerability
CVE-2024-12085: Uncovering a File Checksum Vulnerability in Rsync - Full Analysis, Exploits, and Patches
CVE-2024-12747: A Critical Flaw Uncovered in Rsync - An Analysis of the Vulnerable Code and Exploit Details
CVE-2024-12088: Rsync '--safe-links' option fails to properly verify symbolic links, leading to path traversal vulnerability
CVE-2024-10811: Unauthenticated Absolute Path Traversal Exposure in Ivanti EPM Versions Prior to 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update
CVE-2024-55591: Authentication Bypass Vulnerability in FortiOS and FortiProxy Leads to Super-Admin Privileges
CVE-2024-7344 - Exploiting the Howyar UEFI Application "Reloader" to Execute Unsigned Software in a Hardcoded Path
CVE-2024-48884: Path Traversal Vulnerability in Fortinet FortiManager, FortiOS, and FortiProxy Leads to Privilege Escalation
CVE-2024-46668: FortiOS Resource Allocation Vulnerability May Allow Remote Memory Consumption Attack
CVE-2024-11736 - Keycloak Vulnerability Allows Admin Users Access to Sensitive Server Environment Variables and System Properties
CVE-2024-11734 – Denial of Service Vulnerability in Keycloak: Exploiting Security Headers to Disrupt Service
CVE-2024-12365: W3 Total Cache Plugin Unauthorized Access Vulnerability in WordPress
CVE-2025-23082 - Veeam Backup for Microsoft Azure SSRF Vulnerability: Understanding the Risks and Mitigation Techniques
CVE-2025-0070 - SAP NetWeaver Application Server for ABAP and ABAP Platform Authentication Bypass Vulnerability: Exploit Details and Prevention
CVE-2025-0066: Exploring a Critical Weak Access Control Vulnerability in the SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework)
CVE-2025-0053 - Exploiting SAP NetWeaver Application Server for ABAP and ABAP Platform Unauthorized System Information Disclosure
CVE-2025-22134: Heap-Buffer Overflow in Vim When Switching Buffers Using :all Command with Visual Mode Active
CVE-2024-46310: Unauthorized Access and Data Manipulation in Cfx.re FXServer v9601 and Earlier - Understanding the Risks and Exploiting the Vulnerability
CVE-2024-57881 - Addressing a Linux Kernel Vulnerability in split_large_buddy()
CVE-2024-57849 - Linux Kernel s390/cpum_sf: Handle CPU Hotplug Remove During Sampling Vulnerability
CVE-2024-57850: Preventing Memory Corruption in Linux Kernel with jffs2 rtime Decompression
CVE-2024-57876 - Fixing Memory Corruption Vulnerability in Linux kernel's drm/dp_mst
CVE-2024-57838: Linux Kernel Vulnerability Update: s390/entry - Improved Stack Depot Filtering and De-duplication
CVE-2024-57800: Resolved Linux kernel vulnerability - ALSA memalloc issue with DMA API Debug
Understanding CVE-2024-57804: Fixing Corrupt Config Pages in Linux Kernel's SCSI MPI3MR
CVE-2024-56788 - net: ethernet: oa_tc6: Fixing tx skb Race Condition between Reference Pointers in Linux Kernel
CVE-2024-57791 - Resolving Linux Kernel Vulnerability in net/smc by Checking Return Value of sock_recvmsg
CVE-2024-55881 - Linux Kernel KVM x86 Vulnerability in Complete_Hypercall_Exit() Resolved
CVE-2024-53690: Linux Kernel Vulnerability in nilfs2 Resolved - Prevent Use of Deleted Inode
CVE-2024-53685: Ceph Vulnerability in Linux Kernel Resolved - Path Length Restriction Lifted Preventing DoS Attack
CVE-2024-49571: Addressing Linux Kernel Vulnerability in net/smc - Ensuring Security and Stability Through Improved Validation
CVE-2024-41935: Linux Kernel f2fs Vulnerability - Fix to Shrink Read Extent Node in Batches
CVE-2025-0392 - Critical SQL Injection Vulnerability Found in Guangzhou Huayi Intelligent Technology Jeewms Up to 20241229
CVE-2024-57823: Integer Underflow in Raptor RDF Syntax Library (up to 2..16) with URI normalization
CVE-2025-23016: FastCGI Integer Overflow and Heap-Based Buffer Overflow Vulnerability in Fcgi2 2.x through 2.4.4
CVE-2025-21385: Server-Side Request Forgery (SSRF) Vulnerability Discovered in Microsoft Purview - Exploit Details and Mitigation Steps
CVE-2024-55225 - Vaultwarden User Impersonation Vulnerability: How Attackers Can Exploit the src/api/identity.rs Component
CVE-2024-54887: TP-Link TL-WR940N V3 and V4 WAN6to4TunnelCfg Remote Code Execution Vulnerability
CVE-2025-21598 - Out-of-bounds Read Vulnerability in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon
CVE-2025-21628: SQL Injection Vulnerability in Chatwoot Prior to v3.16. and its Mitigation
CVE-2025-21602: Juniper Networks Junos OS and Junos OS Evolved Denial of Service (DoS) Vulnerability Due to Improper Handling of Exceptional Conditions
CVE-2025-0349: Critical Vulnerability Discovered in Tenda AC6 15.03.05.16 Router – A Complete Analysis
CVE-2025-22445: Mattermost Fails to Accurately Reflect Missing Settings for Calls Configuration, Leaving Admins Vulnerable to Misconfigurations
CVE-2024-53704 - Improper Authentication Vulnerability in SSLVPN Authentication Mechanism Allows Remote Authentication Bypass
CVE-2024-13041: Critical External Groups Configuration Issue in GitLab CE/EE Allows Unauthorized Access to Internal Projects and Groups
CVE-2024-6324 - GitLab CE/EE DoS via Cyclic References Between Epics
CVE-2025-0306 - Ruby Interpreter Vulnerable to Marvin Attack: Decrypt and Forge Signatures Exploit
CVE-2024-27980 - How Improper Handling of Batch Files Leads to Code Execution Vulnerability in Child_Process
CVE-2023-28120 - Untrusted User Input Exploit Found in ActiveSupport 'bytesplice' Method of 'SafeBuffer' Class
CVE-2023-38037 - Information Disclosure Vulnerability in ActiveSupport::EncryptedFile
CVE-2023-27539 - Rack Header Parsing Vulnerability Leads to Denial of Service Attacks
CVE-2023-23913: Rails-UJS Vulnerability Exploiting Clipboard API and contenteditable Attribute
CVE-2023-27531 - Critical Deserialization of Untrusted Data Vulnerability in Kredis JSON Deserialization Code
CVE-2025-0282 - Remote Code Execution Vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA Gateways
CVE-2025-0283: Stack-Based Buffer Overflow in Ivanti Products Allows Privilege Escalation for Local Authenticated Attackers
CVE-2025-22145 - Carbon PHP Extension DateTime Arbitrary File Include Vulnerability
CVE-2024-12431: Unauthorized Issue Status Manipulation in GitLab CE/EE
CVE-2025-0194: Security Vulnerability in GitLab CE/EE Allows Exposure of Access Tokens
CVE-2025-0291: Type Confusion in V8 leads to Arbitrary Code Execution within Sandbox in Google Chrome Prior to 131..6778.264
CVE-2024-56787: Resolved Linux Kernel Vulnerability in i.MX8M Plus Hardware - soc: imx8m: Probe the SoC driver as platform driver
CVE-2024-56781: Resolving Linux Kernel Vulnerability in PowerPC Prom_Init – Fixing Missing PowerMac #size-cells
CVE-2024-56783: Linux Kernel Vulnerability Resolved in netfilter: nft_socket
CVE-2024-56782 - Linux Kernel Vulnerability Resolved: Improved ACPI Safety Checks
CVE-2024-56786: Resolving Linux Kernel Vulnerability with bpf_link Deallocation
CVE-2024-56785 - Linux Kernel Vulnerability Fixed in MIPS: Loongson64: DTS
CVE-2024-56780: Linux Kernel Quota Vulnerability and Resolution
CVE-2024-56776 - Linux Kernel Vulnerability: Avoiding Potential Dereference of Error Pointers in drm/sti
CVE-2024-56777 - Linux Kernel Vulnerability: Avoid Potential Dereference of Error Pointers in sti_gdp_atomic_check
CVE-2024-56778: Avoid Potential Dereference of Error Pointers in sti_hqvdp_atomic_check
CVE-2024-56773: Linux Kernel KUnit Vulnerability Resolved, Preventing NULL Dereference in kunit_device_driver_test()
CVE-2024-56774: Linux Kernel Btrfs Root Sanity Check Resolves Null-Pointer Dereference Vulnerability
CVE-2023-35685 - Exploiting a Physical Page UAF in DevmemIntMapPages for Local Escalation of Privilege
CVE-2025-20168 - Cross-Site Scripting Vulnerability in Cisco Common Services Platform Collector (CSPC) Web-Based Management Interface
CVE-2024-55459: Unpacking Exploit in Keras 3.7. that Allows Arbitrary Files to Be Written to User's System Through a Crafted Tar File via get_file Function
CVE-2024-45033 - Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider: Before 1.5.2
CVE-2024-11635: Unauthenticated Remote Code Execution in WordPress File Upload plugin (<= 4.24.12)
CVE-2024-50603 - Unauthenticated Remote Code Execution Vulnerability in Aviatrix Controller Versions Prior to 7.1.4191 and 7.2.x Before 7.2.4996
CVE-2024-54006 - Multiple Command Injection Vulnerabilities in the 501 Wireless Client Bridge Web Interface
CVE-2025-22541 - Missing Authorization Vulnerability in Etruel Developments LLC WP Delete Post Copies Plugin, Exploiting Incorrectly Configured Access Control Security Levels
CVE-2025-22294: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gravity Master Custom Field For WP Job Manager allows Reflected XSS
CVE-2025-0247 - Critical Memory Safety Bugs in Firefox 133 and Thunderbird 133: Exploiting Vulnerabilities to Run Arbitrary Code
CVE-2025-0244: Address Bar Spoofing Vulnerability in Firefox for Android
CVE-2025-0245 - Firefox Focus Authentication Bypass Vulnerability Affecting Versions Before 134
CVE-2025-0246: Address Bar Spoofing Vulnerability in Firefox on Android Devices
CVE-2025-0242 - Critical Memory Safety Bugs Discovered in Firefox, Thunderbird, and Firefox ESR, Update Immediately!
CVE-2025-0237: WebChannel API Privilege Escalation Vulnerability in Firefox and Thunderbird
CVE-2025-0240 - A Deep Dive into the Cross-Compartment Access Vulnerability in Firefox and Thunderbird
CVE-2025-0239 - Alt-Svc and ALPN Certificate Validation Issue in Firefox and Thunderbird
CVE-2025-0238: Understanding the Controlled Failed Memory Allocation Exploit in Firefox and Thunderbird
CVE-2025-0241: Memory Corruption Vulnerability in Text Segmentation - Firefox, Firefox ESR, Thunderbird, and Thunderbird ESR
CVE-2025-0243: Memory Safety Bugs in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 May Enable Arbitrary Code Execution
CVE-2024-46981: Redis Memory Database Vulnerability - Authenticated User Remote Code Execution Through Malicious Lua Script
CVE-2024-51741 - Redis Server Panic and Denial of Service Exploit due to Malformed ACL Selector
CVE-2024-55627: A Deep Dive into Suricata's Buffer Overflow Vulnerability - Exploit Details, Code Snippets, and Patch Information
CVE-2025-21614: Denial of Service Vulnerability Found in Go-Git Library
CVE-2025-21613 - Argument Injection Vulnerability in Go-Git Library: Exploitation and Mitigation Details
CVE-2024-56769 - Patch Resolves Uninitialized Value Issue in Linux kernel's dib300_write_reg Function
CVE-2024-56767 - Security Patch for Linux Kernel DMAEngine at_xdmac Vulnerability
CVE-2024-56768: Linux Kernel Exploit in bpf_get_smp_processor_id() Fixed for Non-SMP Configurations
CVE-2024-56763 - Complete Breakdown of "tracing: Prevent bad count for tracing_cpumask_write" Vulnerability in Linux Kernel
CVE-2024-56761: Resolving x86/fred Vulnerability in Linux Kernel - Clear WFE in missing-ENDBRANCH #CPs
CVE-2024-56760 - Resolved Vulnerability in Linux Kernel: PCI/MSI Handling Lack of IRQ Domain Gracefully
CVE-2024-56758: Linux Kernel Vulnerability Resolved - btrfs: check folio mapping after unlock in relocate_one_folio()
CVE-2024-56757: Resolving Bluetooth btusb MediaTek Interface Release Flaw in Linux Kernel - A Comprehensive Analysis
CVE-2024-56759: Linux Kernel BTRFS Use-After-Free Vulnerability Resolved, Mitigates Potential Exploits
CVE-2023-6601: Bypassing Unsafe File Extension Checks in FFmpeg's HLS Demuxer Through Base64-Encoded Data URIs
CVE-2023-6604: FFmpeg Vulnerability - Demuxing Arbitrary Data as XBIN Format and Degraded Performance
CVE-2024-8474: OpenVPN Connect Vulnerability Exposes Private Key, Compromising Secure VPN Connections and User Privacy
CVE-2024-5594: OpenVPN Vulnerability That Allows Attackers to Inject Arbitrary Data into Third-Party Executables
CVE-2024-21464: Memory Corruption while Processing IPA Statistics with No Active Clients Registered
CVE-2024-20154 - Out of Bounds Write Exploit in Modem Firmware Leading to Remote Code Execution
CVE-2024-20150: Vulnerabilities Found in Modem Resulting in System Crash and Remote Denial of Service (DoS)
CVE-2024-20148 - Wlan STA FW Out of Bounds Write Vulnerability: Exploit Details, Code Snippets and Original References
CVE-2025-0212: Critical Vulnerability Discovered in Campcodes Student Grading System 1.
CVE-2024-10957 - UpdraftPlus: WP Backup & Migration Plugin in WordPress is Vulnerable to PHP Object Injection
CVE-2024-12583 - Remote Code Execution and Arbitrary File Read Vulnerability in Dynamics 365 Integration Plugin for WordPress
CVE-2025-0202: Critical Vulnerability Found in TCS BaNCS 10 - Exploit Details, Code Snippets, and Original References
CVE-2025-22376: Weak Default Nonce Generation in Net::OAuth::Client in Net::OAuth Package for Perl (before .29)
CVE-2024-56332 - Denial of Service (DoS) Vulnerability in Next.js Server Actions
CVE-2025-22275: iTerm2 Remote Information Disclosure Vulnerability via /tmp/framer.txt File
CVE-2024-53842 - Out of Bounds Write Vulnerability in cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, Leading to Remote Code Execution
CVE-2024-43769 - A deep dive into the PackageManagerService code, uncovering a logic error in isPackageDeviceAdmin function preventing CloudDpc uninstallation with possible local privilege escalation
CVE-2024-43762 - Logic Error Leads to Service Unbinding Bypass, Potentially Causing Local Privilege Escalation
CVE-2024-43767: Analyzing a Serious Heap Overflow in SkBlurMaskFilterImpl.cpp - Exploit and Mitigation Explained
CVE-2024-12907: Reflected XSS Attack in Kentico CMS Version 7 via GET Request Parameter
CVE-2023-48739: Missing Authorization vulnerability in Porto Theme leads to Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47807: Missing Authorization Vulnerability in 10Web 10WebAnalytics Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47778 – Exploiting Missing Authorization Vulnerability in LuckyWP Scripts Control: Incorrectly Configured Access Control Security Levels
CVE-2023-45633: Missing Authorization vulnerability in IDX IMPress Listings allows Exploiting Incorrectly Configured Access Control Security Levels – A deep dive into the issue and mitigation techniques
CVE-2023-48758 - Missing Authorization Vulnerability in Crocoblock JetEngine Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47647 - Missing Authorization Vulnerability in LearningTimes BadgeOS Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47689 - Missing Authorization vulnerability in Toast Plugins Animator allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47692 - Missing Authorization Vulnerability in Flothemes Flo Forms Exposes Incorrect Access Control Security Levels
CVE-2023-47661: Missing Authorization Vulnerability in Dragfy Addons for Elementor Leading to Incorrectly Configured Access Control Security Levels Exploits
CVE-2023-47693: Missing Authorization Vulnerability in Themefic Ultimate Addons for Contact Form 7 Exposes Users to Exploitation of Incorrectly Configured Access Control Security Levels
CVE-2023-47557 - Missing Authorization Vulnerability in wp-buy Visitors Traffic Real Time Statistics Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47225: Missing Authorization Exploit in KaizenCoders Short URL - How to exploit incorrectly configured access control security levels in versions n/a through 1.6.8
CVE-2023-47241 - Missing Authorization Vulnerability in CoCart Headless, LLC CoCart - Headless Ecommerce Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47523 - Missing Authorization Vulnerability in Ecreate Infotech Auto Tag Creator Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47187 - Missing Authorization Vulnerability in Labib Ahmed's Animated Rotating Words That Exploits Incorrectly Configured Access Control Security Levels
CVE-2023-47515: Missing Authorization Vulnerability in Seers Exposes Incorrectly Configured Access Control Security Levels
CVE-2023-47188 - Missing Authorization Vulnerability in PressTigers Simple Job Board: Exploit Details and Remediation Steps
CVE-2023-46639: Missing Authorization Vulnerability in FeedbackWP's kk Star Ratings Plugin Leads to Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47179 - Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-47183: Missing Authorization vulnerability in GiveWP allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46637: Missing Authorization Vulnerability in Saurav Sharma's Generate Dummy Posts - Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46644: WordPress CTA PRO Plugin Mitigating Missing Authorization Vulnerability to Prevent Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46632: Missing Authorization Vulnerability in David Cramer's My Shortcodes Plugin Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46628: Missing Authorization Vulnerability in RedLettuce Plugins WP Word Count Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46633: Missing Authorization Vulnerability in TCBarrett Glossary Allowing Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46616: Missing Authorization Vulnerability in NSquared Draw Attention Leads to Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46612 - Missing Authorization Vulnerability in Codedrafty Mediabay Exposes Incorrectly Configured Access Control Security Levels
CVE-2023-46631: Missing Authorization Vulnerability in RevenueHunt Product Recommendation Quiz for eCommerce - Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46635: Missing Authorization Vulnerability in YITH WooCommerce Product Add-Ons Exposes Sensitive Data
CVE-2023-46606: Uncovering the Missing Authorization Vulnerability in AtomChat
CVE-2023-46607: Missing Authorization Vulnerability in WP iCal Availability Plugin Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46609: Missing Authorization Vulnerability in FeedFocal Leads to Exploitation of Incorrectly Configured Access Control Security Levels
CVE-2023-46608 - Missing Authorization Vulnerability in WPDo DoLogin Security Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46610: Missing Authorization Vulnerability in QuillForms.com Allows Exploitation of Incorrectly Configured Access Control Security Levels
CVE-2023-46605: Missing Authorization Vulnerability in Ruslan Suhar Convertful – Your Ultimate On-Site Conversion Tool May Lead to Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46206 - Missing Authorization Vulnerability in MW WP Form: Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46195 - Missing Authorization Vulnerability in CoSchedule Headline Analyzer Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46203: Missing Authorization Vulnerability in JustCoded / Alex Prokopenko Just Custom Fields Plugin Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46188: Missing Authorization Vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin Manager and Cleanup Allows for Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-46196: Missing Authorization Vulnerability in Repuso Social Proof Testimonials and Reviews Allows Exploitation of Incorrectly Configured Access Control Security Levels
CVE-2023-46082 - Missing Authorization Vulnerability in Cyberlord92 Broken Link Checker | Finder Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-45766: Missing Authorization Vulnerability in Poll Maker Team's Poll Maker Exposes Incorrectly Configured Access Control Security Levels
CVE-2023-45828 - Missing Authorization Vulnerabilities in RumbleTalk Live Group Chat Allow Exploitation of Incorrectly Configured Access Control Security Levels
CVE-2023-46083 - Missing Authorization Vulnerability in Kali Forms Contact Form Builder with Drag & Drop: Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-45765: Missing Authorization Vulnerability in weDevs WP ERP - Exploiting Incorrectly Configured Access Control Security Levels and Safeguarding Your Business
CVE-2023-45631: Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-45636: Missing Authorization Vulnerability in WebToffee WordPress Backup & Migration Plugin Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-45271: Uncovering the Missing Authorization Vulnerability in WowStore Team's ProductX – Gutenberg WooCommerce Blocks
CVE-2023-45275 - Missing Authorization Vulnerability in Kali Forms Contact Form Builder with Drag & Drop. Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-45101 - Missing Authorization Vulnerability in Customer Reviews for WooCommerce
CVE-2023-45002: Missing Authorization Vulnerability in WeDevs WP User Frontend Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-45110 - Missing Authorization Vulnerability in BoldThemes Bold Timeline Lite**: Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-45045: Missing Authorization Vulnerability in Kishor Khambu WP Custom Widget Area Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2025-22214: Landray EIS 2001-2006 Message/fi_message_receiver.aspx SQL Injection Vulnerability
CVE-2025-0168: Critical vulnerability in Code-Projects Job Recruitment 1. allows SQL injection through the /_parse/_feedback_system.php file
CVE-2024-56046 - Unrestricted Upload of File with Dangerous Type Vulnerability in VibeThemes WPLMS Allows Web Shell Upload to Web Server
CVE-2023-50850 - Missing Authorization Vulnerability in WooCommerce Subscriptions Allowing Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-48775: Analysis, Discussion, and Exploitation of Missing Authorization Vulnerability in Gfazioli WP Cleanfix Plugin
CVE-2024-12108: Critical Vulnerability in WhatsUp Gold Allows Attackers to Gain Access to Servers by Abusing Public API
CVE-2024-11972: Unauthorized Installation and Activation of Arbitrary Hunk Companion WordPress Plugins Before 1.9.
CVE-2024-56799 - Simofa Automated Static Website Builder's RouteLoader Class Vulnerability in Versions Prior to .2.7
CVE-2024-56734 – Open Redirect Vulnerability in TypeScript's Better Auth Library's Verify Email Endpoint
Sitemap