Total
26038 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-3709 | 2025-05-02 | N/A | 9.8 CRITICAL | ||
| Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack. | |||||
| CVE-2025-3708 | 2025-05-02 | N/A | 9.8 CRITICAL | ||
| Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | |||||
| CVE-2025-3746 | 2025-05-02 | N/A | 9.8 CRITICAL | ||
| The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly. | |||||
| CVE-2024-38475 | 2025-05-02 | N/A | 9.1 CRITICAL | ||
| Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. | |||||
| CVE-2025-37087 | 2025-05-01 | N/A | 9.8 CRITICAL | ||
| A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an attacker to gain access to an arbitrary file on the server host. | |||||
| CVE-2023-5168 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-05-01 | N/A | 9.8 CRITICAL |
| A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | |||||
| CVE-2022-3463 | 1 Fluentforms | 1 Contact Form | 2025-05-01 | N/A | 9.8 CRITICAL |
| The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection | |||||
| CVE-2025-31324 | 2025-05-01 | N/A | 10.0 CRITICAL | ||
| SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system. | |||||
| CVE-2023-5175 | 1 Mozilla | 1 Firefox | 2025-05-01 | N/A | 9.8 CRITICAL |
| During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118. | |||||
| CVE-2022-3481 | 1 Opmc | 1 Woocommerce Dropshipping | 2025-05-01 | N/A | 9.8 CRITICAL |
| The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection | |||||
| CVE-2024-37385 | 1 Roundcube | 1 Webmail | 2025-05-01 | N/A | 9.8 CRITICAL |
| Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via im_convert_path and im_identify_path. NOTE: this issue exists because of an incomplete fix for CVE-2020-12641. | |||||
| CVE-2024-4620 | 1 Reputeinfosystems | 1 Arforms | 2025-05-01 | N/A | 9.8 CRITICAL |
| The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form | |||||
| CVE-2024-38441 | 1 Netatalk | 1 Netatalk | 2025-05-01 | N/A | 9.8 CRITICAL |
| Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions. | |||||
| CVE-2024-37734 | 1 Open-emr | 1 Openemr | 2025-05-01 | N/A | 9.8 CRITICAL |
| An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter. | |||||
| CVE-2025-2857 | 1 Mozilla | 1 Firefox | 2025-05-01 | N/A | 10.0 CRITICAL |
| Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1. | |||||
| CVE-2025-35996 | 2025-05-01 | N/A | 9.0 CRITICAL | ||
| KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker crafts a special filename that can be stored by API endpoints. That filename is later transmitted to the client in order to show a list of configuration files. Due to a missing escape or sanitization, the filename could be executed as HTML script tag resulting in a cross-site-scripting attack. | |||||
| CVE-2025-32011 | 2025-05-01 | N/A | 9.8 CRITICAL | ||
| KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal. | |||||
| CVE-2025-24522 | 2025-05-01 | N/A | 10.0 CRITICAL | ||
| KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable because authentication is not configured by default for the Node-RED server. This can give an unauthenticated remote attacker full access to the Node-RED server where they can run arbitrary commands on the underlying operating system. | |||||
| CVE-2022-37109 | 1 Camp Project | 1 Camp | 2025-05-01 | N/A | 9.8 CRITICAL |
| patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie. | |||||
| CVE-2022-37015 | 1 Symantec | 1 Endpoint Detection And Response | 2025-05-01 | N/A | 9.8 CRITICAL |
| Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||