Total
89482 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8968 | 1 Maxfoundry | 1 Maxbuttons | 2025-05-14 | N/A | 4.7 MEDIUM |
| The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | |||||
| CVE-2024-11607 | 1 Harryhe | 1 Gtpayment Donations | 2025-05-14 | N/A | 6.1 MEDIUM |
| The GTPayment Donations WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack. | |||||
| CVE-2025-31260 | 2025-05-14 | N/A | 5.5 MEDIUM | ||
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31245 | 2025-05-14 | N/A | 5.5 MEDIUM | ||
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination. | |||||
| CVE-2025-31212 | 2025-05-14 | N/A | 5.5 MEDIUM | ||
| This issue was addressed through improved state management. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31210 | 2025-05-14 | N/A | 6.5 MEDIUM | ||
| The issue was addressed with improved UI. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. Processing web content may lead to a denial-of-service. | |||||
| CVE-2022-42069 | 1 Oretnom23 | 1 Online Birth Certificate Management System | 2025-05-14 | N/A | 5.4 MEDIUM |
| Online Birth Certificate Management System version 1.0 suffers from a persistent Cross Site Scripting (XSS) vulnerability. | |||||
| CVE-2022-42067 | 1 Oretnom23 | 1 Online Birth Certificate Management System | 2025-05-14 | N/A | 4.3 MEDIUM |
| Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerability | |||||
| CVE-2022-42066 | 1 Projectworlds | 1 Online Examination System | 2025-05-14 | N/A | 6.1 MEDIUM |
| Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php. | |||||
| CVE-2022-3149 | 1 Wp Custom Cursors Project | 1 Wp Custom Cursors | 2025-05-14 | N/A | 6.1 MEDIUM |
| The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when creating and editing cursors, which could allow attackers to made a logged in admin perform such actions via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping in some of the cursor options, it could also lead to Stored Cross-Site Scripting | |||||
| CVE-2022-3139 | 1 Designextreme | 1 We\'re Open | 2025-05-14 | N/A | 4.8 MEDIUM |
| The We’re Open! WordPress plugin before 1.42 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | |||||
| CVE-2022-3126 | 1 Najeebmedia | 1 Frontend File Manager Plugin | 2025-05-14 | N/A | 4.3 MEDIUM |
| The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf | |||||
| CVE-2022-39128 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39127 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39126 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39125 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39124 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39123 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39122 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39121 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||