Total
422 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51667 | 1 Blazzdev | 1 Rate My Post | 2025-05-29 | N/A | 5.3 MEDIUM |
| Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2. | |||||
| CVE-2022-34716 | 1 Microsoft | 3 .net, .net Core, Powershell | 2025-05-29 | N/A | 5.9 MEDIUM |
| .NET Spoofing Vulnerability | |||||
| CVE-2025-5067 | 1 Google | 1 Chrome | 2025-05-29 | N/A | 5.4 MEDIUM |
| Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2024-25595 | 1 Wpmudev | 1 Defender | 2025-05-28 | N/A | 5.3 MEDIUM |
| Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1. | |||||
| CVE-2023-43304 | 1 Linecorp | 1 Line | 2025-05-28 | N/A | 8.2 HIGH |
| An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||||
| CVE-2022-23949 | 1 Keylime | 1 Keylime | 2025-05-27 | N/A | 7.5 HIGH |
| In Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar. | |||||
| CVE-2021-43310 | 1 Keylime | 1 Keylime | 2025-05-27 | N/A | 9.8 CRITICAL |
| A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. This could lead to a remote code execution. | |||||
| CVE-2023-35622 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-05-22 | N/A | 7.5 HIGH |
| Windows DNS Spoofing Vulnerability | |||||
| CVE-2025-1104 | 1 Dlink | 2 Dhp-w310av, Dhp-w310av Firmware | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authentication bypass by spoofing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-48027 | 2025-05-16 | N/A | 5.4 MEDIUM | ||
| The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary controls DNS resolution for pginaloginserver. | |||||
| CVE-2024-22520 | 1 Dronetag | 1 Drone Scanner | 2025-05-15 | N/A | 8.2 HIGH |
| An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones via transmission of crafted data packets. | |||||
| CVE-2024-13685 | 1 Wpase | 1 Admin And Site Enhancements | 2025-05-14 | N/A | 5.3 MEDIUM |
| The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10. | |||||
| CVE-2024-31008 | 1 Wuzhicms | 1 Wuzhicms | 2025-05-13 | N/A | 6.5 MEDIUM |
| An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file. | |||||
| CVE-2025-24091 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-12 | N/A | 5.5 MEDIUM |
| An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service. | |||||
| CVE-2025-28128 | 1 Mytel | 1 Telecom Online Account System | 2025-05-12 | N/A | 7.0 HIGH |
| An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request. | |||||
| CVE-2022-42983 | 1 Anji-plus | 1 Aj-report | 2025-05-10 | N/A | 8.8 HIGH |
| anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens. | |||||
| CVE-2024-58126 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-58127 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2025-31170 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-58125 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||