Total
30509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9461 | 1 Diyhi | 1 Bbs | 2025-09-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-3831 | 1 Checkpoint | 1 Harmony Sase | 2025-09-03 | N/A | 8.1 HIGH |
| Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. | |||||
| CVE-2025-33051 | 1 Microsoft | 1 Exchange Server | 2025-09-03 | N/A | 7.5 HIGH |
| Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2025-46762 | 1 Apache | 1 Parquet | 2025-09-02 | N/A | 8.1 HIGH |
| Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be executed. The exploit is only applicable if the client code of parquet-avro uses the "specific" or the "reflect" models deliberately for reading Parquet files. ("generic" model is not impacted) Users are recommended to upgrade to 1.15.2 or set the system property "org.apache.parquet.avro.SERIALIZABLE_PACKAGES" to an empty string on 1.15.1. Both are sufficient to fix the issue. | |||||
| CVE-2025-3735 | 1 Panelizer \(obsolete\) Project | 1 Panelizer \(obsolete\) | 2025-09-02 | N/A | 5.9 MEDIUM |
| Vulnerability in Drupal Panelizer (obsolete).This issue affects Panelizer (obsolete): *.*. | |||||
| CVE-2025-3736 | 1 Simple Gtm Project | 1 Simple Gtm | 2025-09-02 | N/A | 5.9 MEDIUM |
| Vulnerability in Drupal Simple GTM.This issue affects Simple GTM: *.*. | |||||
| CVE-2025-3737 | 1 Google Maps\ | 1 Store Locator Project | 2025-09-02 | N/A | 5.9 MEDIUM |
| Vulnerability in Drupal Google Maps: Store Locator.This issue affects Google Maps: Store Locator: *.*. | |||||
| CVE-2025-3738 | 1 Google Optimize Project | 1 Google Optimize | 2025-09-02 | N/A | 5.9 MEDIUM |
| Vulnerability in Drupal Google Optimize.This issue affects Google Optimize: *.*. | |||||
| CVE-2025-3903 | 1 Ueditor Project | 1 Ueditor | 2025-09-02 | N/A | 7.3 HIGH |
| Vulnerability in Drupal UEditor - 百度编辑器.This issue affects UEditor - 百度编辑器: *.*. | |||||
| CVE-2025-3904 | 1 Sportsleague Project | 1 Sportsleague | 2025-09-02 | N/A | 7.3 HIGH |
| Vulnerability in Drupal Sportsleague.This issue affects Sportsleague: *.*. | |||||
| CVE-2025-3060 | 1 Flattern Project | 1 Flattern | 2025-09-02 | N/A | 6.6 MEDIUM |
| Vulnerability in Drupal Flattern – Multipurpose Bootstrap Business Profile.This issue affects Flattern – Multipurpose Bootstrap Business Profile: *.*. | |||||
| CVE-2024-13299 | 1 Boozallen | 1 Megamenu Framework | 2025-09-02 | N/A | 6.6 MEDIUM |
| Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework: *.*. | |||||
| CVE-2024-13300 | 1 Print Anything Project | 1 Print Anything | 2025-09-02 | N/A | 6.6 MEDIUM |
| Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*. | |||||
| CVE-2024-13310 | 1 Git Utilities Project | 1 Git Utilities | 2025-09-02 | N/A | 6.5 MEDIUM |
| Vulnerability in Drupal Git Utilities for Drupal.This issue affects Git Utilities for Drupal: *.*. | |||||
| CVE-2024-13311 | 1 Allow All File Extensions For File Fields Project | 1 Allow All File Extensions For File Fields | 2025-09-02 | N/A | 7.3 HIGH |
| Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields: *.*. | |||||
| CVE-2024-13285 | 1 Wkhtmltopdf | 1 Wkhtmltopdf | 2025-09-02 | N/A | 9.8 CRITICAL |
| Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*. | |||||
| CVE-2025-43187 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 7.8 HIGH |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code. | |||||
| CVE-2024-7762 | 1 Presstigers | 1 Simple Job Board | 2025-08-29 | N/A | 3.7 LOW |
| The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes | |||||
| CVE-2024-1286 | 1 Strangerstudios | 1 Paid Memberships Pro | 2025-08-29 | N/A | 4.9 MEDIUM |
| The pmpro-membership-maps WordPress plugin before 0.7 does not prevent users with at least the contributor role from leaking sensitive information about users with a membership on the site. | |||||
| CVE-2020-17159 | 1 Redhat | 1 Language Support For Java | 2025-08-28 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | |||||