Total
32105 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9765 | 1 Lukashuser | 1 Ekc Tournament Manager | 2025-05-28 | N/A | 6.5 MEDIUM |
| The EKC Tournament Manager WordPress plugin before 2.2.2 allows a logged in admin to download system files outside of the WordPress directory | |||||
| CVE-2022-41237 | 1 Jenkins | 1 Dotci | 2025-05-28 | N/A | 9.8 CRITICAL |
| Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | |||||
| CVE-2025-24184 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-05-28 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to cause unexpected system termination. | |||||
| CVE-2025-31185 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-28 | N/A | 3.3 LOW |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3. Photos in the Hidden Photos Album may be viewed without authentication. | |||||
| CVE-2022-40616 | 1 Ibm | 1 Maximo Asset Management | 2025-05-28 | N/A | 8.1 HIGH |
| IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to. IBM X-Force ID: 236311. | |||||
| CVE-2021-4297 | 1 Jobe Project | 1 Jobe | 2025-05-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runs_post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is able to address this issue. The patch is identified as 694da5013dbecc8d30dd83e2a83e78faadf93771. It is recommended to upgrade the affected component. VDB-217174 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-5807 | 1 Esterox | 1 Business Card | 2025-05-28 | N/A | 7.2 HIGH |
| The Business Card WordPress plugin through 1.0.0 does not prevent high privilege users like administrators from uploading malicious PHP files, which could allow them to run arbitrary code on servers hosting their site, even in MultiSite configurations. | |||||
| CVE-2022-23951 | 1 Keylime | 1 Keylime | 2025-05-27 | N/A | 5.5 MEDIUM |
| In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs. | |||||
| CVE-2024-6330 | 1 Geomywp | 1 Geo My Wordpress | 2025-05-27 | N/A | 9.8 CRITICAL |
| The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution. | |||||
| CVE-2021-4226 | 1 Rsjoomla | 1 Rsfirewall\! | 2025-05-27 | N/A | 9.8 CRITICAL |
| RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented. | |||||
| CVE-2024-42835 | 1 Langflow | 1 Langflow | 2025-05-27 | N/A | 9.8 CRITICAL |
| langflow v1.0.12 was discovered to contain a remote code execution (RCE) vulnerability via the PythonCodeTool component. | |||||
| CVE-2024-51407 | 1 Projectfloodlight | 1 Floodlight | 2025-05-27 | N/A | 6.2 MEDIUM |
| Floodlight SDN OpenFlow Controller v.1.2 has an issue that allows local hosts to construct false broadcast ports causing inter-host communication anomalies. | |||||
| CVE-2022-32832 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2025-05-27 | N/A | 6.7 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32807 | 1 Apple | 2 Mac Os X, Macos | 2025-05-27 | N/A | 7.1 HIGH |
| This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files. | |||||
| CVE-2022-28721 | 1 Hp | 600 1g5m0a, 1g5m0a Firmware, 1k7k6a and 597 more | 2025-05-27 | N/A | 9.8 CRITICAL |
| Certain HP Print Products are potentially vulnerable to Remote Code Execution. | |||||
| CVE-2025-4751 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-05-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected is an unknown function of the file /index.data. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-37877 | 2 Apple, Arubanetworks | 2 Macos, Clearpass Policy Manager | 2025-05-27 | N/A | 7.8 HIGH |
| A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2022-37026 | 1 Erlang | 1 Erlang\/otp | 2025-05-27 | N/A | 9.8 CRITICAL |
| In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. | |||||
| CVE-2022-32882 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to bypass Privacy preferences. | |||||
| CVE-2022-32861 | 1 Apple | 2 Macos, Safari | 2025-05-27 | N/A | 5.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. A user may be tracked through their IP address. | |||||