CVE Alert: CVE-2024-35295
Vulnerability Summary: CVE-2024-35295 A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+...
Vulnerabilities
CVE Alert: CVE-2025-4798
Vulnerability Summary: CVE-2025-4798 The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and...
CVE Alert: CVE-2025-4799
Vulnerability Summary: CVE-2025-4799 The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on...
CVE Alert: CVE-2025-5395
Vulnerability Summary: CVE-2025-5395 The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file...
CVE Alert: CVE-2025-26412
Vulnerability Summary: CVE-2025-26412 The SIMCom SIM7600G modem supports an undocumented AT command, which allows an attacker to execute system commands...
CVE Alert: CVE-2025-4315
Vulnerability Summary: CVE-2025-4315 The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Privilege Escalation in all...
CVE Alert: CVE-2025-41661
Vulnerability Summary: CVE-2025-41661 An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack...
CVE Alert: CVE-2025-4573
Vulnerability Summary: CVE-2025-4573 Mattermost versions 10.7.x
CVE Alert: CVE-2025-41662
Vulnerability Summary: CVE-2025-41662 An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack...
CVE Alert: CVE-2025-5986
Vulnerability Summary: CVE-2025-5986 A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the...
CVE Alert: CVE-2025-49710
Vulnerability Summary: CVE-2025-49710 An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox <...
CVE Alert: CVE-2025-3302
Vulnerability Summary: CVE-2025-3302 The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
CVE Alert: CVE-2025-49709
Vulnerability Summary: CVE-2025-49709 Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4. Affected Endpoints:...
CVE Alert: CVE-2025-4128
Vulnerability Summary: CVE-2025-4128 Mattermost versions 10.5.x
CVE Alert: CVE-2025-32711
Vulnerability Summary: CVE-2025-32711 Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. Affected...
CVE Alert: CVE-2025-5687
Vulnerability Summary: CVE-2025-5687 A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This...
CVE Alert: CVE-2025-35941
Vulnerability Summary: CVE-2025-35941 A password is exposed locally. Affected Endpoints: No affected endpoints listed. Published Date: 6/11/2025, 2:15:33 PM ⚠️...
CVE Alert: CVE-2025-5144
Vulnerability Summary: CVE-2025-5144 The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-date-*’ parameters...
CVE Alert: CVE-2025-40914
Vulnerability Summary: CVE-2025-40914 Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX...
CVE Alert: CVE-2025-48013
Vulnerability Summary: CVE-2025-48013 Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from...
CVE Alert: CVE-2025-4922
Vulnerability Summary: CVE-2025-4922 Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and...
CVE Alert: CVE-2025-3473
Vulnerability Summary: CVE-2025-3473 IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to root due...
CVE Alert: CVE-2025-4605
Vulnerability Summary: CVE-2025-4605 A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability....
CVE Alert: CVE-2025-0163
Vulnerability Summary: CVE-2025-0163 IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate...
