Skip to main content
CVE-2025-0543 HIGH This Month

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD GitHub
CVSS 4.0
8.5
EPSS
0.0%
CVE-2025-0542 HIGH This Month

Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Path Traversal
NVD GitHub
CVSS 4.0
7.3
EPSS
0.1%
CVE-2024-39750 HIGH This Month

IBM Analytics Content Hub 2.0 is vulnerable to a buffer overflow due to improper return length checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow IBM Analytics Content Hub
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-13562 HIGH PATCH This Month

The Import WP - Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.5 via the uploads. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

WordPress Information Disclosure Import Wp
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-12600 HIGH This Month

The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.0 via deserialization of untrusted input from the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization WordPress Information Disclosure PHP
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2025-0682 HIGH This Month

The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trx_sc_reviews' shortcode 'type' attribute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP LFI Information Disclosure RCE WordPress +1
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-0411 HIGH KEV PATCH THREAT Act Now

7-Zip contains a Mark-of-the-Web bypass vulnerability allowing attackers to circumvent Windows security warnings when extracting files from malicious archives, exploited in campaigns targeting Ukrainian organizations.

RCE Active Iq Unified Manager 7 Zip Suse
NVD
CVSS 3.1
7.0
EPSS
52.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy