Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow enabling local privilege escalation to SYSTEM, exploited in the wild in February 2025.
FortiOS and FortiProxy contain an authentication bypass allowing unauthenticated attackers with knowledge of upstream/downstream device serial numbers to gain super-admin privileges on downstream devices.
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 42.0% and no vendor patch available.
Windows Storage contains an elevation of privilege vulnerability through symlink following that allows authorized attackers to delete targeted files, enabling privilege escalation.
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 44.0% and no vendor patch available.
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Epss exploitation probability 37.8%.
The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 23.5% and no vendor patch available.
Dedecms 5.71sp1 and earlier is vulnerable to URL redirect. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Ash Authentication is an authentication framework for Elixir applications. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.
A vulnerability was found in GNU Binutils 2.43. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
The Stray Random Quotes WordPress plugin through 1.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Zarinpal Paid Download WordPress plugin through 2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.6%.
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing unauthenticated attackers to view specific pages and obtain database information as well as plaintext. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Buffer overflow vulnerability in Digital China DCBI-Netlog-LAB Gateway 1.0 due to the lack of length verification, which is related to saving parental control configuration information. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in dayrui XunRuiCMS 4.6.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Mayuri K Employee Management System up to 192.168.70.3 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in SourceCodester Image Compressor Tool 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in Privilege escalation. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Active Directory Domain Services API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Telephony Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.