Total
277614 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22784 | 2025-01-15 | 8.6 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Johan Ström Background Control allows Path Traversal.This issue affects Background Control: from n/a through 1.0.5. | ||||
| CVE-2025-22782 | 2025-01-15 | 9.9 Critical | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through 1.0.8. | ||||
| CVE-2025-21297 | 2025-01-15 | 8.1 High | ||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2025-22781 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nativery Developer Nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through 0.1.6. | ||||
| CVE-2025-22780 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Yuzhakov wp-pano allows Stored XSS.This issue affects wp-pano: from n/a through 1.17. | ||||
| CVE-2025-21306 | 2025-01-15 | 8.8 High | ||
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-22779 | 2025-01-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Ugur CELIK WP News Sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through 1.0. | ||||
| CVE-2025-22778 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lijit Networks Inc. and Crowd Favorite Lijit Search allows Reflected XSS.This issue affects Lijit Search: from n/a through 1.1. | ||||
| CVE-2025-21309 | 2025-01-15 | 8.1 High | ||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2025-22776 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jay Carter WP Bulletin Board allows Reflected XSS.This issue affects WP Bulletin Board: from n/a through 1.1.4. | ||||
| CVE-2025-21173 | 2025-01-15 | 7.3 High | ||
| .NET Elevation of Privilege Vulnerability | ||||
| CVE-2025-22773 | 2025-01-15 | 5.3 Medium | ||
| Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in WPChill Htaccess File Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Htaccess File Editor: from n/a through 1.0.19. | ||||
| CVE-2025-21341 | 2025-01-15 | 6.6 Medium | ||
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-22769 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Brahma Multifox allows Stored XSS.This issue affects Multifox: from n/a through 1.3.7. | ||||
| CVE-2025-21344 | 2025-01-15 | 7.8 High | ||
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2025-21345 | 2025-01-15 | 7.8 High | ||
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2025-22766 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Masoud Amini Zarinpal Paid Download allows Reflected XSS.This issue affects Zarinpal Paid Download: from n/a through 2.3. | ||||
| CVE-2025-0501 | 2025-01-15 | 7.5 High | ||
| An issue in the native clients for Amazon WorkSpaces Clients when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle. | ||||
| CVE-2025-0500 | 2025-01-15 | 7.5 High | ||
| An issue in the native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle. | ||||
| CVE-2025-21346 | 2025-01-15 | 7.1 High | ||
| Microsoft Office Security Feature Bypass Vulnerability | ||||