Total
277606 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21297 | 2025-01-15 | 8.1 High | ||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2025-22781 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nativery Developer Nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through 0.1.6. | ||||
| CVE-2025-22780 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Yuzhakov wp-pano allows Stored XSS.This issue affects wp-pano: from n/a through 1.17. | ||||
| CVE-2025-21306 | 2025-01-15 | 8.8 High | ||
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-22779 | 2025-01-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Ugur CELIK WP News Sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through 1.0. | ||||
| CVE-2025-22778 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lijit Networks Inc. and Crowd Favorite Lijit Search allows Reflected XSS.This issue affects Lijit Search: from n/a through 1.1. | ||||
| CVE-2025-21309 | 2025-01-15 | 8.1 High | ||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2025-22776 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jay Carter WP Bulletin Board allows Reflected XSS.This issue affects WP Bulletin Board: from n/a through 1.1.4. | ||||
| CVE-2025-21173 | 2025-01-15 | 7.3 High | ||
| .NET Elevation of Privilege Vulnerability | ||||
| CVE-2025-22773 | 2025-01-15 | 5.3 Medium | ||
| Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in WPChill Htaccess File Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Htaccess File Editor: from n/a through 1.0.19. | ||||
| CVE-2025-21341 | 2025-01-15 | 6.6 Medium | ||
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-22769 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Brahma Multifox allows Stored XSS.This issue affects Multifox: from n/a through 1.3.7. | ||||
| CVE-2025-21344 | 2025-01-15 | 7.8 High | ||
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2025-21345 | 2025-01-15 | 7.8 High | ||
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2025-22766 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Masoud Amini Zarinpal Paid Download allows Reflected XSS.This issue affects Zarinpal Paid Download: from n/a through 2.3. | ||||
| CVE-2025-0501 | 2025-01-15 | 7.5 High | ||
| An issue in the native clients for Amazon WorkSpaces Clients when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle. | ||||
| CVE-2025-0500 | 2025-01-15 | 7.5 High | ||
| An issue in the native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle. | ||||
| CVE-2025-21346 | 2025-01-15 | 7.1 High | ||
| Microsoft Office Security Feature Bypass Vulnerability | ||||
| CVE-2025-21348 | 2025-01-15 | 7.2 High | ||
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2016-4303 | 4 Debian, Es, Novell and 1 more | 5 Debian Linux, Iperf3, Suse Package Hub For Suse Linux Enterprise and 2 more | 2025-01-15 | 9.8 Critical |
| The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. | ||||