Total
277601 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-29983 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2025-22759 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.4. | ||||
| CVE-2024-29044 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-28945 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-28944 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2025-22758 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aiwp Elementor AI Addons allows DOM-Based XSS.This issue affects Elementor AI Addons: from n/a through 2.2.1. | ||||
| CVE-2024-28942 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-28940 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-28939 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2025-22755 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in James Bavington WP Headmaster allows Reflected XSS.This issue affects WP Headmaster: from n/a through 0.3. | ||||
| CVE-2025-22754 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Berkman Center for Internet & Society Amber allows Reflected XSS.This issue affects Amber: from n/a through 1.4.4. | ||||
| CVE-2025-21356 | 2025-01-15 | 7.8 High | ||
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2025-22753 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dueclic turboSMTP allows Reflected XSS.This issue affects turboSMTP: from n/a through 4.6. | ||||
| CVE-2025-22752 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GSheetConnector GSheetConnector for Forminator Forms allows Reflected XSS.This issue affects GSheetConnector for Forminator Forms: from n/a through 1.0.11. | ||||
| CVE-2025-22751 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mighty Digital Partners allows Reflected XSS.This issue affects Partners: from n/a through 0.2.0. | ||||
| CVE-2025-22750 | 2025-01-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tarak Patel Post Carousel & Slider allows Reflected XSS.This issue affects Post Carousel & Slider: from n/a through 1.0.4. | ||||
| CVE-2025-22749 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwoThemes Social Media Engine allows Stored XSS.This issue affects Social Media Engine: from n/a through 1.0.2. | ||||
| CVE-2025-22748 | 2025-01-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SetMore Appointments SetMore Theme – Custom Post Types allows Stored XSS.This issue affects SetMore Theme – Custom Post Types: from n/a through 1.1. | ||||
| CVE-2024-4591 | 1 Dedecms | 1 Dedecms | 2025-01-15 | 4.3 Medium |
| A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/sys_group_add.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263313 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4590 | 1 Dedecms | 1 Dedecms | 2025-01-15 | 4.3 Medium |
| A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/sys_info.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263312. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||