Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24425 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2025-03-03 | N/A | N/A |
| Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction. | |||||
| CVE-2025-24408 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2025-03-03 | N/A | 6.5 MEDIUM |
| Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction. | |||||
| CVE-2025-21126 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 5.5 MEDIUM |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service condition. An attacker could exploit this vulnerability to cause the application to crash, resulting in a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-6567 | 1 Shopfiles | 1 Ebook Store | 2025-03-01 | N/A | N/A |
| The Ebook Store plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.8001. This is due to the plugin utilizing fpdi-protection and not preventing direct access to test files that have display_errors set to true. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | |||||
| CVE-2023-27119 | 1 Webassembly | 1 Wabt | 2025-02-28 | N/A | 5.5 MEDIUM |
| WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild. | |||||
| CVE-2021-31181 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 6.5 MEDIUM | N/A |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||
| CVE-2023-33157 | 1 Microsoft | 1 Sharepoint Server | 2025-02-28 | N/A | N/A |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||
| CVE-2023-36591 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | N/A | N/A |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2022-44689 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2019 and 2 more | 2025-02-28 | N/A | 7.8 HIGH |
| Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-40485 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2025-02-28 | 6.8 MEDIUM | N/A |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2023-24860 | 1 Microsoft | 1 Malware Protection Engine | 2025-02-28 | N/A | N/A |
| Microsoft Defender Denial of Service Vulnerability | |||||
| CVE-2023-36765 | 1 Microsoft | 1 Office | 2025-02-28 | N/A | 9.8 CRITICAL |
| Microsoft Office Elevation of Privilege Vulnerability | |||||
| CVE-2023-36573 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | N/A | N/A |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-36571 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | N/A | N/A |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-36592 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | N/A | N/A |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-20947 | 1 Google | 1 Android | 2025-02-28 | N/A | 7.8 HIGH |
| In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-237405974 | |||||
| CVE-2023-36718 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2025-02-28 | N/A | N/A |
| Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability | |||||
| CVE-2023-36574 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | N/A | N/A |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-24923 | 1 Microsoft | 1 Onedrive | 2025-02-28 | N/A | N/A |
| Microsoft OneDrive for Android Information Disclosure Vulnerability | |||||
| CVE-2021-31982 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | N/A |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||