Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21342 | 1 Microsoft | 1 Edge Chromium | 2025-02-11 | N/A | 8.8 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2025-21404 | 1 Microsoft | 1 Edge Chromium | 2025-02-11 | N/A | N/A |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2023-51546 | 1 Webtoffee | 1 Woocommerce Pdf Invoices\, Packing Slips\, Delivery Notes And Shipping Labels | 2025-02-11 | N/A | 7.2 HIGH |
| Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1. | |||||
| CVE-2024-11128 | 1 Bitdefender | 1 Virus Scanner | 2025-02-11 | N/A | 7.8 HIGH |
| A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for MacOS may allow .dynamic library injection (DYLD injection) without being blocked by AppleMobileFileIntegrity (AMFI). This issue is caused by the absence of Hardened Runtime or Library Validation signing. This issue affects Bitdefender Virus Scanner versions before 3.18. | |||||
| CVE-2024-5813 | 1 Beyondtrust | 1 Beyondinsight Password Safe | 2025-02-11 | N/A | 4.9 MEDIUM |
| A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response. | |||||
| CVE-2024-21697 | 1 Atlassian | 1 Sourcetree | 2025-02-11 | N/A | 8.8 HIGH |
| This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9 Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20 See the release notes ([https://www.sourcetreeapp.com/download-archives]). You can download the latest version of Sourcetree for Mac and Sourcetree for Windows from the download center ([https://www.sourcetreeapp.com/download-archives]). This vulnerability was reported via our Penetration Testing program. | |||||
| CVE-2023-27192 | 1 Dualspace | 1 Super Security | 2025-02-11 | N/A | 9.8 CRITICAL |
| An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of service via the key_wifi_safe_net_check_url, KEY_Cirus_scan_whitelist and KEY_AD_NEW_USER_AVOID_TIME parameters. | |||||
| CVE-2025-21408 | 1 Microsoft | 1 Edge Chromium | 2025-02-11 | N/A | 8.8 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-38761 | 1 Zephyr-one | 1 Zephyr Project Manager | 2025-02-11 | N/A | 7.5 HIGH |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.99. | |||||
| CVE-2023-26986 | 1 Chinamobileltd | 1 Oa Mailbox Pc | 2025-02-11 | N/A | 7.8 HIGH |
| An issue in China Mobile OA Mailbox PC v2.9.23 allows remote attackers to execute arbitrary commands on a victim host via user interaction with a crafted EML file sent to their OA mailbox. | |||||
| CVE-2022-46703 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-02-11 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. An app may be able to read sensitive location information | |||||
| CVE-2024-1403 | 1 Progress | 1 Openedge | 2025-02-11 | N/A | 9.8 CRITICAL |
| In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication. | |||||
| CVE-2023-24544 | 1 Buffalo | 24 Bs-gs2008, Bs-gs2008 Firmware, Bs-gs2008p and 21 more | 2025-02-11 | N/A | 8.1 HIGH |
| Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier | |||||
| CVE-2022-46716 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-02-11 | N/A | 7.5 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings | |||||
| CVE-2023-25414 | 1 Aten | 2 Pe8108, Pe8108 Firmware | 2025-02-11 | N/A | 5.3 MEDIUM |
| Aten PE8108 2.4.232 is vulnerable to denial of service (DOS). | |||||
| CVE-2023-26774 | 1 Sales Tracker Management System Project | 1 Sales Tracker Management System | 2025-02-11 | N/A | 7.5 HIGH |
| An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint. | |||||
| CVE-2022-46717 | 1 Apple | 2 Ipados, Iphone Os | 2025-02-11 | N/A | 2.4 LOW |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2. A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features | |||||
| CVE-2017-0262 | 1 Microsoft | 1 Office | 2025-02-11 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281. | |||||
| CVE-2017-0145 | 2 Microsoft, Siemens | 27 Server Message Block, Windows 10 1507, Windows 10 1511 and 24 more | 2025-02-11 | 9.3 HIGH | 8.8 HIGH |
| The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148. | |||||
| CVE-2017-0148 | 2 Microsoft, Siemens | 27 Server Message Block, Windows 10 1507, Windows 10 1511 and 24 more | 2025-02-11 | 9.3 HIGH | 8.1 HIGH |
| The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146. | |||||