Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-0748 | 1 Mozilla | 1 Firefox | 2025-06-11 | N/A | 4.3 MEDIUM |
| A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122. | |||||
| CVE-2024-8009 | 1 Automattic | 1 Sensei Lms | 2025-06-11 | N/A | N/A |
| The Sensei LMS WordPress plugin before 4.20.0 disclose all users of the blog including their email address to teachers on the students page | |||||
| CVE-2024-34509 | 2 Debian, Offis | 2 Debian Linux, Dcmtk | 2025-06-11 | N/A | N/A |
| dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. | |||||
| CVE-2021-43905 | 1 Microsoft | 1 365 Copilot | 2025-06-11 | 6.8 MEDIUM | 9.6 CRITICAL |
| Microsoft Office app Remote Code Execution Vulnerability | |||||
| CVE-2023-43591 | 1 Zoom | 1 Rooms | 2025-06-11 | N/A | 7.8 HIGH |
| Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access. | |||||
| CVE-2024-9529 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2025-06-11 | N/A | N/A |
| The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from running arbitrary functions through its setting import functionalities, which could allow high privilege users such as admin to run arbitrary PHP functions. | |||||
| CVE-2024-27447 | 1 Pretix | 1 Pretix | 2025-06-11 | N/A | N/A |
| pretix before 2024.1.1 mishandles file validation. | |||||
| CVE-2022-43855 | 1 Ibm | 1 Spss Statistics | 2025-06-10 | N/A | 5.5 MEDIUM |
| IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service. | |||||
| CVE-2023-30305 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-06-10 | N/A | N/A |
| An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service. | |||||
| CVE-2024-26529 | 1 Mz-automation | 1 Libiec61850 | 2025-06-10 | N/A | N/A |
| An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c. | |||||
| CVE-2025-5649 | 1 Razormist | 1 Student Result Management System | 2025-06-10 | N/A | 6.5 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /admin/core/new_user of the component Register Interface. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-5553 | 1 Axis | 2 Axis Os, Axis Os 2022 | 2025-06-10 | N/A | 6.8 MEDIUM |
| During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | |||||
| CVE-2024-1526 | 1 Devpups | 1 Social Pug | 2025-06-10 | N/A | N/A |
| The Hubbub Lite WordPress plugin before 1.33.1 does not ensure that user have access to password protected post before displaying its content in a meta tag. | |||||
| CVE-2023-42876 | 1 Apple | 1 Macos | 2025-06-09 | N/A | 7.1 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. Processing a file may lead to a denial-of-service or potentially disclose memory contents. | |||||
| CVE-2025-31201 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-09 | N/A | N/A |
| This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS. | |||||
| CVE-2025-4094 | 1 Unitedover | 1 Digits | 2025-06-09 | N/A | N/A |
| The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them. | |||||
| CVE-2024-24882 | 1 Themegrill | 1 Masteriyo | 2025-06-09 | N/A | 9.8 CRITICAL |
| Improper Privilege Management vulnerability in Masteriyo LMS allows Privilege Escalation.This issue affects LMS: from n/a through 1.7.2. | |||||
| CVE-2025-27131 | 1 Openatom | 1 Openharmony | 2025-06-09 | N/A | 5.5 MEDIUM |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOSÂ through improper input. | |||||
| CVE-2025-27242 | 1 Openatom | 1 Openharmony | 2025-06-09 | N/A | 5.5 MEDIUM |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. | |||||
| CVE-2025-2518 | 1 Ibm | 1 Db2 | 2025-06-09 | N/A | 7.5 HIGH |
| IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. | |||||