Ex-ASML, NXP staffer accused of stealing chip secrets, peddling them to Moscow
We're not Putin up with this alleged industrial espionage, say the Dutch A Russian national...
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its...
Retirement funds reportedly raided after unexplained portal probes and data theft
Australians checking their pensions are melting down call centres and websites Australian...
April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft
Microsoft is continuing to build on their AI cybersecurity strategy and this month announced the...
Forward-thinking CISOs are shining a light on shadow IT
In this Help Net Security interview, Curtis Simpson, CISO and Chief Advocacy Officer at Armis,...
Connected cars drive into a cybersecurity crisis
Technology has entered all areas of life, and our cars are no exception. They have become...
Benefits from privacy investment are greater than the cost
Cisco released its 2025 Data Privacy Benchmark Study. The report looks at global trends in data...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
Latest Vulnerabilities
-
CVE-2025-3184
7.3A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file...
-
CVE-2025-3185
7.3A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been classified as critical. Affected is an unknown function of the file...
-
CVE-2025-3181
7.3A vulnerability, which was classified as critical, has been found in projectworlds Online Doctor Appointment Booking System 1.0. Affected by this issue is some unknown functionality of the file...
-
CVE-2025-3182
7.3A vulnerability, which was classified as critical, was found in projectworlds Online Doctor Appointment Booking System 1.0. This affects an unknown part of the file /patient/getschedule.php. The...
-
CVE-2025-3183
7.3A vulnerability has been found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file...
Latest Critical Vulnerabilities
-
CVE-2025-2005
9.8The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and...
-
CVE-2024-13553
9.8The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.7.9. This is due to the...
-
CVE-2025-2237
9.8The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication bypass in all versions up to, and including, 1.6.26. This is due to insufficient role restrictions...
-
CVE-2025-31084
9.8Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart allows Object Injection. This issue affects Sunshine Photo Cart: from n/a through 3.4.10.
-
CVE-2025-3011
9.8SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
-
CVE-2025-2266
9.8The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the...
-
CVE-2025-2294
9.8The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it...
-
CVE-2025-2332
9.8The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.13 via deserialization of untrusted input...