VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-14
CVE-2025-1285
The Resido - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the delete_api_key and save_api_key AJAX actions in all versions up to, and including, 3.6.
network
low complexity
CWE-862
5.3
5.3
2025-03-14
CVE-2025-1528
The Search & Filter Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_meta_values' function in all versions up to, and including, 2.5.19.
network
low complexity
CWE-862
4.3
4.3
2025-03-14
CVE-2025-2056
The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function.
network
low complexity
CWE-23
7.5
7.5
2025-03-14
CVE-2025-2166
The CM FAQ – Simplify support with an intuitive FAQ management tool plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.5.
network
low complexity
CWE-79
6.1
6.1
2025-03-13
CVE-2025-24053
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-285
7.2
7.2
2025-03-13
CVE-2025-24974
Missing Authorization vulnerability in Dataease
DataEase is an open source business intelligence and data visualization tool.
network
low complexity
dataease
CWE-862
6.5
6.5
2025-03-13
CVE-2025-27103
Unspecified vulnerability in Dataease
DataEase is an open source business intelligence and data visualization tool.
network
low complexity
dataease
6.5
6.5
2025-03-13
CVE-2025-27138
Improper Authentication vulnerability in Dataease
DataEase is an open source business intelligence and data visualization tool.
network
low complexity
dataease
CWE-287
critical
9.8
9.8
2025-03-13
CVE-2025-29773
Unspecified vulnerability in Froxlor 2.2.5
Froxlor is open-source server administration software.
local
low complexity
froxlor
7.8
7.8
2025-03-13
CVE-2025-2263
Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server 4.1.0
During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password.
network
low complexity
santesoft
CWE-787
critical
9.8
9.8
«
Previous
1
2
...
158
159
160
(current)
161
162
...
16893
16894
»
Next