Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-11 CVE-2025-27173 Heap-based Buffer Overflow vulnerability in Adobe Substance 3D Modeler
Substance3D - Modeler versions 1.15.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-122
7.8
2025-03-11 CVE-2025-27180 Out-of-bounds Read vulnerability in Adobe Substance 3D Modeler
Substance3D - Modeler versions 1.15.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2025-03-11 CVE-2025-27181 Use After Free vulnerability in Adobe Substance 3D Modeler
Substance3D - Modeler versions 1.15.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-416
7.8
2025-03-11 CVE-2025-28856 Cross-Site Request Forgery (CSRF) vulnerability in W3Counter
Cross-Site Request Forgery (CSRF) vulnerability in dangrossman W3Counter Free Real-Time Web Stats allows Cross Site Request Forgery.
network
low complexity
w3counter CWE-352
8.8
2025-03-11 CVE-2025-28857 Cross-Site Request Forgery (CSRF) vulnerability in Rankchecker
Cross-Site Request Forgery (CSRF) vulnerability in rankchecker Rankchecker.io Integration allows Stored XSS.
network
low complexity
rankchecker CWE-352
6.1
2025-03-11 CVE-2025-28859 Cross-Site Request Forgery (CSRF) vulnerability in Codevibrant Maintenance Notice
Cross-Site Request Forgery (CSRF) vulnerability in CodeVibrant Maintenance Notice allows Cross Site Request Forgery.
network
low complexity
codevibrant CWE-352
8.8
2025-03-11 CVE-2025-28860 Cross-Site Request Forgery (CSRF) vulnerability in Ppdpurveyor Google News Editors Picks Feed Generator
Cross-Site Request Forgery (CSRF) vulnerability in PPDPurveyor Google News Editors Picks Feed Generator allows Stored XSS.
network
low complexity
ppdpurveyor CWE-352
6.1
2025-03-11 CVE-2025-28861 Cross-Site Request Forgery (CSRF) vulnerability in Bhzad WP Jquery Persian Datepicker 0.1.0
Cross-Site Request Forgery (CSRF) vulnerability in bhzad WP jQuery Persian Datepicker allows Stored XSS.
network
low complexity
bhzad CWE-352
6.1
2025-03-11 CVE-2025-28862 Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Comment Date and Gravatar Remover 1.0
Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Comment Date and Gravatar remover allows Cross Site Request Forgery.
network
low complexity
venugopal CWE-352
8.8
2025-03-11 CVE-2025-28863 Cross-Site Request Forgery (CSRF) vulnerability in Carlosminatti Delete Original Image
Cross-Site Request Forgery (CSRF) vulnerability in Carlos Minatti Delete Original Image allows Cross Site Request Forgery.
network
low complexity
carlosminatti CWE-352
8.8