Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-13 CVE-2025-24053 Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-285
7.2
7.2
2025-03-13 CVE-2025-24974 Missing Authorization vulnerability in Dataease
DataEase is an open source business intelligence and data visualization tool.
network
low complexity
dataease CWE-862
6.5
6.5
2025-03-13 CVE-2025-27103 Unspecified vulnerability in Dataease
DataEase is an open source business intelligence and data visualization tool.
network
low complexity
dataease
6.5
6.5
2025-03-13 CVE-2025-27138 Improper Authentication vulnerability in Dataease
DataEase is an open source business intelligence and data visualization tool.
network
low complexity
dataease CWE-287
critical
 9.8
9.8
2025-03-13 CVE-2025-29773 Unspecified vulnerability in Froxlor 2.2.5
Froxlor is open-source server administration software.
local
low complexity
froxlor
7.8
7.8
2025-03-13 CVE-2025-2263 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server 4.1.0
During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password.
network
low complexity
santesoft CWE-787
critical
 9.8
9.8
2025-03-13 CVE-2025-2264 Path Traversal vulnerability in Santesoft Sante Pacs Server 4.1.0
A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe".
network
low complexity
santesoft CWE-22
7.5
7.5
2025-03-13 CVE-2024-10942 The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.89 via deserialization of untrusted input in the 'replace_serialized_values' function.
network
high complexity
CWE-502
7.5
7.5
2025-03-13 CVE-2025-25175 A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All versions < V2406.0002).
local
low complexity
CWE-119
7.8
7.8
2025-03-13 CVE-2025-1785 The Download Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.08 via the 'wpdm_newfile' action.
network
low complexity
CWE-22
5.4
5.4