Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-14 CVE-2024-45638 IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.
local
high complexity
CWE-256
4.1
4.1
2025-03-14 CVE-2024-45643 IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.
network
high complexity
CWE-327
5.9
5.9
2025-03-14 CVE-2025-29029 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29030 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29031 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-2000 A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13.
network
low complexity
CWE-502
critical
 9.8
9.8
2025-03-14 CVE-2024-12810 Missing Authorization vulnerability in Chimpgroup Jobcareer
The JobCareer | Job Board Responsive WordPress Theme theme for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 7.1.
network
low complexity
chimpgroup CWE-862
8.1
8.1
2025-03-14 CVE-2024-13771 Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
high complexity
uxper CWE-288
5.9
5.9
2025-03-14 CVE-2024-13772 Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
high complexity
uxper CWE-288
5.9
5.9
2025-03-14 CVE-2024-13773 Use of Hard-coded Cryptographic Key vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4 via hard-coded credentials.
network
low complexity
uxper CWE-321
7.5
7.5