Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-18 | CVE-2025-26617 | Improper Access Control vulnerability in Wegia 3.2.13 WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. | 9.8 |
| 2025-02-18 | CVE-2025-26465 | A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. | 6.8 |
| 2025-02-18 | CVE-2024-4028 | A vulnerability was found in Keycloak. | 3.8 |
| 2025-02-18 | CVE-2024-13689 | The Uncode Core plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.9.1.6. | 6.3 |
| 2025-02-18 | CVE-2025-1269 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing.This issue affects Liman MYS: before 2.1.1 - 1010. low complexity CWE-601 | 4.8 |
| 2025-02-18 | CVE-2025-1035 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls.This issue affects KLog Server: before 3.1.1. low complexity CWE-22 | 5.7 |
| 2025-02-18 | CVE-2024-13636 | Deserialization of Untrusted Data vulnerability in Unitedthemes Brooklyn 4.9.7.6 The Brooklyn theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.9.2 via deserialization of untrusted input in the ot_decode function. | 8.8 |
| 2025-02-18 | CVE-2024-13667 | Cross-site Scripting vulnerability in Undsgn Uncode The Uncode theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mle-description’ parameter in all versions up to, and including, 2.9.1.6 due to insufficient input sanitization and output escaping. | 5.4 |
| 2025-02-18 | CVE-2024-13681 | Unspecified vulnerability in Undsgn Uncode The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_admin_get_oembed' function in all versions up to, and including, 2.9.1.6. | 7.5 |
| 2025-02-18 | CVE-2024-13691 | Unspecified vulnerability in Undsgn Uncode The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_recordMedia' function in all versions up to, and including, 2.9.1.6. | 6.5 |