| 2025-04-09 | CVE-2025-25023 | IBM Security Guardium 11.4 and 12.1 could allow a privileged user to read any file on the system due to incorrect privilege assignment. | 4.9 |
| 2025-04-09 | CVE-2017-20197 | A vulnerability was found in propanetank Roommate-Bill-Tracking up to 288437f658fc9ee7d4b92a9da12557024d8bc55c. | 7.3 |
| 2025-04-09 | CVE-2025-3100 | The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.22 due to insufficient input sanitization and output escaping in tasks discussion. | 6.4 |
| 2025-04-08 | CVE-2025-27188 | Improper Authorization vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. | 4.3 |
| 2025-04-08 | CVE-2025-27189 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce B2B
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could be exploited to cause a denial-of-service condition. | 4.3 |
| 2025-04-08 | CVE-2025-27190 | Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. | 5.3 |
| 2025-04-08 | CVE-2025-27191 | Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. | 5.3 |
| 2025-04-08 | CVE-2025-27192 | Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. | 2.7 |
| 2025-04-08 | CVE-2025-24446 | Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution. network low complexity adobe critical | 9.1 |
| 2025-04-08 | CVE-2025-24447 | Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user resulting in a High impact to Confidentiality and Integrity. network low complexity adobe critical | 9.1 |