VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-04-30
CVE-2024-25575
A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object.
network
low complexity
CWE-843
8.8
8.8
2024-04-30
CVE-2024-25648
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget.
network
low complexity
CWE-416
8.8
8.8
2024-04-30
CVE-2024-25938
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget.
network
low complexity
CWE-416
8.8
8.8
2024-04-30
CVE-2024-1895
The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.4 via deserialization via shortcode of untrusted input from a custom meta value.
network
high complexity
7.5
7.5
2024-04-30
CVE-2024-2663
The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.6 via the $_GET['image'] parameter.
network
low complexity
8.3
8.3
2024-04-30
CVE-2024-3072
The ACF Front End Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_texts() function in all versions up to, and including, 2.0.2.
network
low complexity
4.3
4.3
2024-04-30
CVE-2024-4185
The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code.
network
high complexity
8.1
8.1
2024-04-30
CVE-2024-0216
The Google Doc Embedder plugin for WordPress is vulnerable to Server Side Request Forgery via the 'gview' shortcode in versions up to, and including, 2.6.4.
network
low complexity
6.4
6.4
2024-04-29
CVE-2024-3375
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc.
network
low complexity
CWE-732
critical
9.4
9.4
2024-04-29
CVE-2024-4302
Super 8 Live Chat online customer service platform fails to properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box.
network
low complexity
6.1
6.1
«
1
(current)
2
3
4
5
...
21417
21418
»
Next