VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-08
CVE-2025-1095
IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE).
local
low complexity
CWE-119
8.8
8.8
2025-04-08
CVE-2025-2807
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary plugin installations due to a missing capability check in the mvl_setup_wizard_install_plugin() function in all versions up to, and including, 1.4.64.
network
low complexity
CWE-862
8.8
8.8
2025-04-08
CVE-2024-41791
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions).
network
low complexity
CWE-306
7.3
7.3
2025-04-08
CVE-2024-41792
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions).
network
low complexity
CWE-22
8.6
8.6
2025-04-08
CVE-2024-41793
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions).
network
low complexity
CWE-306
8.6
8.6
2025-04-08
CVE-2025-3064
The WPFront User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.1.
network
low complexity
CWE-352
8.8
8.8
2025-04-08
CVE-2025-23186
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service.
network
high complexity
CWE-94
8.5
8.5
2025-04-08
CVE-2025-27428
Due to directory traversal vulnerability, an authorized attacker could gain access to some critical information by using RFC enabled function module.
network
low complexity
CWE-862
7.7
7.7
2025-04-08
CVE-2025-30014
SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation.
network
low complexity
CWE-35
7.7
7.7
2025-04-08
CVE-2025-3431
The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.91 via the 'dzsap_download' action.
network
low complexity
CWE-73
7.5
7.5
«
Previous
1
2
...
9
10
11
(current)
12
13
...
6791
6792
»
Next