Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-03-11 CVE-2025-26661 Due to missing authorization check, SAP NetWeaver (ABAP Class Builder) allows an attacker to gain higher access levels than they should have, resulting in escalation of privileges.
network
low complexity
CWE-862
8.8
8.8
2025-03-11 CVE-2025-27434 Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated attacker to inject the malicious code from remote sources, which can be leveraged by an attacker to execute a cross-site scripting (XSS) attack.
network
low complexity
CWE-79
8.8
8.8
2025-03-10 CVE-2024-44227 Resource Exhaustion vulnerability in Apple Macos
The issue was addressed with improved memory handling.
network
low complexity
apple CWE-400
7.5
7.5
2025-03-10 CVE-2024-54546 Resource Exhaustion vulnerability in Apple Macos
The issue was addressed with improved memory handling.
network
low complexity
apple CWE-400
7.5
7.5
2025-03-10 CVE-2025-2153 Heap-based Buffer Overflow vulnerability in Hdfgroup Hdf5 1.14.6
A vulnerability, which was classified as critical, was found in HDF5 1.14.6.
network
high complexity
hdfgroup CWE-122
8.1
8.1
2025-03-10 CVE-2025-2151 Out-of-bounds Write vulnerability in Assimp 5.4.3
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
assimp CWE-787
8.8
8.8
2025-03-10 CVE-2025-2147 Forced Browsing vulnerability in Caishixiong Modern Farm Digital Integrated Management System 1.0
A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0.
network
low complexity
caishixiong CWE-425
7.5
7.5
2025-03-09 CVE-2025-2132 Injection vulnerability in Ftcms 2.1
A vulnerability classified as critical has been found in ftcms 2.1.
network
low complexity
ftcms CWE-74
7.2
7.2
2025-03-09 CVE-2025-2126 Injection vulnerability in Joomlaux JUX Real Estate 3.4.0
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical.
network
low complexity
joomlaux CWE-74
8.8
8.8
2025-03-09 CVE-2025-2121 Unspecified vulnerability in Thinkwarestore F800 PRO Firmware
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226.
low complexity
thinkwarestore
8.8
8.8