Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-11 | CVE-2025-27434 | Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated attacker to inject the malicious code from remote sources, which can be leveraged by an attacker to execute a cross-site scripting (XSS) attack. | 8.8 |
| 2025-03-10 | CVE-2024-44227 | Resource Exhaustion vulnerability in Apple Macos The issue was addressed with improved memory handling. | 7.5 |
| 2025-03-10 | CVE-2024-54546 | Resource Exhaustion vulnerability in Apple Macos The issue was addressed with improved memory handling. | 7.5 |
| 2025-03-10 | CVE-2025-2153 | Heap-based Buffer Overflow vulnerability in Hdfgroup Hdf5 1.14.6 A vulnerability, which was classified as critical, was found in HDF5 1.14.6. | 8.1 |
| 2025-03-10 | CVE-2025-2147 | Forced Browsing vulnerability in Caishixiong Modern Farm Digital Integrated Management System 1.0 A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. | 7.5 |
| 2025-03-09 | CVE-2025-2132 | Injection vulnerability in Ftcms 2.1 A vulnerability classified as critical has been found in ftcms 2.1. | 7.2 |
| 2025-03-09 | CVE-2025-2126 | Injection vulnerability in Joomlaux JUX Real Estate 3.4.0 A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. | 8.8 |
| 2025-03-09 | CVE-2025-2118 | A vulnerability was found in Quantico Tecnologia PRMV 6.48. | 7.3 |
| 2025-03-08 | CVE-2024-11640 | Cross-Site Request Forgery (CSRF) vulnerability in E4Jconnect Vikrentcar The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. | 8.8 |
| 2025-03-08 | CVE-2024-13882 | Unrestricted Upload of File with Dangerous Type vulnerability in Coderevolution Aiomatic The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_generate_featured_image' function in all versions up to, and including, 2.3.8. | 8.8 |