Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-03-04 CVE-2025-27220 Unspecified vulnerability in Ruby-Lang CGI
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.
network
low complexity
ruby-lang
7.5
7.5
2025-03-03 CVE-2025-1882 Register Interface Allows Software Access to Sensitive Data or Security Settings vulnerability in I-Drive I11 Firmware and I12 Firmware
A vulnerability was found in i-Drive i11 and i12 up to 20250227.
local
high complexity
i-drive CWE-1262
7.0
7.0
2025-03-03 CVE-2024-51954 Unspecified vulnerability in Esri Arcgis Server 10.9.1/11.1
There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone (Unfederated) ArcGIS Server instance.  If successful this compromise would have a high impact on Confidentiality, low impact on integrity and no impact to availability of the software.
network
low complexity
esri
7.1
7.1
2025-03-03 CVE-2025-1877 Improper Resource Shutdown or Release vulnerability in Dlink Dap-1562 Firmware 1.10
A vulnerability, which was classified as critical, was found in D-Link DAP-1562 1.10.
network
low complexity
dlink CWE-404
7.5
7.5
2025-03-03 CVE-2025-25967 Unspecified vulnerability in Ddsn Acora CMS 10.1.1
Acora CMS version 10.1.1 is vulnerable to Cross-Site Request Forgery (CSRF).
network
low complexity
ddsn
8.8
8.8
2025-03-03 CVE-2025-27501 Server-Side Request Forgery (SSRF) vulnerability in Openziti
OpenZiti is a free and open source project focused on bringing zero trust to any application.
network
low complexity
openziti CWE-918
8.6
8.6
2025-03-03 CVE-2024-45782 A flaw was found in the HFS filesystem.
local
low complexity
gnu redhat
7.8
7.8
2025-03-03 CVE-2025-0678 A flaw was found in grub2.
local
low complexity
gnu redhat
7.8
7.8
2025-03-03 CVE-2025-25301 Server-Side Request Forgery (SSRF) vulnerability in Danielgatis Rembg
Rembg is a tool to remove images background.
network
low complexity
danielgatis CWE-918
7.5
7.5
2025-03-03 CVE-2024-41770 Insufficiently Protected Credentials vulnerability in IBM Engineering Requirements Management Doors Next 7.0.2/7.0.3/7.1
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose application logic or other sensitive information.
network
low complexity
ibm CWE-522
7.5
7.5