Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-02-07 CVE-2024-7419 Code Injection vulnerability in Soflyy WP ALL Export 1.7.9/1.8.6
The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.9.1 via the custom export fields.
network
low complexity
soflyy CWE-94
8.8
8.8
2025-02-07 CVE-2024-9664 Deserialization of Untrusted Data vulnerability in Soflyy WP ALL Import
The WP All Import Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.7 via deserialization of untrusted input from an import file.
network
low complexity
soflyy CWE-502
7.2
7.2
2025-02-07 CVE-2025-0303 Classic Buffer Overflow vulnerability in Openatom Openharmony 4.1.0/4.1.1
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow.
local
low complexity
openatom CWE-120
7.8
7.8
2025-02-07 CVE-2025-0304 Use After Free vulnerability in Openatom Openharmony 4.1.0/4.1.1
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
local
low complexity
openatom CWE-416
7.8
7.8
2025-02-06 CVE-2025-21177 Server-Side Request Forgery (SSRF) vulnerability in Microsoft Dynamics 365 Sales
Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network.
network
low complexity
microsoft CWE-918
8.8
8.8
2025-02-06 CVE-2025-21279 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
network
low complexity
microsoft
8.8
8.8
2025-02-06 CVE-2025-21283 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
network
low complexity
microsoft
8.8
8.8
2025-02-06 CVE-2025-21342 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
network
low complexity
microsoft
8.8
8.8
2025-02-06 CVE-2025-21408 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
network
low complexity
microsoft
8.8
8.8
2025-02-06 CVE-2024-54171 IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing XML data.
network
low complexity
CWE-611
7.1
7.1