Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-02-21 | CVE-2025-1535 | A vulnerability was found in Baiyi Cloud Asset Management System 8.142.100.161. | 7.3 |
2025-02-21 | CVE-2024-13353 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cyberchimps Responsive Addons for Elementor The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via several widgets. | 8.8 |
2025-02-21 | CVE-2025-1471 | Unspecified vulnerability in Eclipse OMR In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. | 7.8 |
2025-02-21 | CVE-2024-11260 | SQL Injection vulnerability in Pixelite Events Manager The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the active_status parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
2025-02-21 | CVE-2024-13818 | Information Exposure Through Log Files vulnerability in Genetechsolutions PIE Register The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3.9 through publicly exposed log files. | 7.5 |
2025-02-20 | CVE-2025-27097 | Resource Exhaustion vulnerability in The-Guild Graphql Mesh GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. | 7.5 |
2025-02-20 | CVE-2025-27098 | Path Traversal vulnerability in The-Guild Graphql Mesh CLI and Graphql Mesh Http GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. | 7.5 |
2025-02-20 | CVE-2025-27091 | Heap-based Buffer Overflow vulnerability in Cisco Openh264 OpenH264 is a free license codec library which supports H.264 encoding and decoding. | 7.5 |
2025-02-20 | CVE-2024-49781 | IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity injection (XXE) attack when processing XML data. | 7.1 |
2025-02-20 | CVE-2024-13476 | SQL Injection vulnerability in Eniture LTL Freight Quotes The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via the 'engtz_wd_save_dropship' AJAX endpoint in all versions up to, and including, 2.3.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |