Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-21 | CVE-2025-1538 | Out-of-bounds Write vulnerability in Dlink Dap-1320 Firmware 1.0 A vulnerability classified as critical was found in D-Link DAP-1320 1.00. | 8.8 |
| 2025-02-21 | CVE-2024-13900 | Code Injection vulnerability in Satollo Head, Footer, and Post Injections The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.3.0. | 7.2 |
| 2025-02-21 | CVE-2025-1535 | A vulnerability was found in Baiyi Cloud Asset Management System 8.142.100.161. | 7.3 |
| 2025-02-21 | CVE-2024-13353 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cyberchimps Responsive Addons for Elementor The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via several widgets. | 8.8 |
| 2025-02-21 | CVE-2025-1471 | Unspecified vulnerability in Eclipse OMR In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. | 7.8 |
| 2025-02-21 | CVE-2024-11260 | SQL Injection vulnerability in Pixelite Events Manager The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the active_status parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2025-02-21 | CVE-2024-13818 | Information Exposure Through Log Files vulnerability in Genetechsolutions PIE Register The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3.9 through publicly exposed log files. | 7.5 |
| 2025-02-20 | CVE-2025-27097 | Resource Exhaustion vulnerability in The-Guild Graphql Mesh GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. | 7.5 |
| 2025-02-20 | CVE-2025-27098 | Path Traversal vulnerability in The-Guild Graphql Mesh CLI and Graphql Mesh Http GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. | 7.5 |
| 2025-02-20 | CVE-2025-27091 | Heap-based Buffer Overflow vulnerability in Cisco Openh264 OpenH264 is a free license codec library which supports H.264 encoding and decoding. | 7.5 |