VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-15
CVE-2025-4704
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical.
network
low complexity
CWE-74
7.3
7.3
2025-05-15
CVE-2025-4702
A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13.
network
low complexity
CWE-74
7.3
7.3
2025-05-15
CVE-2025-4698
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0.
network
low complexity
CWE-74
7.3
7.3
2025-05-15
CVE-2025-4699
A vulnerability classified as critical was found in PHPGurukul Apartment Visitors Management System 1.0.
network
low complexity
CWE-74
7.3
7.3
2025-05-15
CVE-2024-13914
The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.4 (file-manager-advanced-shortcode) and 2.5.6 (advanced-file-manager-pro-premium), via the 'file_manager_advanced' shortcode.
network
low complexity
CWE-22
7.2
7.2
2025-05-15
CVE-2025-3053
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uip_process_form_input() function.
network
low complexity
CWE-94
8.8
8.8
2025-05-15
CVE-2025-4579
The WP Content Security Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blocked-uri and effective-directive parameters in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
7.2
7.2
2025-05-14
CVE-2025-2900
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.
network
low complexity
CWE-122
7.5
7.5
2025-05-14
CVE-2025-3931
A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component.
local
low complexity
CWE-280
7.8
7.8
2025-05-14
CVE-2025-3623
The Uncanny Automator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.4.0.1 via deserialization of untrusted input in the automator_api_decode_message() function.
network
low complexity
CWE-502
8.1
8.1
«
Previous
1
2
3
(current)
4
5
...
6872
6873
»
Next