Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-04-21 CVE-2025-3845 A vulnerability was found in markparticle WebServer up to 1.0.
network
low complexity
CWE-120
7.3
7.3
2025-04-20 CVE-2025-3828 A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical.
network
low complexity
CWE-74
7.3
7.3
2025-04-20 CVE-2025-3829 A vulnerability was found in PHPGurukul Men Salon Management System 1.0.
network
low complexity
CWE-74
7.3
7.3
2025-04-20 CVE-2025-3827 A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as critical.
network
low complexity
CWE-74
7.3
7.3
2025-04-20 CVE-2025-43929 open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).
local
low complexity
CWE-346
7.8
7.8
2025-04-20 CVE-2025-43919 GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter.
network
low complexity
CWE-22
7.5
7.5
2025-04-20 CVE-2025-43920 GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line.
network
high complexity
CWE-78
8.1
8.1
2025-04-19 CVE-2025-3820 A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical.
network
low complexity
CWE-121
8.8
8.8
2025-04-19 CVE-2025-3819 A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as critical.
network
low complexity
CWE-74
7.3
7.3
2025-04-19 CVE-2025-3802 A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644).
network
low complexity
CWE-121
8.8
8.8