VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-07
CVE-2025-2059
A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as critical.
network
low complexity
CWE-74
7.3
7.3
2025-03-07
CVE-2025-2050
A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3.
network
low complexity
CWE-74
7.3
7.3
2025-03-06
CVE-2025-2038
A vulnerability was found in code-projects Blood Bank Management System 1.0.
network
low complexity
CWE-548
7.3
7.3
2025-03-06
CVE-2025-2034
A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical.
network
low complexity
CWE-74
7.3
7.3
2025-03-06
CVE-2024-51476
IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
network
low complexity
CWE-307
7.5
7.5
2025-03-06
CVE-2024-12146
Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection.This issue affects Finder ERP/CRM (New System): before 18.12.2024.
network
low complexity
CWE-1286
7.5
7.5
2025-03-06
CVE-2024-7872
Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows Retrieve Embedded Sensitive Data.This issue affects Extreme XDS: before 3933.
low complexity
CWE-201
7.6
7.6
2025-03-05
CVE-2025-20206
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time.
local
low complexity
CWE-347
7.1
7.1
2025-03-05
CVE-2024-11216
Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: through 05.03.2025. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
network
low complexity
CWE-639
7.6
7.6
2025-03-05
CVE-2024-13471
The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dt_process_imported_file function in all versions up to, and including, 4.7.
network
low complexity
CWE-22
7.5
7.5
«
Previous
1
2
3
4
(current)
5
6
...
6692
6693
»
Next