Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-04 | CVE-2025-0587 | Integer Overflow or Wraparound vulnerability in Openatom Openharmony 4.1/5.0.2 in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. | 7.8 |
| 2025-03-04 | CVE-2025-1321 | SQL Injection vulnerability in Mtrv Teachpress The teachPress plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tpsearch' shortcode in all versions up to, and including, 9.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
| 2025-03-04 | CVE-2025-1639 | Missing Authorization vulnerability in Crowdytheme Arolax The Animation Addons for Elementor Pro plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the install_elementor_plugin_handler() function in all versions up to, and including, 1.6. | 8.8 |
| 2025-03-04 | CVE-2025-20091 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | 7.8 |
| 2025-03-04 | CVE-2025-20626 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | 7.8 |
| 2025-03-04 | CVE-2025-21084 | NULL Pointer Dereference vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. | 7.8 |
| 2025-03-04 | CVE-2025-22835 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 7.8 |
| 2025-03-04 | CVE-2025-23240 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 7.8 |
| 2025-03-04 | CVE-2025-23409 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | 7.8 |
| 2025-03-04 | CVE-2025-23414 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | 7.8 |