Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-27 | CVE-2025-1756 | Untrusted Search Path vulnerability in multiple products mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules\. | 7.8 |
| 2025-02-27 | CVE-2024-9334 | Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass.This issue affects Pallium Vehicle Tracking: before 17.10.2024. | 8.2 |
| 2025-02-27 | CVE-2025-1282 | Path Traversal vulnerability in Thememakers CAR Dealer Automotive The Car Dealer Automotive WordPress Theme – Responsive theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_post_photo() and add_car() functions in all versions up to, and including, 1.6.3. | 8.8 |
| 2025-02-27 | CVE-2025-1717 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Pluginly Login ME NOW The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.2. | 8.1 |
| 2025-02-27 | CVE-2024-2297 | Improper Privilege Management vulnerability in Bricksbuilder Bricks The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. | 8.8 |
| 2025-02-27 | CVE-2025-1295 | The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.7. | 8.8 |
| 2025-02-27 | CVE-2024-58002 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. | 7.8 |
| 2025-02-27 | CVE-2024-58007 | Out-of-bounds Read vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. | 7.1 |
| 2025-02-27 | CVE-2025-21735 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in nci_hci_create_pipe() The "pipe" variable is a u8 which comes from the network. | 7.8 |
| 2025-02-27 | CVE-2025-21741 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header. | 7.1 |