Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-03-31 CVE-2025-3038 Injection vulnerability in Fabian Payroll Management System 1.0
A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical.
network
low complexity
fabian CWE-74
8.8
2025-03-31 CVE-2025-3039 Injection vulnerability in Fabian Payroll Management System 1.0
A vulnerability was found in code-projects Payroll Management System 1.0.
network
low complexity
fabian CWE-74
8.8
2025-03-31 CVE-2025-26683 Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network.
network
high complexity
CWE-285
8.1
2025-03-31 CVE-2025-3018 SQL Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0
A vulnerability, which was classified as critical, was found in SourceCodester Online Eyewear Shop 1.0.
network
low complexity
oretnom23 CWE-89
7.5
2025-03-31 CVE-2025-3015 Out-of-bounds Read vulnerability in Assimp 5.4.3
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
assimp CWE-125
8.8
2025-03-31 CVE-2025-31117 Unspecified vulnerability in Open-Emr Openemr
OpenEMR is a free and open source electronic health records and medical practice management application.
network
low complexity
open-emr
7.5
2025-03-31 CVE-2025-2586 A flaw was found in the OpenShift Lightspeed Service, which is vulnerable to unauthenticated API request flooding.
network
low complexity
CWE-400
7.5
2025-03-31 CVE-2025-2984 Injection vulnerability in Fabian Payroll Management System 1.0
A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical.
network
low complexity
fabian CWE-74
8.8
2025-03-31 CVE-2025-2985 Injection vulnerability in Fabian Payroll Management System 1.0
A vulnerability was found in code-projects Payroll Management System 1.0.
network
low complexity
fabian CWE-74
8.8
2025-03-31 CVE-2025-31103 Deserialization of Untrusted Data vulnerability in Appleple A-Blog CMS
Untrusted data deserialization vulnerability exists in a-blog cms.
network
low complexity
appleple CWE-502
7.5