VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-28
CVE-2025-2926
NULL Pointer Dereference vulnerability in Hdfgroup Hdf5
A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic.
local
low complexity
hdfgroup
CWE-476
5.5
5.5
2025-03-28
CVE-2025-2919
Unspecified vulnerability in Netis-Systems Netis Wf-2404 Firmware 1.1.124En
A vulnerability was found in Netis WF-2404 1.1.124EN.
low complexity
netis-systems
6.8
6.8
2025-03-28
CVE-2025-2915
Out-of-bounds Write vulnerability in Hdfgroup Hdf5
A vulnerability classified as problematic was found in HDF5 up to 1.14.6.
local
low complexity
hdfgroup
CWE-787
5.5
5.5
2025-03-28
CVE-2025-2916
A vulnerability, which was classified as critical, has been found in Aishida Call Center System up to 20250314.
network
low complexity
CWE-74
6.3
6.3
2025-03-28
CVE-2024-39311
Unspecified vulnerability in Publify
Publify is a self hosted Web publishing platform on Rails.
network
low complexity
publify
5.4
5.4
2025-03-28
CVE-2025-0986
IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration.
local
high complexity
CWE-409
4.5
4.5
2025-03-28
CVE-2025-2901
A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store.
network
low complexity
CWE-79
4.6
4.6
2025-03-28
CVE-2025-1705
The tagDiv Composer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.3.
network
low complexity
CWE-79
6.1
6.1
2025-03-28
CVE-2025-2074
The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to generic SQL Injection via the ‘sSearch’ parameter in all versions up to, and including, 1.29 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
high complexity
CWE-89
5.3
5.3
2025-03-28
CVE-2025-2578
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.19 via the 'wpAmeliaApiCall' function.
network
low complexity
CWE-200
5.3
5.3
«
Previous
1
2
...
61
62
63
(current)
64
65
...
7227
7228
»
Next