Latest CVE Feed
-
7.8
HIGHCVE-2022-34707
Windows Kernel Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- EPSS Score: %0.28
- Published: Aug. 09, 2022
- Modified: Jun. 04, 2025
-
7.8
HIGHCVE-2022-34706
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- EPSS Score: %2.27
- Published: Aug. 09, 2022
- Modified: Jun. 04, 2025
-
7.8
HIGHCVE-2022-34705
Windows Defender Credential Guard Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows +2 more products- EPSS Score: %0.85
- Published: Aug. 09, 2022
- Modified: Jun. 04, 2025
-
7.8
HIGHCVE-2022-34703
Windows Partition Management Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 +4 more products- EPSS Score: %2.27
- Published: Aug. 09, 2022
- Modified: Jun. 04, 2025
-
8.1
HIGHCVE-2022-34702
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- EPSS Score: %0.75
- Published: Aug. 09, 2022
- Modified: Jun. 04, 2025
-
7.5
HIGHCVE-2022-34701
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- EPSS Score: %13.82
- Published: Aug. 09, 2022
- Modified: Jun. 04, 2025
-
7.5
HIGHCVE-2014-1745
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFa... Read more
Affected Products : chrome- EPSS Score: %0.80
- Published: May. 21, 2014
- Modified: Jun. 04, 2025
-
9.3
HIGHCVE-2011-2016
Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current w... Read more
- EPSS Score: %15.61
- Published: Nov. 08, 2011
- Modified: Jun. 04, 2025
-
7.5
HIGHCVE-2024-13254
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal REST Views allows Forceful Browsing.This issue affects REST Views: from 0.0.0 before 3.0.1.... Read more
Affected Products : rest_views- Published: Jan. 09, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Information Disclosure
-
5.4
MEDIUMCVE-2024-13252
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal TacJS allows Cross-Site Scripting (XSS).This issue affects TacJS: from 0.0.0 before 6.5.0.... Read more
Affected Products : tacjs- Published: Jan. 09, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Cross-Site Scripting
-
8.8
HIGHCVE-2025-4887
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Student Clearance System 1.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launc... Read more
Affected Products : online_student_clearance_system- Published: May. 18, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Cross-Site Request Forgery
-
9.8
CRITICALCVE-2025-4886
A vulnerability classified as critical was found in itsourcecode Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/product_update.php. The manipulation of the argument serial leads to sql injecti... Read more
Affected Products : sales_and_inventory_system- Published: May. 18, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-4813
A vulnerability, which was classified as critical, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an unknown function of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql ... Read more
- Published: May. 16, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-4812
A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument mobilenumber leads t... Read more
- Published: May. 16, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-4811
A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sq... Read more
Affected Products : pharmacy_management_system- Published: May. 16, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Injection
-
9.1
CRITICALCVE-2024-13253
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0.... Read more
Affected Products : advanced_pwa_inc_push_notifications- Published: Jan. 09, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Authorization
-
8.8
HIGHCVE-2024-13251
Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1.... Read more
Affected Products : registration_role- Published: Jan. 09, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2025-2676
A vulnerability, which was classified as critical, was found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file /add-subadmin.php. The manipulation of the argument sadminusername leads to sql injection. It is possibl... Read more
- Published: Mar. 24, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-2677
A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /changeidproof.php. The manipulation of the argument editid leads to sql injection. The attack c... Read more
- Published: Mar. 24, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Injection
-
5.4
MEDIUMCVE-2024-13249
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild Progressive: from 7.X-1.0 before 7.X-1.2.... Read more
Affected Products : node_access_rebuild_progressive- Published: Jan. 09, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Misconfiguration