Latest CVE Feed
-
7.1
HIGHCVE-2024-23440
Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows to read up to 0x802 of memory from ar arbitrary user-supplied pointer.... Read more
Affected Products : vba32- Published: Feb. 13, 2024
- Modified: May. 19, 2025
-
7.1
HIGHCVE-2024-23439
Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability by triggering the 0x22201B, 0x22201F, 0x222023, 0x222027 ,0x22202B, 0x22202F, 0x22203F, 0x222057 and 0x22205B IOCTL codes of the Vba32m64.sys driver.... Read more
Affected Products : vba32- Published: Feb. 13, 2024
- Modified: May. 19, 2025
-
9.8
CRITICALCVE-2023-5011
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursename' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.... Read more
Affected Products : student_information_system- Published: Dec. 20, 2023
- Modified: May. 19, 2025
-
8.8
HIGHCVE-2023-5010
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.... Read more
Affected Products : student_information_system- Published: Dec. 20, 2023
- Modified: May. 19, 2025
-
8.8
HIGHCVE-2023-5007
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.... Read more
Affected Products : student_information_system- Published: Dec. 20, 2023
- Modified: May. 19, 2025
-
7.8
HIGHCVE-2025-30393
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2024 office_2021- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-30388
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 office windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +13 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
5.9
MEDIUMCVE-2025-30394
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-32702
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Injection
-
5.5
MEDIUMCVE-2025-32703
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authorization
-
8.4
HIGHCVE-2025-32704
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_long_term_servicing_channel excel_2016 office_2024 office_2021 office_2019- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
4.0
MEDIUMCVE-2025-29839
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
7.0
HIGHCVE-2025-29841
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Race Condition
-
6.1
MEDIUMCVE-2024-4534
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack... Read more
Affected Products : kkprogressbar2- Published: May. 27, 2024
- Modified: May. 19, 2025
-
8.8
HIGHCVE-2024-4535
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks... Read more
Affected Products : kkprogressbar2- Published: May. 27, 2024
- Modified: May. 19, 2025
-
6.5
MEDIUMCVE-2024-4533
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks... Read more
Affected Products : kkprogressbar2- Published: May. 27, 2024
- Modified: May. 19, 2025
-
7.5
HIGHCVE-2025-29842
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authorization
-
5.9
MEDIUMCVE-2025-29954
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +7 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
6.2
MEDIUMCVE-2025-29955
Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.... Read more
Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
5.4
MEDIUMCVE-2025-29956
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure