Latest CVE Feed
-
0.0
NACVE-2025-71103
In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: fix deferencing ifpc_reglist when not declared On plaforms with an a7xx GPU not supporting IFPC, the ifpc_reglist if still deferenced in a7xx_patch_pwrup_reglist() whic... Read more
Affected Products : linux_kernel- Published: Jan. 14, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Memory Corruption
-
5.3
MEDIUMCVE-2025-14880
The Netcash WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_return_url function in all versions up to, and including, 4.1.3. This makes it possible for una... Read more
Affected Products :- Published: Jan. 14, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Authorization
-
4.3
MEDIUMCVE-2025-14389
The WPBlogSyn plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the plugin's remote ... Read more
Affected Products :- Published: Jan. 14, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Cross-Site Request Forgery
-
7.8
HIGHCVE-2025-12051
The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.... Read more
Affected Products :- Published: Jan. 14, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Memory Corruption
-
6.8
MEDIUMCVE-2026-22718
The VSCode extension for Spring CLI are vulnerable to command injection, resulting in command execution on the users machine.... Read more
Affected Products :- Published: Jan. 14, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Injection