Latest CVE Feed
-
8.8
HIGHCVE-2025-7151
A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/voters_add.php. The manipulation of the argument photo leads to unrestricted upload. The... Read more
Affected Products : advanced_online_voting_system- Published: Jul. 07, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authentication
-
7.5
HIGHCVE-2025-27484
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-27483
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
8.1
HIGHCVE-2025-27482
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
8.8
HIGHCVE-2025-27481
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-7152
A vulnerability classified as critical has been found in Campcodes Advanced Online Voting System 1.0. Affected is an unknown function of the file /admin/candidates_add.php. The manipulation of the argument photo leads to unrestricted upload. It is possibl... Read more
Affected Products : advanced_online_voting_system- Published: Jul. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authentication
-
8.1
HIGHCVE-2025-27480
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-27479
Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
-
7.0
HIGHCVE-2025-27478
Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-27477
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27476
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.0
HIGHCVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authentication
-
6.5
MEDIUMCVE-2025-27474
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2025-27473
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
5.4
MEDIUMCVE-2025-27472
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Misconfiguration
-
5.9
MEDIUMCVE-2025-27471
Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-27470
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
5.4
MEDIUMCVE-2025-7153
A vulnerability classified as problematic was found in CodeAstro Simple Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor.html of the component POST Parameter Handler. The manipulation of the ar... Read more
Affected Products : simple_hospital_management_system- Published: Jul. 08, 2025
- Modified: Jul. 08, 2025
-
7.5
HIGHCVE-2025-27469
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
6.1
MEDIUMCVE-2025-2712
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /help/top.jsp. The manipulation of the argument langcode leads to cross site scripting. The a... Read more
Affected Products : ufida_erp-nc- Published: Mar. 24, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Cross-Site Scripting