Latest CVE Feed
-
7.8
HIGHCVE-2024-49563
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more
Affected Products : unity_operating_environment- Published: Mar. 28, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Injection
-
6.5
MEDIUMCVE-2025-29825
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.... Read more
Affected Products : edge_chromium- Published: May. 02, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Misconfiguration
-
7.5
HIGHCVE-2024-12766
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the `POST /api/proxy` REST API. Attackers can exploit this vulnerability to abuse the victim server's credentials to access unauthorized web res... Read more
Affected Products : lollms_web_ui- Published: Mar. 20, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Server-Side Request Forgery
-
7.5
HIGHCVE-2025-29834
Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : edge_chromium- Published: Apr. 12, 2025
- Modified: Jul. 08, 2025
-
5.5
MEDIUMCVE-2025-33065
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33063
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33062
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33061
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33060
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33059
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33058
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33055
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-32720
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-32719
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
6.3
MEDIUMCVE-2025-6071
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 21062... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Cryptography
-
9.0
CRITICALCVE-2025-34087
An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When adding a domain to the allowlist via the web interface, the domain parameter is not properly sanitized, allowing an attacker to append OS commands to the domain st... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Injection
-
7.5
HIGHCVE-2025-34086
Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, ... Read more
Affected Products : bolt- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authentication
-
8.2
HIGHCVE-2025-6073
Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is expl... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
5.6
MEDIUMCVE-2025-53490
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extensio... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-6074
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authenticati... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Cryptography