Latest CVE Feed
-
5.7
MEDIUMCVE-2025-29817
Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.... Read more
Affected Products : power_automate_for_desktop- Published: Apr. 15, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
8.8
HIGHCVE-2025-49713
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : edge_chromium- Published: Jul. 02, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49563
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more
Affected Products : unity_operating_environment- Published: Mar. 28, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Injection
-
6.5
MEDIUMCVE-2025-29825
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.... Read more
Affected Products : edge_chromium- Published: May. 02, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Misconfiguration
-
7.5
HIGHCVE-2024-12766
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the `POST /api/proxy` REST API. Attackers can exploit this vulnerability to abuse the victim server's credentials to access unauthorized web res... Read more
Affected Products : lollms_web_ui- Published: Mar. 20, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Server-Side Request Forgery
-
7.5
HIGHCVE-2025-29834
Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : edge_chromium- Published: Apr. 12, 2025
- Modified: Jul. 08, 2025
-
5.5
MEDIUMCVE-2025-33065
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33063
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33062
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33061
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33060
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33059
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33058
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33055
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-32720
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-32719
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
6.3
MEDIUMCVE-2025-6071
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 21062... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Cryptography
-
9.0
CRITICALCVE-2025-34087
An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When adding a domain to the allowlist via the web interface, the domain parameter is not properly sanitized, allowing an attacker to append OS commands to the domain st... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Injection
-
7.5
HIGHCVE-2025-34086
Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, ... Read more
Affected Products : bolt- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authentication
-
8.2
HIGHCVE-2025-6073
Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is expl... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption