Latest CVE Feed
-
5.5
MEDIUMCVE-2024-49541
Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more
- Published: Dec. 10, 2024
- Modified: Aug. 15, 2025
-
4.4
MEDIUMCVE-2024-6971
A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the `lollms_file_system.py` file. The functions `add_rag_database`, `toggle_mount_rag_database`, and `vectorize_folder` do not implement security measures such ... Read more
- Published: Oct. 11, 2024
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-2013
Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more
Affected Products : cobalt- Published: Mar. 11, 2025
- Modified: Aug. 15, 2025
-
4.8
MEDIUMCVE-2025-20180
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a u... Read more
Affected Products : secure_email_and_web_manager asyncos secure_email_gateway secure_email_gateway_virtual_appliance_c100v secure_email_gateway_virtual_appliance_c300v secure_email_gateway_virtual_appliance_c600v secure_email_gateway_c195 secure_email_gateway_c395 secure_email_gateway_c695 secure_email_and_web_manager_virtual_appliance_m100v +13 more products- Published: Feb. 05, 2025
- Modified: Aug. 15, 2025
-
7.2
HIGHCVE-2024-0844
The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData() function. This makes it possible for authenticated attackers, with administrator-level acc... Read more
- EPSS Score: %0.09
- Published: Feb. 02, 2024
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2024-13046
Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit t... Read more
Affected Products : cobalt- Published: Dec. 30, 2024
- Modified: Aug. 15, 2025
-
6.4
MEDIUMCVE-2024-1242
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it pos... Read more
Affected Products : premium_addons_for_elementor- Published: Feb. 29, 2024
- Modified: Aug. 15, 2025
-
8.8
HIGHCVE-2024-1522
A Cross-Site Request Forgery (CSRF) vulnerability in the parisneo/lollms-webui project allows remote attackers to execute arbitrary code on a victim's system. The vulnerability stems from the `/execute_code` API endpoint, which does not properly validate ... Read more
- Published: Mar. 30, 2024
- Modified: Aug. 15, 2025
-
8.2
HIGHCVE-2024-1646
parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a ... Read more
- Published: Apr. 16, 2024
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2024-21459
Information disclosure while handling beacon or probe response frame in STA.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +342 more products- Published: Aug. 05, 2024
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_blu... Read more
Affected Products : linux_kernel- EPSS Score: %0.04
- Published: Jan. 30, 2024
- Modified: Aug. 15, 2025
-
8.2
HIGHCVE-2024-34949
SQL injection vulnerability in Likeshop before 2.5.7 allows attackers to run abitrary SQL commands via the function OrderLogic::getOrderList function, exploited at the /admin/order/lists.html endpoint.... Read more
Affected Products : likeshop- Published: May. 20, 2024
- Modified: Aug. 15, 2025
-
5.3
MEDIUMCVE-2021-30187
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware runtime_toolkit 750-891_firmware +45 more products- EPSS Score: %0.12
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30188
CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt 750-891_firmware +46 more products- EPSS Score: %0.57
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30189
CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.57
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30190
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.43
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-30191
CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.41
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30192
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30193
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-30194
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025