Latest CVE Feed
-
7.2
HIGHCVE-2025-12570
The Fancy Product Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.4.8 due to insufficient input sanitization and output escaping in the data-to-image.php and pdf-to-im... Read more
Affected Products : fancy_product_designer- Published: Dec. 12, 2025
- Modified: Dec. 12, 2025
- Vuln Type: Cross-Site Scripting
-
7.0
HIGHCVE-2025-13053
When a user configures the NAS to retrieve UPS status or control the UPS, a non-enforced TLS certificate verification can allow an attacker able to intercept network traffic between the client and server can perform a man-in-the-middle (MITM) attack, whic... Read more
Affected Products : data_master- Published: Dec. 12, 2025
- Modified: Dec. 12, 2025
- Vuln Type: Misconfiguration
-
6.7
MEDIUMCVE-2025-13670
The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting vulnerability... Read more
Affected Products : high_level_synthesis_compiler- Published: Dec. 12, 2025
- Modified: Dec. 12, 2025
- Vuln Type: Misconfiguration
-
6.7
MEDIUMCVE-2025-13669
Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows allows Search Order Hijacking.This issue affects High Level Synthesis Compiler: from 19.1 through 24.3.... Read more
Affected Products : high_level_synthesis_compiler- Published: Dec. 12, 2025
- Modified: Dec. 12, 2025
- Vuln Type: Path Traversal