|
1101
|
- |
|
-
|
-
|
An Improper Access Control vulnerability has been found in EmbedAI
2.1 and below. This vulnerability allows an authenticated attacker to obtain chat messages belonging to other users by changing th…
|
CWE-284
Improper Access Control
|
CVE-2025-0740
|
2025-01-30 20:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1102
|
- |
|
-
|
-
|
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing th…
|
CWE-284
Improper Access Control
|
CVE-2025-0739
|
2025-01-30 20:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1103
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Clinked Client Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'clinked-login-button' shortcode in all versions up to, and including, 1.9 due to insuffic…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12524
|
2025-01-30 20:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1104
|
- |
|
-
|
-
|
Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could po…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2025-21107
|
2025-01-30 19:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1105
|
- |
|
-
|
-
|
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Won…
|
CWE-269
Improper Privilege Management
|
CVE-2025-0834
|
2025-01-30 18:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1106
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The EthereumICO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ethereum-ico shortcode in all versions up to, and including, 2.4.6 due to insufficient input sanitiz…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12921
|
2025-01-30 15:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1107
|
- |
|
-
|
-
|
The Tracking Code Manager WordPress plugin before 2.4.0 does not sanitise and escape some of its metabox settings when outputing them in the page, which could allow users with a role as low as Contri…
|
-
|
CVE-2024-10309
|
2025-01-30 15:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1108
|
- |
|
-
|
-
|
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker wit…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2025-23374
|
2025-01-30 14:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1109
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Req…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2025-0848
|
2025-01-30 11:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1110
|
7.8 |
HIGH
Local
|
apple
|
macos
ipados
iphone_os
visionos
watchos
tvos
|
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious applicati…
|
CWE-416
Use After Free
|
CVE-2025-24085
|
2025-01-30 11:00 |
2025-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
