9.3
CVE-2025-15471 - TRENDnet TEW-713RE formFSrvX os command injection
A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function of the file /goformX/formFSrvX. The manipulation of the argument SZCMD results in os command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vโฆ
5.4
CVE-2025-14599 - Quartusยฎ Prime Standard and Quartusยฎ Prime Lite Security Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Liteย Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 throโฆ
5.4
CVE-2025-14612 - Quartus Prime Pro Edition Advisory
Insecure Temporary File vulnerability in Altera Quartus Prime Proย Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1.
5.4
CVE-2025-14605 - Quartus Prime Pro Edition Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.
7.1
CVE-2025-31642 - WordPress WPCHURCH plugin <= 2.7.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dasinfomedia WPCHURCH allows Reflected XSS.This issue affects WPCHURCH: from n/a through 2.7.0.
5.3
CVE-2025-31051 - WordPress Plant - Gardening & Houseplants WordPress Theme <= 1.0.0 - Sensitive Data Exposure Vulnerโฆ
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EngoTheme Plant - Gardening & Houseplants WordPress Theme allows Retrieve Embedded Sensitive Data.This issue affects Plant - Gardening & Houseplants WordPress Theme: from n/a through 1.0.0.
5.4
CVE-2025-14596 - Quartus Prime Pro Edition Installer Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.
9.9
CVE-2025-30996 - Arbitrary File Upload Vulnerability in WordPress themes by Themify
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.This โฆ
8.4
CVE-2025-13744 - Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub โฆ
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component (search) across GitHub that could be used to exfiltrate sensitive information. An attacker would requiโฆ
7.1
CVE-2025-30631 - Reflected Cross Site Scripting (XSS) vulnerability in AA-Team WordPress plugins
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team Woocommerce Sales Funnel Builder, AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) allows Reflected XSS.This issue affects Woocommerce Sales Funnel Buildโฆ