5.4
CVE-2025-14605 - Quartus Prime Pro Edition Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.
7.1
CVE-2025-31642 - WordPress WPCHURCH plugin <= 2.7.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dasinfomedia WPCHURCH church-management allows Reflected XSS.This issue affects WPCHURCH: from n/a through <= 2.7.0.
5.3
CVE-2025-31051 - WordPress Plant - Gardening & Houseplants WordPress Theme <= 1.0.0 - Sensitive Data Exposure Vulnerβ¦
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EngoTheme Plant - Gardening & Houseplants WordPress Theme plant allows Retrieve Embedded Sensitive Data.This issue affects Plant - Gardening & Houseplants WordPress Theme: from n/a through <= 1.0.0.
5.4
CVE-2025-14596 - Quartus Prime Pro Edition Installer Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.
9.9
CVE-2025-30996 - WordPress Themify Newsy <= 1.9.9 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Newsy newsy allows Upload a Web Shell to a Web Server.This issue affects Themify Newsy: from n/a through <= 1.9.9.
8.4
CVE-2025-13744 - Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub β¦
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component (search) across GitHub that could be used to exfiltrate sensitive information. An attacker would requiβ¦
7.1
CVE-2025-30631 - WordPress Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) <= 1.2 - Croβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) azon-addon-js-composer allows Reflected XSS.This issue affects Amazon Affiliates Addon for WPBakery Page Builderβ¦
8.8
CVE-2025-29004 - WordPress Responsive Coming Soon Landing Page / Holding Page for WordPress plugin <= 3.0 - Privilegβ¦
Incorrect Privilege Assignment vulnerability in AA-Team Responsive Coming Soon Landing Page / Holding Page for WordPress wordpress-flat-countdown allows Privilege Escalation.This issue affects Responsive Coming Soon Landing Page / Holding Page for WordPress: from n/a through <= 3.0.
5.5
CVE-2026-21492 - iccDEV ToneMap Writer has NULL Pointer Member Call
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a NULL pointer member call vulnerability. This vulnerability affects users of the iccDEV libraβ¦
5.3
CVE-2025-7048 - On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can β¦
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic.