7.8
CVE-2025-66533 - WordPress GiveWP plugin <= 4.13.1 - Arbitrary Shortocde Execution vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through <= 4.13.1.
8.4
CVE-2025-2296 - Un-verified kernel bypass Secure Boot mechanism in direct boot mode
EDK2 contains a vulnerability in BIOS where an attacker may cause โ Improper Input Validationโ by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and Aโฆ
2.3
CVE-2025-14345 - Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server
A post-authenticationย flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction coordiโฆ
5.8
CVE-2024-38798 - Uncleared password keystrokes in circular queue can lead to information disclosure or escalation ofโฆ
EDK2 contains a vulnerability in BIOS where an attacker may cause โExposure of Sensitive Information to an Unauthorized Actorโ by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality.
0.0
CVE-2025-67613 -
Not used
0.0
CVE-2025-67610 -
Not used
0.0
CVE-2025-67612 -
Not used
0.0
CVE-2025-67611 -
Not used
0.0
CVE-2025-67607 -
Not used
0.0
CVE-2025-67609 -
Not used