5.3
CVE-2025-2881 - Developer Toolbar <= 1.0.3 - Unauthenticated Information Exposure
The Developer Toolbar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the …
5.3
CVE-2025-2841 - Cart66 Cloud <= 2.3.7 - Unauthenticated Information Exposure
The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the expos…
7.5
CVE-2025-29834 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
6.8
CVE-2025-32726 - Visual Studio Code Elevation of Privilege Vulnerability
Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.
7.3
CVE-2025-29803 - Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulner…
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.
6.1
CVE-2025-2269 - Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.34 Reflected Cross-Site Scripting via…
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘image_id’ parameter in all versions up to, and including, 1.8.34 due to insufficient input sanitization and output escaping. This makes it possible for unauthenti…
9.3
CVE-2025-0129 - Prisma Access Browser: Inappropriate control behavior in Prisma Access Browser
An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. This enables the user to use Prisma Access Browser without any restrictions.
6.7
CVE-2024-11679 -
An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory.
0
CVE-2025-0123 - PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/…
6.3
CVE-2025-0119 - Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.