8.4

CVSS4.0

CVE-2025-2098 - Dylib Hijacking in Fast CAD Reader

Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions (rwxrwxrwx). This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users…

πŸ“… Published: March 26, 2025, 3:23 p.m. πŸ”„ Last Modified: Oct. 3, 2025, 9:15 a.m.

7.7

CVSS3.1

CVE-2025-27405 - Icinga Web 2 has XSS in embedded content

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of that …

πŸ“… Published: March 26, 2025, 3:10 p.m. πŸ”„ Last Modified: Aug. 1, 2025, 3:15 p.m.

6.5

CVSS3.1

CVE-2025-26739 - WordPress newseqo theme <= 2.1.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themefunction newseqo allows Stored XSS.This issue affects newseqo: from n/a through 2.1.1.

πŸ“… Published: March 26, 2025, 2:58 p.m. πŸ”„ Last Modified: March 27, 2025, 4:45 p.m.

6.5

CVSS3.1

CVE-2025-2820 - Denial of Service

An authenticated attacker can compromise the availability of the device via the network

πŸ“… Published: March 26, 2025, 2:58 p.m. πŸ”„ Last Modified: March 27, 2025, 4:45 p.m.

6.5

CVSS3.1

CVE-2025-26747 - WordPress RainbowNews theme <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 99colorthemes RainbowNews allows Stored XSS.This issue affects RainbowNews: from n/a through 1.0.7.

πŸ“… Published: March 26, 2025, 2:56 p.m. πŸ”„ Last Modified: July 13, 2025, 11:14 a.m.

6.6

CVSS3.1

CVE-2025-2819 - Unrestricted Fileupload

There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient validation in the file selection process. This could lead to data integrity issues and unauthorized access by an authenticated privileged user.

πŸ“… Published: March 26, 2025, 2:49 p.m. πŸ”„ Last Modified: March 27, 2025, 4:45 p.m.

6.5

CVSS3.1

CVE-2025-26869 - WordPress Build theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Build allows Stored XSS.This issue affects Build: from n/a through 1.0.3.

πŸ“… Published: March 26, 2025, 2:48 p.m. πŸ”„ Last Modified: March 27, 2025, 4:45 p.m.

0.0

CVE-2025-26922 - WordPress AuraMart theme <= 2.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in techthemes AuraMart auramart allows Stored XSS.This issue affects AuraMart: from n/a through <= 2.0.7.

πŸ“… Published: March 26, 2025, 2:45 p.m. πŸ”„ Last Modified: April 1, 2026, 5:19 p.m.

0.0

CVE-2025-26923 - WordPress Event post plugin <= 5.9.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through <= 5.9.8.

πŸ“… Published: March 26, 2025, 2:44 p.m. πŸ”„ Last Modified: April 1, 2026, 5:19 p.m.

0.0

CVE-2025-26929 - WordPress Accounting for WooCommerce plugin <= 1.6.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Accounting for WooCommerce accounting-for-woocommerce allows Stored XSS.This issue affects Accounting for WooCommerce: from n/a through <= 1.6.8.

πŸ“… Published: March 26, 2025, 2:42 p.m. πŸ”„ Last Modified: April 1, 2026, 5:19 p.m.
Total resulsts: 343168
Page 5600 of 34,317
Β« previous page Β» next page
Filters