2.3
CVE-2025-1181 - GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption
A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is ratheβ¦
2.3
CVE-2025-1180 - GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruption
A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity ofβ¦
8.8
CVE-2024-13643 - Zox News <= 3.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modificβ¦
The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to unauthorized data modification. This vulnerability can lead to privilege escalation and denial of service conditions due to missing capability checks on the backup_options() and reset_options() functioβ¦
3.5
CVE-2024-52611 - SolarWinds Platform Information Disclosure Vulnerability
The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker in other malicious actions.
6.8
CVE-2024-52612 - SolarWinds Platform Reflected Cross-Site Scripting Vulnerability
SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. This vulnerability requires authentication by a high- privileged account to be exploitable.
4.6
CVE-2024-45718 - Sensitive data disclosure vulnerability
Sensitive data could be exposed to non- privileged users in a configuration file. Local access to the computer with a low- privileged account is required to access the configuration file containing the sensitive data.
3.5
CVE-2024-52606 - SolarWinds Platform Server-Side Request Forgery Vulnerability
SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input sanitation was not applied allowing for the possibility of a malicious web request.
5.5
CVE-2024-28989 - SolarWinds Web Help Desk Cryptographic Key Management Vulnerability
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the disclosure of sensitive information from the software.
2.3
CVE-2025-1179 - GNU Binutils ld libbfd.c bfd_putl64 memory corruption
A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather highβ¦
9.8
CVE-2025-0181 - WP Foodbakery <= 4.8 - Authentication Bypass in foodbakery_parse_request
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.8. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie. This makes it possible β¦