8.8
CVE-2025-20094 -
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege.
8.8
CVE-2025-22894 -
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a rβ¦
8.8
CVE-2025-22890 -
Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained.
7.3
CVE-2024-13487 - CURCY β Multi Currency for WooCommerce <= 2.2.5 - Unauthenticated Arbitrary Shortcode Execution viaβ¦
The The CURCY β Multi Currency for WooCommerce β The best free currency exchange plugin β Run smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution via the get_products_price() function in all versions up to, and including, 2.2.5. This is due to the softwarβ¦
4.7
CVE-2025-0522 - LikeBot β Decentralized like-system <= 0.85 - Admin+ Stored XSS via CSRF
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.
9.3
CVE-2024-51547 - Credentials Disclosure - keys
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
6.5
CVE-2025-0799 - IBM App Connect Enterprise Arbitrary File Write
IBM App Connect enterpriseΒ 12.0.1.0 through 12.0.12.10 andΒ 13.0.1.0 through 13.0.2.1Β could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories.
9.1
CVE-2024-51450 - IBM Security Verify Directory Command Execution
IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
7.8
CVE-2024-49814 - IBM Security Verify Access Appliance Privilege Escalation
IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated user to increase their privileges due to execution with unnecessary privileges.
8.8
CVE-2025-23093 -
The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager through V10 R1.54.1 and V11 through R0.22.1 could allow an authenticated attacker to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploit could allow an atβ¦