6.9

CVSS4.0

CVE-2021-25262 - Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph…

Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.

πŸ“… Published: May 21, 2025, 7:07 a.m. πŸ”„ Last Modified: June 10, 2025, 3:49 p.m.

8.3

CVSS4.0

CVE-2021-25255 - Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial o…

Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.

πŸ“… Published: May 21, 2025, 7:04 a.m. πŸ”„ Last Modified: June 10, 2025, 3:50 p.m.

0.0

CVE-2025-5026 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: May 21, 2025, 7:02 a.m. πŸ”„ Last Modified: June 7, 2025, 11:15 p.m.

8.2

CVSS4.0

CVE-2021-25254 - Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.

Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.

πŸ“… Published: May 21, 2025, 6:58 a.m. πŸ”„ Last Modified: June 10, 2025, 3:51 p.m.

6.8

CVSS4.0

CVE-2025-4949 - XXE vulnerability in Eclipse JGit

In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) a…

πŸ“… Published: May 21, 2025, 6:47 a.m. πŸ”„ Last Modified: Jan. 5, 2026, 6:11 p.m.

9.8

CVSS3.1

CVE-2025-4524 - Madara – Responsive and modern WordPress theme for manga sites <= 2.2.2 - Unauthenticated Local Fil…

The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the s…

πŸ“… Published: May 21, 2025, 6:39 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.4

CVSS3.1

CVE-2025-5024 - Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being…

πŸ“… Published: May 21, 2025, 6:16 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2025-4094 - Digits < 8.4.6.1 - Auth Bypass via OTP Bruteforcing

The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.

πŸ“… Published: May 21, 2025, 6 a.m. πŸ”„ Last Modified: Aug. 27, 2025, noon

5.3

CVSS4.0

CVE-2025-5013 - HkCms Search index.html cross site scripting

A vulnerability, which was classified as problematic, was found in HkCms up to 2.3.2.240702. This affects an unknown part of the file /index.php/search/index.html of the component Search. The manipulation of the argument keyword leads to cross site scripting. It is possible to initiate the attack r…

πŸ“… Published: May 21, 2025, 12:31 a.m. πŸ”„ Last Modified: June 17, 2025, 2:10 p.m.

4.8

CVSS4.0

CVE-2025-5011 - moonlightL hexo-boot Dynamic List Page index.html cross site scripting

A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has bee…

πŸ“… Published: May 21, 2025, midnight πŸ”„ Last Modified: June 17, 2025, 2:11 p.m.
Total resulsts: 345192
Page 4904 of 34,520
Β« previous page Β» next page
Filters