5.3
CVE-2025-20128 - ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heapβ¦
8.8
CVE-2024-31903 - IBM Sterling B2B Integrator Standard Edition code execution
IBM Sterling B2B Integrator Standard EditionΒ 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.
5.1
CVE-2024-10929 - Spectre-BSE
In certain circumstances, an issue in Arm Cortex-A57,Β Cortex-A72 (revisions before r1p0), Cortex-A73 and Cortex-A75 may allow an adversary to gain a weak form of control over the victim's branch history.
7.5
CVE-2025-0638 - Routinator crashes when illegal characters are present in manifest file names
The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.
0.0
CVE-2025-23914 - WordPress Muzaara Google Ads Report Plugin <= 3.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in muzaara Muzaara Google Ads Report muzaara-adwords-optimize-dashboard allows Object Injection.This issue affects Muzaara Google Ads Report: from n/a through <= 3.1.
0.0
CVE-2025-23809 - WordPress Blue Wrench Video Widget Plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sunil Nanda Blue Wrench Video Widget blue-wrench-videos-widget allows Reflected XSS.This issue affects Blue Wrench Video Widget: from n/a through <= 2.1.0.
0.0
CVE-2025-23992 - WordPress Toocheke Companion plugin <= 1.166 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows Stored XSS.This issue affects Toocheke Companion: from n/a through <= 1.166.
0.0
CVE-2025-23882 - WordPress WP Download Codes Plugin <= 2.5.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in misanthrop WP Download Codes wp-download-codes allows Reflected XSS.This issue affects WP Download Codes: from n/a through <= 2.5.4.
0.0
CVE-2025-23846 - WordPress Flexible Blogtitle Plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thaikolja Flexible Blogtitle flexible-blogtitle allows Reflected XSS.This issue affects Flexible Blogtitle: from n/a through <= 0.1.
0.0
CVE-2025-23812 - WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows Reflected XSS.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/β¦