CVE Feed
- CVE ID : CVE-2025-31479 Published : April 2, 2025, 10:15 p.m. | 8 hours, 38 minutes ago Description : canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fails, the exception output may include the GITHUB_TOKEN. If the full token is […]
- CVE ID : CVE-2025-31722 Published : April 2, 2025, 3:15 p.m. | 15 hours, 38 minutes ago Description : In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. Severity: 8.8 | […]
- CVE ID : CVE-2024-45064 Published : April 2, 2025, 2:15 p.m. | 16 hours, 38 minutes ago Description : A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger […]
- CVE ID : CVE-2025-2005 Published : April 2, 2025, 10:15 a.m. | 20 hours, 38 minutes ago Description : The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and including, 3.2.32. This makes […]
- CVE ID : CVE-2025-3063 Published : April 2, 2025, 10:15 a.m. | 20 hours, 38 minutes ago Description : The Shopper Approved Reviews plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_callback_update_sa_option() function in versions 2.0 to 2.1. This makes it […]
- CVE ID : CVE-2023-40714 Published : April 2, 2025, 8:15 a.m. | 22 hours, 38 minutes ago Description : A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to escalate privilege via uploading certain GUI elements Severity: 9.9 | CRITICAL Visit the link for more details, such […]
- CVE ID : CVE-2024-39780 Published : April 2, 2025, 8:15 a.m. | 22 hours, 38 minutes ago Description : A YAML deserialization vulnerability was found in the Robot Operating System (ROS) 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The issue is caused by […]
- CVE ID : CVE-2025-25060 Published : April 2, 2025, 4:15 a.m. | 1 day, 2 hours ago Description : Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the product is running may be obtained and/or deleted by a remote unauthenticated attacker. Severity: 8.2 | HIGH […]
- CVE ID : CVE-2025-3067 Published : April 2, 2025, 1:15 a.m. | 1 day, 5 hours ago Description : Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: […]
- CVE ID : CVE-2025-3066 Published : April 2, 2025, 1:15 a.m. | 1 day, 5 hours ago Description : Use after free in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Severity: 8.8 | HIGH Visit the link for more […]