CVE-2024-3459 - KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browse... read CVE-2024-3459
Published: May 14, 2024; 11:41:12 AM -0400

V3.1: 7.8 HIGH

CVE-2024-34566 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through... read CVE-2024-34566
Published: May 08, 2024; 7:15:24 AM -0400

V3.1: 5.4 MEDIUM

CVE-2024-31349 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailMunch – Grow your Email List allows Stored XSS.This issue affects MailMunch – Grow your Email List: from n/a through 3.1.6.
Published: April 07, 2024; 2:15:13 PM -0400

V3.1: 5.4 MEDIUM

CVE-2024-29793 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2.
Published: March 27, 2024; 9:15:50 AM -0400

V3.1: 5.4 MEDIUM

CVE-2024-1707 - A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jsp#settings of the component Software Update Handler. The manipulation of the argument Reference leads... read CVE-2024-1707
Published: February 21, 2024; 2:15:08 PM -0500

V3.1: 6.1 MEDIUM

CVE-2024-25898 - A XSS vulnerability was found in the ChurchCRM v.5.5.0 functionality, edit your event, where malicious JS or HTML code can be inserted in the Event Sermon field in EventEditor.php.
Published: February 21, 2024; 1:15:51 PM -0500

V3.1: 6.1 MEDIUM

CVE-2024-1706 - A vulnerability, which was classified as problematic, has been found in ZKTeco ZKBio Access IVS up to 3.3.2. Affected by this issue is some unknown functionality of the component Department Name Search Bar. The manipulation with the input <marquee... read CVE-2024-1706
Published: February 21, 2024; 1:15:51 PM -0500

V3.1: 5.4 MEDIUM

CVE-2024-1702 - A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched rem... read CVE-2024-1702
Published: February 21, 2024; 12:15:08 PM -0500

V3.1: 9.8 CRITICAL

CVE-2024-1705 - A vulnerability was found in Shopwind up to 4.6. It has been rated as critical. This issue affects the function actionCreate of the file /public/install/controllers/DefaultController.php of the component Installation. The manipulation leads to cod... read CVE-2024-1705
Published: February 21, 2024; 1:15:50 PM -0500

V3.1: 8.1 HIGH

CVE-2024-24686 - Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability... read CVE-2024-24686
Published: May 28, 2024; 10:15:12 AM -0400

CVE-2024-24685 - Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability... read CVE-2024-24685
Published: May 28, 2024; 10:15:12 AM -0400

CVE-2024-24584 - Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabi... read CVE-2024-24584
Published: May 28, 2024; 10:15:11 AM -0400

CVE-2024-24583 - Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabi... read CVE-2024-24583
Published: May 28, 2024; 10:15:11 AM -0400

CVE-2025-21177 - Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network.
Published: February 06, 2025; 6:15:08 PM -0500

V3.1: 8.8 HIGH

CVE-2025-21253 - Microsoft Edge for IOS and Android Spoofing Vulnerability
Published: February 06, 2025; 6:15:08 PM -0500

V3.1: 5.3 MEDIUM

CVE-2025-21267 - Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published: February 06, 2025; 6:15:08 PM -0500

V3.1: 4.4 MEDIUM

CVE-2025-21279 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published: February 06, 2025; 6:15:09 PM -0500

V3.1: 8.8 HIGH

CVE-2025-21283 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published: February 06, 2025; 6:15:09 PM -0500

V3.1: 8.8 HIGH

CVE-2025-21342 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published: February 06, 2025; 6:15:09 PM -0500

V3.1: 8.8 HIGH

CVE-2025-21404 - Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published: February 06, 2025; 6:15:09 PM -0500