Total
224 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-48219 | 2025-03-19 | N/A | 6.4 MEDIUM | ||
| Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities. | |||||
| CVE-2024-44122 | 1 Apple | 1 Macos | 2025-03-18 | N/A | 8.8 HIGH |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An application may be able to break out of its sandbox. | |||||
| CVE-2024-0029 | 1 Google | 1 Android | 2025-03-14 | N/A | 7.8 HIGH |
| In multiple files, there is a possible way to capture the device screen when disallowed by device policy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-33150 | 1 Microsoft | 3 365 Apps, Office, Word | 2025-02-28 | N/A | 9.6 CRITICAL |
| Microsoft Office Security Feature Bypass Vulnerability | |||||
| CVE-2021-31982 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 8.8 HIGH |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2023-38157 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2023-29354 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 4.7 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2023-28286 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2023-28284 | 1 Microsoft | 1 Edge | 2025-02-28 | N/A | 4.3 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2024-13794 | 1 Wpplugins | 1 Hide My Wp Ghost | 2025-02-25 | N/A | 5.3 MEDIUM |
| The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to discover the hidden login page location. | |||||
| CVE-2023-21024 | 1 Google | 1 Android | 2025-02-25 | N/A | 7.8 HIGH |
| In maybeFinish of FallbackHome.java, there is a possible delay of lockdown screen due to logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246543238 | |||||
| CVE-2019-1003030 | 2 Jenkins, Redhat | 2 Pipeline\, Openshift Container Platform | 2025-02-20 | 6.5 MEDIUM | 9.9 CRITICAL |
| A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM. | |||||
| CVE-2025-0411 | 1 7-zip | 1 7-zip | 2025-02-12 | N/A | 7.0 HIGH |
| 7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456. | |||||
| CVE-2022-33942 | 1 Intel | 1 Data Center Manager | 2025-02-05 | N/A | 8.8 HIGH |
| Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2021-33081 | 1 Intel | 60 Ssd 600p, Ssd 600p Firmware, Ssd 660p and 57 more | 2025-02-05 | N/A | 7.9 HIGH |
| Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2021-33079 | 1 Intel | 60 Ssd 600p, Ssd 600p Firmware, Ssd 660p and 57 more | 2025-02-05 | N/A | 4.1 MEDIUM |
| Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2024-38217 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 5.4 MEDIUM |
| Windows Mark of the Web Security Feature Bypass Vulnerability | |||||
| CVE-2025-21217 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.5 MEDIUM |
| Windows NTLM Spoofing Vulnerability | |||||
| CVE-2025-21211 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-27 | N/A | 6.8 MEDIUM |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2025-21276 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 7.5 HIGH |
| Windows MapUrlToZone Denial of Service Vulnerability | |||||