Currently trending CVE - Hype Score: 11 - Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Currently trending CVE - Hype Score: 5 - Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network.
Currently trending CVE - Hype Score: 20 - Relative path traversal in Windows Admin Center allows an authorized attacker to execute code over a network.
Currently trending CVE - Hype Score: 17 - Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute ...
Currently trending CVE - Hype Score: 19 - A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
Currently trending CVE - Hype Score: 12 - Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.
Currently trending CVE - Hype Score: 11 - Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.
Currently trending CVE - Hype Score: 28 - Description information displayed in the site administration live log
required additional sanitizing to prevent a stored XSS risk.
Currently trending CVE - Hype Score: 11 - Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Currently trending CVE - Hype Score: 8 - Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Currently trending CVE - Hype Score: 10 - Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Currently trending CVE - Hype Score: 6 - A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version <=TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve ...
Currently trending CVE - Hype Score: 6 - Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.
Currently trending CVE - Hype Score: 1 - httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP ...
Currently trending CVE - Hype Score: 3 - The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the ...
Currently trending CVE - Hype Score: 1 - The Starboard Suite Reservation Calendars plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attributes in the [starboard-suite-lightbox] shortcode in all versions up to, and including, 3.1.4 due to insufficient input sanitization and output ...
Currently trending CVE - Hype Score: 2 - Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation.
This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
Currently trending CVE - Hype Score: 2 - Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass.
This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
Checked
7 hours 10 minutes ago
Get the latest rankings and info for CVEs currently trending on social media