CVE ID : CVE-2025-21342 Published : Feb. 6, 2025, 11:15 p.m. | 4 hours, 50 minutes ago Description : Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source

CVE ID : CVE-2024-47258 Published : Feb. 6, 2025, 8:15 p.m. | 7 hours, 50 minutes ago Description : 2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices. Severity: 8.1 | HIGH Visit the link for more details, such…

CVE ID : CVE-2025-21177 Published : Feb. 6, 2025, 11:15 p.m. | 4 hours, 50 minutes ago Description : Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more……

CISA KEV Catalog Update Part III- February 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding five new vulnerabilities that are actively being exploited in … Read more Published Date: Feb 07, 2025 (3 hours, 5 minutes ago) Vulnerabilities has been mentioned in this article. Go to Source

CVE ID : CVE-2025-24787 Published : Feb. 6, 2025, 7:15 p.m. | 50 minutes ago Description : WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The…

CVE ID : CVE-2025-24981 Published : Feb. 6, 2025, 6:15 p.m. | 1 hour, 50 minutes ago Description : MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. In affected versions unsafe parsing logic of the URL from markdown can lead to arbitrary JavaScript code due to a bypass…

CVE ID : CVE-2025-24786 Published : Feb. 6, 2025, 7:15 p.m. | 50 minutes ago Description : WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory `/db`, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present…

CVE ID : CVE-2023-5878 Published : Feb. 6, 2025, 3:15 p.m. | 4 hours, 50 minutes ago Description : Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who is authenticated could use the firmware update process to potentially exploit the vulnerability, leading…

CVE ID : CVE-2024-39272 Published : Feb. 6, 2025, 5:15 p.m. | 2 hours, 50 minutes ago Description : A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to…

CVE ID : CVE-2024-37358 Published : Feb. 6, 2025, 12:15 p.m. | 7 hours, 50 minutes ago Description : Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6…