| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Scripting Engine Memory Corruption Vulnerability |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| Open Management Infrastructure Information Disclosure Vulnerability |
| Azure CLI REST Command Information Disclosure Vulnerability |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| Azure DevOps Server Remote Code Execution Vulnerability |
| Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability |
| Microsoft Remote Registry Service Remote Code Execution Vulnerability |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
| Windows Hyper-V Elevation of Privilege Vulnerability |
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability |
| Microsoft Exchange Server Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Microsoft Office Security Feature Bypass Vulnerability |
| Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button. |
| TinyEnv is an environment variable loader for PHP applications. In versions 1.0.1, 1.0.2, 1.0.9, and 1.0.10, TinyEnv did not require the `.env` file to exist when loading environment variables. This could lead to unexpected behavior where the application silently ignores missing configuration, potentially causing insecure defaults or deployment misconfigurations. The issue has been fixed in version 1.0.11. All users should upgrade to 1.0.11 or later. As a workaround, users can manually verify the existence of the `.env` file before initializing TinyEnv. |
| TinyEnv is an environment variable loader for PHP applications. In versions 1.0.9 and 1.0.10, TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters (including # or comment text). Applications depending on strict environment values may expose logic errors, insecure defaults, or failed authentication. The issue is fixed in v1.0.11. Users should upgrade to the latest patched version. As a temporary workaround, avoid using inline comments in .env files, or sanitize loaded values manually. |
