| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible |
| An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impact on confidentiality, integrity, and availability. |
| An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. |
| Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction. |
| Windows Cryptographic Services Security Feature Bypass Vulnerability |
| An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link. |
| An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network. |
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability |
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability |
| Microsoft SharePoint Remote Code Execution Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Xbox Wireless Adapter Remote Code Execution Vulnerability |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability |
| Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability |
| Windows Enroll Engine Security Feature Bypass Vulnerability |
| Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability |
| Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability |
