Total
307032 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47966 | 1 Microsoft | 1 Power Automate For Desktop | 2025-07-08 | N/A | 9.8 CRITICAL |
| Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network. | |||||
| CVE-2025-29817 | 1 Microsoft | 1 Power Automate For Desktop | 2025-07-08 | N/A | 5.7 MEDIUM |
| Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network. | |||||
| CVE-2025-49713 | 1 Microsoft | 1 Edge Chromium | 2025-07-08 | N/A | 8.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2024-49563 | 1 Dell | 1 Unity Operating Environment | 2025-07-08 | N/A | 7.8 HIGH |
| Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges. | |||||
| CVE-2025-29825 | 1 Microsoft | 1 Edge Chromium | 2025-07-08 | N/A | 6.5 MEDIUM |
| User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2024-12766 | 1 Lollms | 1 Lollms Web Ui | 2025-07-08 | N/A | 7.5 HIGH |
| parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the `POST /api/proxy` REST API. Attackers can exploit this vulnerability to abuse the victim server's credentials to access unauthorized web resources by specifying the JSON parameter `{"url":"http://steal.target"}`. Existing security mechanisms such as `forbid_remote_access(lollmsElfServer)`, `lollmsElfServer.config.headless_server_mode`, and `check_access(lollmsElfServer, request.client_id)` do not protect against this vulnerability. | |||||
| CVE-2025-29834 | 1 Microsoft | 1 Edge Chromium | 2025-07-08 | N/A | 7.5 HIGH |
| Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-33065 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-33063 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-33062 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-33061 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-33060 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-33059 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-33058 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-33055 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-32720 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-32719 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-53500 | 2025-07-08 | N/A | 5.6 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.This issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. | |||||
| CVE-2025-52554 | 2025-07-08 | N/A | N/A | ||
| n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading to potential business disruption. This issue has been patched in version 1.99.1. A workaround involves restricting access to the /rest/executions/:id/stop endpoint via reverse proxy or API gateway. | |||||
| CVE-2025-53501 | 2025-07-08 | N/A | 8.8 HIGH | ||
| Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. | |||||