Latest Vulnerabilities

School Management System – WPSchoolPress <= 2.2.16 - Authenticated (Teacher+) SQL Injection (CVE-2025-1669)	2025-03-15 04:40:20 UTC (1 day ago)
School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User Deletion (CVE-2025-1668)	2025-03-15 04:40:20 UTC (1 day ago)
School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Privilege Escalation via Account Takeover (CVE-2025-1667)	2025-03-15 04:40:20 UTC (1 day ago)
dma-buf: heaps: Fix off-by-one in CMA heap fault handler (CVE-2024-46852)	2025-03-15 04:40:20 UTC (1 day ago)
Portfolio and Projects <= 1.5.3 - Authenticated (Administrator+) Stored Cross-Site Scripting (CVE-2024-13847)	2025-03-15 04:40:19 UTC (1 day ago)
WC Affiliate – A Complete WooCommerce Affiliate Plugin <= 2.5.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposu... (CVE-2024-12336)	2025-03-15 04:40:19 UTC (1 day ago)
Directory Listings WordPress plugin – uListing <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP O... (CVE-2025-1657)	2025-03-15 03:40:18 UTC (1 day ago)
Directory Listings WordPress plugin – uListing <= 2.1.7 - Authenticated (Subscriber+) Privilege Escalation (CVE-2025-1653)	2025-03-15 03:40:18 UTC (1 day ago)
274056675 springboot-openai-chatgpt User submit improper authorization (CVE-2025-2320)	2025-03-14 22:40:10 UTC (1 day ago)
Potential iSCSI R2T PDU Vulnerability (CVE-2025-2295)	2025-03-14 22:40:10 UTC (1 day ago)