Total
401 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54085 | 2025-03-11 | N/A | ||
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2022-24112 | 1 Apache | 1 Apisix | 2025-03-06 | 9.8 Critical |
| An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed. | ||||
| CVE-2025-27671 | 2025-03-05 | 9.8 Critical | ||
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Device Impersonation OVE-20230524-0015. | ||||
| CVE-2025-22271 | 2025-03-05 | N/A | ||
| The application or its infrastructure allows for IP address spoofing by providing its own value in the "X-Forwarded-For" header. Thus, the action logging mechanism in the application loses accountability This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact the vendor we did not receive any answer. | ||||
| CVE-2023-23398 | 1 Microsoft | 3 365 Apps, Excel, Office | 2025-02-28 | 7.1 High |
| Microsoft Excel Spoofing Vulnerability | ||||
| CVE-2021-31172 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 7.1 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-28478 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 7.6 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-26418 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 4.6 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2023-38173 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge for Android Spoofing Vulnerability | ||||
| CVE-2023-36883 | 1 Microsoft | 1 Edge | 2025-02-28 | 4.3 Medium |
| Microsoft Edge for iOS Spoofing Vulnerability | ||||
| CVE-2023-36769 | 1 Microsoft | 1 Onenote | 2025-02-28 | 4.6 Medium |
| Microsoft OneNote Spoofing Vulnerability | ||||
| CVE-2023-35392 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.7 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-29334 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-24935 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 6.1 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-24892 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 8.2 High |
| Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | ||||
| CVE-2023-21794 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2021-31209 | 1 Microsoft | 1 Exchange Server | 2025-02-28 | 6.5 Medium |
| Microsoft Exchange Server Spoofing Vulnerability | ||||
| CVE-2021-31195 | 1 Microsoft | 1 Exchange Server | 2025-02-28 | 6.5 Medium |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2022-48349 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-24 | 9.1 Critical |
| The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability. | ||||
| CVE-2023-51327 | 2025-02-21 | 6.5 Medium | ||
| A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. | ||||