CVE-2025-31031 - Astoundify Job Colors for WP Job Manager Cross-site Scripting
CVE ID : CVE-2025-31031
Published : March 27, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Job Colors for WP Job Manager allows Stored XSS.This issue affects Job Colors for WP Job Manager: from n/a through 1.0.4.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31031
Published : March 27, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Job Colors for WP Job Manager allows Stored XSS.This issue affects Job Colors for WP Job Manager: from n/a through 1.0.4.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31101 - VaultRE Contact Form 7 Stored Cross-site Scripting (XSS)
CVE ID : CVE-2025-31101
Published : March 27, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vault Group Pty Ltd VaultRE Contact Form 7 allows Stored XSS.This issue affects VaultRE Contact Form 7: from n/a through 1.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31101
Published : March 27, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vault Group Pty Ltd VaultRE Contact Form 7 allows Stored XSS.This issue affects VaultRE Contact Form 7: from n/a through 1.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30232 - Exim Use-After-Free Privilege Escalation
CVE ID : CVE-2025-30232
Published : March 28, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30232
Published : March 28, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31092 - Ninja Team Click to Chat - WP Support All-in-One Floating Widget Cross-site Scripting Vulnerability
CVE ID : CVE-2025-31092
Published : March 28, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget allows Stored XSS. This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through 2.3.4.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31092
Published : March 28, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget allows Stored XSS. This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through 2.3.4.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1860 - Data::Entropy Perl Cryptographically Insecure Random Number Generation
CVE ID : CVE-2025-1860
Published : March 28, 2025, 1:15 a.m. | 44 minutes ago
Description : Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-1860
Published : March 28, 2025, 1:15 a.m. | 44 minutes ago
Description : Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-49563 - Dell Unity OS Command Injection Vulnerability
CVE ID : CVE-2024-49563
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-49563
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-49564 - Dell Unity OS Command Injection
CVE ID : CVE-2024-49564
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-49564
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-49565 - Dell Unity OS Command Injection
CVE ID : CVE-2024-49565
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-49565
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22398 - "Dell Unity OS Command Injection Vulnerability"
CVE ID : CVE-2025-22398
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it can be leveraged to completely compromise the operating system. Dell recommends customers to upgrade at the earliest opportunity.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22398
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it can be leveraged to completely compromise the operating system. Dell recommends customers to upgrade at the earliest opportunity.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24382 - Dell Unity OS Command Injection
CVE ID : CVE-2025-24382
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24382
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24383 - Dell Unity OS Command Injection Vulnerability
CVE ID : CVE-2025-24383
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is considered critical as it can be leveraged to delete critical system files as root. Dell recommends customers to upgrade at the earliest opportunity.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24383
Published : March 28, 2025, 2:15 a.m. | 3 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is considered critical as it can be leveraged to delete critical system files as root. Dell recommends customers to upgrade at the earliest opportunity.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13939 - Apache::String::Compare::ConstantTime Timing Attack Vulnerability
CVE ID : CVE-2024-13939
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string may be leaked (but not its contents)." This is similar to CVE-2020-36829
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-13939
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string may be leaked (but not its contents)." This is similar to CVE-2020-36829
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-49601 - Dell Unity OS Command Injection
CVE ID : CVE-2024-49601
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-49601
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23383 - Dell Unity OS Command Injection Vulnerability
CVE ID : CVE-2025-23383
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23383
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24377 - Dell Unity OS Command Injection
CVE ID : CVE-2025-24377
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24377
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24378 - Dell Unity OS Command Injection
CVE ID : CVE-2025-24378
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24378
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24379 - Dell Unity OS Command Injection
CVE ID : CVE-2025-24379
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24379
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24380 - Dell Unity OS Command Injection
CVE ID : CVE-2025-24380
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24380
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24381 - Dell Unity Open Redirect Vulnerability
CVE ID : CVE-2025-24381
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24381
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24385 - Dell Unity OS Command Injection
CVE ID : CVE-2025-24385
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24385
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24386 - Dell Unity OS Command Injection Vulnerability
CVE ID : CVE-2025-24386
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24386
Published : March 28, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...