| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-26465 | Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled | - | - | Medium | 6.8 | 2025-02-18 18:27:17 | Deep Dive |
| CVE-2025-0822 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 6.5 | 2025-02-15 12:43:03 | Deep Dive |
| CVE-2024-13791 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 4.9 | 2025-02-14 11:10:58 | Deep Dive |
| CVE-2025-0821 | Bit Assist <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 6.5 | 2025-02-14 11:10:58 | Deep Dive |
| CVE-2024-13606 | JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.8 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | rabilal | JS Help Desk – AI-Powered Support & Ticketing System | High | 7.5 | 2025-02-13 09:21:47 | Deep Dive |
| CVE-2025-1244 | Emacs: shell injection vulnerability in gnu emacs via custom "man" uri scheme | - | - | High | 8.8 | 2025-02-12 14:27:46 | Deep Dive |
| CVE-2024-13601 | Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin <= 1.0.5 - Authenticated (Subscriber+) Insecure Direct Object Reference | ahmadmj | Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin | Medium | 4.3 | 2025-02-12 05:28:41 | Deep Dive |
| CVE-2024-13600 | Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin <= 1.0.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | ahmadmj | Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin | High | 7.5 | 2025-02-12 05:28:41 | Deep Dive |
| CVE-2024-12243 | Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos | - | - | Medium | 5.3 | 2025-02-10 15:28:10 | Deep Dive |
| CVE-2024-12133 | Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos | - | - | Medium | 5.3 | 2025-02-10 15:28:03 | Deep Dive |
| CVE-2024-13607 | JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.8 - Authenticated (Subscriber+) Insecure Direct Object Reference | rabilal | JS Help Desk – AI-Powered Support & Ticketing System | Medium | 4.3 | 2025-02-04 06:41:54 | Deep Dive |
| CVE-2025-22695 | WordPress Nirweb support plugin <= 3.0.3 - Broken Access Control vulnerability | NirWp Team | Nirweb support | Medium | 4.3 | 2025-02-03 14:23:53 | Deep Dive |
| CVE-2024-13775 | WooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information Exposure | vanquish | WooCommerce Support Ticket System | Medium | 5.4 | 2025-02-01 12:21:31 | Deep Dive |
| CVE-2025-24741 | WordPress KB Support plugin <= 1.6.7 - Open Redirection vulnerability | LOGON | KB Support | Medium | 4.7 | 2025-01-27 14:22:19 | Deep Dive |
| CVE-2025-24591 | WordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.1 - Broken Access Control vulnerability | Ninja Team | GDPR CCPA Compliance Support | Medium | 4.3 | 2025-01-24 17:24:18 | Deep Dive |
| CVE-2024-11218 | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile | - | - | High | 8.6 | 2025-01-22 04:55:31 | Deep Dive |
| CVE-2025-22762 | WordPress Octrace Support Pro plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | Octrace | WordPress HelpDesk & Support Ticket System Plugin – Octrace Support | Medium | 5.9 | 2025-01-15 15:23:24 | Deep Dive |
| CVE-2024-12087 | Rsync: path traversal vulnerability in rsync | - | - | Medium | 6.5 | 2025-01-14 17:57:34 | Deep Dive |
| CVE-2024-12085 | Rsync: info leak via uninitialized stack contents | - | - | High | 7.5 | 2025-01-14 17:37:16 | Deep Dive |
| CVE-2025-22298 | WordPress Hive Support plugin <= 1.1.6 - Broken Access Control vulnerability | Hive Support | Hive Support | Medium | 4.3 | 2025-01-07 10:49:04 | Deep Dive |