CVE-2025-13606
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-02T05:16:20.617000

1 posts

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.19. This is due to missing or incorrect nonce validation on the `parseData` function. This makes it possible for unauthenticated attackers to export sensitive information including user data, email addresses, password hashes, and WooCommer

CVE-2025-13387
(7.2 HIGH)

EPSS: 0.00%

updated 2025-12-02T05:16:17.163000

2 posts

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2025-66382
(2.9 LOW)

EPSS: 0.01%

updated 2025-12-02T03:32:48

1 posts

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

CVE-2025-20775(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T03:31:57

1 posts

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

CVE-2024-45675
(8.4 HIGH)

EPSS: 0.00%

updated 2025-12-02T03:31:52

1 posts

IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password.

CVE-2025-20792
(0 None)

EPSS: 0.00%

updated 2025-12-02T03:16:20.193000

1 posts

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.

CVE-2025-20791
(0 None)

EPSS: 0.00%

updated 2025-12-02T03:16:20.050000

1 posts

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661189; Issue ID: MSV-4298.

CVE-2025-20790
(0 None)

EPSS: 0.00%

updated 2025-12-02T03:16:19.907000

1 posts

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01677581; Issue ID: MSV-4701.

CVE-2025-20789
(0 None)

EPSS: 0.00%

updated 2025-12-02T03:16:19.767000

1 posts

In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117741; Issue ID: MSV-4538.

CVE-2025-20788
(0 None)

EPSS: 0.00%

updated 2025-12-02T03:16:19.617000

1 posts

In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117735; Issue ID: MSV-4539.

CVE-2025-20777
(0 None)

EPSS: 0.00%

updated 2025-12-02T03:16:19.483000

1 posts

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752.

CVE-2025-20776
(0 None)

EPSS: 0.00%

updated 2025-12-02T03:16:19.343000

1 posts

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759.

CVE-2025-12529
(8.8 HIGH)

EPSS: 0.00%

updated 2025-12-02T03:16:15.657000

2 posts

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() function in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to inject arbitrary file paths into the orders that are removed, when an administrator deletes them. This can lead to remote code execu

CVE-2025-64312
(4.9 MEDIUM)

EPSS: 0.01%

updated 2025-12-02T02:37:47.483000

1 posts

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58311
(5.8 MEDIUM)

EPSS: 0.01%

updated 2025-12-02T02:37:17.267000

1 posts

UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2025-58304
(4.9 MEDIUM)

EPSS: 0.01%

updated 2025-12-02T02:35:50.833000

1 posts

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58310
(8.0 HIGH)

EPSS: 0.01%

updated 2025-12-02T02:28:19.720000

1 posts

Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58303
(8.4 HIGH)

EPSS: 0.01%

updated 2025-12-02T02:26:52.710000

1 posts

UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66400(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T01:25:47

1 posts

### Impact Multiple (unprefixed) classnames could be added in markdown source by using character references. This could make rendered user supplied markdown `code` elements appear like the rest of the page. The following markdown: ````markdown ```js&#x20;xss ``` ```` Would create `<pre><code class="language-js xss"></code></pre>` If your page then applied `.xss` classes (or listeners in JS), th

CVE-2025-66294(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T01:25:16

1 posts

### Summary A Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by unauthenticated attackers. This vulnerability stems from weak regex validation in the `cleanDangerousTwig` method. ### Important - First of all this vulnerabi

CVE-2025-66297(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T01:24:20

1 posts

### Summary A user with admin panel access and permissions to create or edit pages in Grav CMS can enable Twig processing in the page frontmatter. By injecting malicious Twig expressions, the user can escalate their privileges to admin or execute arbitrary system commands via the scheduler API. This results in both Privilege Escalation (PE) and Remote Code Execution (RCE) vulnerabilities. ### Det

CVE-2025-66410(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T01:08:48

2 posts

### Impact Attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder The affected code:  Affected interfaces: /api/fileUploadAndDownload/removeChunk POC: You can specify the Fil

CVE-2025-66405(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T01:08:38

1 posts

### Summary The gateway determines the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF (CWE-918) attack ### Impact This vulnerability can be exploited to force the server to make requests to arbitrary hosts on the internal n

CVE-2025-66415(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T00:39:01

1 posts

### Summary By crafting a malicious URL, an attacker could access routes that are not allowed, even though the `reply.from` is defined for specific routes in `@fastify/reply-from`. ### Details An attacker can bypass the route defined by the `@fastify/reply-from` package by adding a `..` symbol, which, for `curl` version `8.7.1`, is `%2e%2e`. ### Impact Everyone is using this package with the r

CVE-2025-66302
(6.8 MEDIUM)

EPSS: 0.00%

updated 2025-12-02T00:38:42

1 posts

### Summary ``` A path traversal vulnerability has been identified in Grav CMS, versions 1.7.49.5 , allowing authenticated attackers with administrative privileges to read arbitrary files on the underlying server filesystem. This vulnerability arises due to insufficient input sanitization in the backup tool, where user-supplied paths are not properly restricted, enabling access to files outside

CVE-2025-66312(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T00:37:40

1 posts

## Summary A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `/admin/accounts/groups/Grupo` endpoint of the _Grav_ application. This vulnerability allows attackers to inject malicious scripts into the `data[readableName]` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant s

CVE-2025-66303
(4.9 MEDIUM)

EPSS: 0.00%

updated 2025-12-02T00:37:00

1 posts

# DOS on the admin panel **Severity Rating:** Medium **Vector:** Denial Of Service **CVE:** XXX **CWE:** 400 - Uncontrolled Resource Consumption **CVSS Score:** 4.9 **CVSS Vector:** CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H ## Analysis A Denial of Service (DoS) vulnerability has been identified in the application related to the handling of `scheduled_at` parameters. Specifically, the ap

CVE-2025-66301(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-02T00:36:52

2 posts

### Summary Due to a broken access control vulnerability in the `/admin/pages/{page_name}` endpoint, an editor ( user with full permissions to pages ) can change the functionality of a form after submission. ### Details Due to improper authorization checks when modifying critical fields on a POST request to `/admin/pages/{page_name}`, an editor with only permissions to change basic content on the

CVE-2025-66300
(8.5 HIGH)

EPSS: 0.00%

updated 2025-12-02T00:36:45

2 posts

### Summary - A low privilege user account with page editing privilege can read any server files using "Frontmatter" form. - This includes Grav user account files - /grav/user/accounts/*.yaml. This file stores hashed user password, 2FA secret, and the password reset token. - This can allow an adversary to compromise any registered account by resetting a password for a user to get access to the pa

CVE-2025-66299
(8.8 HIGH)

EPSS: 0.00%

updated 2025-12-02T00:36:36

1 posts

## Summary Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassing the existing security sandbox. ## Details Grav CMS uses a custom sandbox to protect the powerful Twig methods such as `registerUndefinedFilterCallback()`. These methods are designed to prevent SSTI attac

CVE-2025-66296
(8.8 HIGH)

EPSS: 0.00%

updated 2025-12-02T00:35:20

1 posts

### Summary A privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users. A user with the create user permission can create a new account using the same username as an existing administrator account, set a new password/email, and then log in as that administrator. This effectively allows privilege escalation from limite

CVE-2025-13804
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-02T00:33:13

1 posts

A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler. Performing manipulation results in information disclosure. The attack may be initiated remotely. The exploi

CVE-2025-13805
(3.7 LOW)

EPSS: 0.03%

updated 2025-12-02T00:33:12

1 posts

A weakness has been identified in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This affects the function getInputStream of the file nutzcloud/nutzcloud-literpc/src/main/java/org/nutz/boot/starter/literpc/impl/endpoint/http/HttpServletRpcEndpoint.java of the component LiteRpc-Serializer. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized b

CVE-2025-66421
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-02T00:31:26

1 posts

Tryton sao (aka tryton-sao) before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69.

CVE-2025-66422
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-12-02T00:30:19

1 posts

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

CVE-2025-66221(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-12-02T00:27:38

1 posts

Werkzeug's `safe_join` function allows path segments with Windows device names. On Windows, there are special device names such as `CON`, `AUX`, etc that are implicitly present and readable in every directory. `send_from_directory` uses `safe_join` to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special d

CVE-2025-66371
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T23:57:55

1 posts

Peppol-py before 1.1.1 allows XXE attacks because of the Saxon configuration. When validating XML-based invoices, the XML parser could read files from the filesystem and expose their content to a remote host.

CVE-2025-12421
(10.0 CRITICAL)

EPSS: 0.07%

updated 2025-12-01T23:57:11

1 posts

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-

CVE-2025-12419
(10.0 CRITICAL)

EPSS: 0.07%

updated 2025-12-01T23:57:00

1 posts

Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via manipulation of authentication data during the OAuth completion flow. This requires email verification to be disabled (de

CVE-2025-66412
(0 None)

EPSS: 0.00%

updated 2025-12-01T23:15:53.890000

2 posts

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in secu

CVE-2025-66401
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T23:15:53.227000

3 posts

MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host mach

CVE-2025-13837(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-01T21:31:32

1 posts

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

CVE-2025-65408
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T21:31:28

2 posts

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.

CVE-2025-65406
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T21:31:28

2 posts

A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file.

CVE-2025-65405
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T21:31:28

1 posts

A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.

CVE-2025-13792
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T21:31:28

1 posts

A security flaw has been discovered in Qualitor 8.20/8.24. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. The vendor was contacted early about t

CVE-2025-12106
(9.1 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T21:31:27

2 posts

Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses

CVE-2025-34297(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-01T21:30:33

2 posts

KissFFT versions prior to the fix commit 1b083165 contain an integer overflow in kiss_fft_alloc() in kiss_fft.c on platforms where size_t is 32-bit. The nfft parameter is not validated before being used in a size calculation (sizeof(kiss_fft_cpx) * (nfft - 1)), which can wrap to a small value when nfft is large. As a result, malloc() allocates an undersized buffer and the subsequent twiddle-factor

CVE-2025-63533
(8.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T21:30:27

1 posts

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the rname, remail, rpassword, rphone, rcity parameters, which are then executed in the v

CVE-2025-66295
(8.8 HIGH)

EPSS: 0.00%

updated 2025-12-01T21:15:53

1 posts

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, when a user with privilege of user creation creates a new user through the Admin UI and supplies a username containing path traversal sequences (for example ..\Nijat or ../Nijat), Grav writes the account YAML file to an unintended path outside user/accounts/. The written YAML can contain account fields such as email, fullname, twofa_secret

CVE-2025-66372
(2.8 LOW)

EPSS: 0.01%

updated 2025-12-01T20:46:22

1 posts

Mustang before 2.16.3 allows exfiltrating files via XXE attacks.

CVE-2025-65404
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T20:15:55.403000

1 posts

A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.

CVE-2025-65403
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T20:15:55.257000

1 posts

A buffer overflow in the g_cfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2024-56089
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T20:15:48.963000

1 posts

An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack.

CVE-2025-63532
(9.6 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T19:15:51.927000

1 posts

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

CVE-2025-2879
(5.1 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T19:15:50.240000

1 posts

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architectu

CVE-2025-13836
(0 None)

EPSS: 0.00%

updated 2025-12-01T19:15:49.770000

1 posts

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

CVE-2025-58408
(5.9 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T18:31:39

1 posts

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in which the reference counts can become unbalanced. This can lead to the premature destruction of a resourc

CVE-2025-35028
(9.1 CRITICAL)

EPSS: 0.03%

updated 2025-12-01T18:31:39

2 posts

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There is no attempt to sanitize these arguments in the default configuration of this MCP server at the affec

CVE-2025-13835
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T18:30:46

1 posts

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tyche Softwares Arconix Shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through 2.1.19.

CVE-2025-13653
(4.3 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T18:30:45

1 posts

In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges.

CVE-2025-7007
(7.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:45

2 posts

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3.

CVE-2025-26858
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:45

1 posts

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.

CVE-2025-63534
(8.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and error parameters, which are then executed in the victim's browser when the page is viewed.

CVE-2025-55221
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus TCP over port 502.

CVE-2025-55222
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus RTU over TCP on port 503.

CVE-2025-10101
(8.2 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

2 posts

Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025.

CVE-2024-48894
(5.9 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

CVE-2024-53684
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability.

CVE-2025-20085
(7.2 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2025-6349
(5.1 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T18:30:37

1 posts

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

2 repos

https://github.com/xryptoh/CVE-2025-63499

https://github.com/xryptoh/CVE-2025-63498

CVE-2025-65794
(0 None)

EPSS: 0.00%

updated 2025-12-01T17:15:50.657000

1 posts

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2025-65793
(0 None)

EPSS: 0.00%

updated 2025-12-01T17:15:50.547000

1 posts

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2025-63535
(9.6 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T17:15:49.927000

1 posts

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The application fails to properly sanitize usersupplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

CVE-2025-23417
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T17:15:49.037000

1 posts

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2024-49572
(7.2 HIGH)

EPSS: 0.00%

updated 2025-12-01T17:15:48.330000

1 posts

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2024-48882
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T17:15:48.110000

1 posts

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2024-45370
(7.3 HIGH)

EPSS: 0.00%

updated 2025-12-01T17:15:47.987000

1 posts

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability.

CVE-2025-8351
(9.0 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T16:15:57.857000

2 posts

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.

CVE-2025-3500
(9.0 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T16:15:53.023000

3 posts

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

1 repos

https://github.com/chicken3962/CVE-2025-3500-Poc

CVE-2025-66219(CVSS UNKNOWN)

EPSS: 0.53%

updated 2025-12-01T16:06:58

1 posts

willitmerge describes itself as a command line tool to check if pull requests are mergeable. There is a Command Injection vulnerability in version `willitmerge@0.2.1`. Resources: * Project's GitHub source code: https://github.com/shama/willitmerge/ * Project's npm package: https://www.npmjs.com/package/willitmerge ## Background on exploitation Reporting a Command Injection vulnerability in `

CVE-2025-13296
(5.4 MEDIUM)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

Cross-Site Request Forgery (CSRF) vulnerability in Tekrom Technology Inc. T-Soft E-Commerce allows Cross Site Request Forgery.This issue affects T-Soft E-Commerce: through 28112025.

CVE-2025-8045
(4.0 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T15:39:33.110000

1 posts

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

CVE-2025-59789
(7.5 HIGH)

EPSS: 0.06%

updated 2025-12-01T15:39:33.110000

1 posts

Uncontrolled recursion in the json2pb component in Apache bRPC (version < 1.15.0) on all platforms allows remote attackers to make the server crash via sending deep recursive json data. Root Cause: The bRPC json2pb component uses rapidjson to parse json data from the network. The rapidjson parser uses a recursive parsing method by default. If the input json has a large depth of recursive structur

CVE-2025-41070
(0 None)

EPSS: 0.05%

updated 2025-12-01T15:39:33.110000

1 posts

Reflected Cross-site Scripting (XSS) vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetes_varies.php'. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

CVE-2025-61619
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61617
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61609
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-3012
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-11133
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-13807
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineKeyController.java of the component API. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be

CVE-2025-13806
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation of the argument from/to/wei leads to improper authorization. Remote exploitation of the attack is poss

CVE-2025-13803
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be launched remotely.

CVE-2025-13799
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function ap_macfilter_del of the file /send_order.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond

CVE-2025-13798
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T15:39:33.110000

1 posts

A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function ap_macfilter_add of the file /send_order.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13795
(2.4 LOW)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the public and

CVE-2025-13791
(6.3 MEDIUM)

EPSS: 0.05%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respo

CVE-2025-13789
(6.3 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was found in ZenTao up to 21.7.6-8564. This affects the function makeRequest of the file module/ai/model.php. The manipulation of the argument Base results in server-side request forgery. The attack can be launched remotely. The exploit has been made public and could be used. Upgrading to version 21.7.6 mitigates this issue. It is suggested to upgrade the affected component.

CVE-2025-13788
(7.3 HIGH)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13787
(5.4 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack remotely. Upgrading to version 21.7.7 is sufficient to fix this issue. You should upgrade the affected comp

CVE-2025-13784
(2.4 LOW)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted ear

CVE-2025-66423
(7.1 HIGH)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

CVE-2025-13782
(7.3 HIGH)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.class.php of the component SlideController. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be use

CVE-2025-66424
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for data export. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

CVE-2025-66420
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Tryton sao (aka tryton-sao) before 7.6.9 allows XSS via an HTML attachment. This is fixed in 7.6.9, 7.4.19, 7.0.38, and 6.0.67.

CVE-2025-6666
(2.0 LOW)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was determined in motogadget mo.lock Ignition Lock up to 20251125. Affected by this vulnerability is an unknown functionality of the component NFC Handler. Executing manipulation can lead to use of hard-coded cryptographic key . The physical device can be targeted for the attack. A high complexity level is associated with this attack. The exploitation appears to be difficult. The

1 repos

https://github.com/anderruiz/CVE-2025-666666

CVE-2025-66289
(0 None)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

2 posts

OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application does not invalidate existing sessions when a user is disabled or when a password change occurs, allowing active session cookies to remain valid indefinitely. As a result, a disabled user, or an attacker using a compromised account, can continue to access protected pages and perform operati

CVE-2025-65540
(6.1 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T15:39:33.110000

1 posts

Multiple Cross-Site Scripting (XSS) vulnerabilities exist in xmall v1.1 due to improper handling of user-supplied data. User input fields such as username and description are directly rendered into HTML without proper sanitization or encoding, allowing attackers to inject and execute malicious scripts.

CVE-2025-66223
(0 None)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

2 posts

OpenObserve is a cloud-native observability platform. Prior to version 0.16.0, organization invitation tokens do not expire once issued, remain valid even after the invited user is removed from the organization, and allow multiple invitations to the same email with different roles where all issued links remain valid simultaneously. This results in broken access control where a removed or demoted u

CVE-2025-66201
(0 None)

EPSS: 0.08%

updated 2025-12-01T15:39:33.110000

2 posts

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.1-rc2, LibreChat is vulnerable to Server-side Request Forgery (SSRF), by passing specially crafted OpenAPI specs to its "Actions" feature and making the LLM use those actions. It could be used by an authenticated user with access to this feature to access URLs only accessible to the LibreChat server (such as cloud metadata

CVE-2025-53900
(6.5 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T15:39:33.110000

1 posts

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, an unfavourable definition of roles and permissions in Kiteworks MFT on managing Connections could lead to unexpected escalation of privileges for authorized users. This issue has been patched in version 9.1.0.

CVE-2025-53899
(7.2 HIGH)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances to intercept upstream communication which could lead to an escalation of privileges. This issue has been

CVE-2025-58436
(5.1 MEDIUM)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15.

CVE-2025-13683
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.

CVE-2025-51736
(6.3 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-51735
(7.5 HIGH)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-12638
(8.0 HIGH)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

2 posts

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a

CVE-2025-66359
(8.5 HIGH)

EPSS: 0.05%

updated 2025-12-01T15:39:33.110000

2 posts

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.

CVE-2025-65892
(6.1 MEDIUM)

EPSS: 0.06%

updated 2025-12-01T15:31:24

1 posts

Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled.

CVE-2025-13797
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T15:30:17

1 posts

A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swifimac results in command injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respon

CVE-2025-13768
(7.5 HIGH)

EPSS: 0.15%

updated 2025-12-01T14:39:31.940000

1 posts

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.

CVE-2025-13770
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T14:38:59.533000

1 posts

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

CVE-2025-13771
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T14:23:55.363000

1 posts

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

CVE-2025-41739
(5.9 MEDIUM)

EPSS: 0.08%

updated 2025-12-01T12:30:34

1 posts

An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service.

CVE-2025-41700
(7.8 HIGH)

EPSS: 0.02%

updated 2025-12-01T12:30:34

1 posts

An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.

CVE-2025-41738
(7.5 HIGH)

EPSS: 0.08%

updated 2025-12-01T12:30:33

1 posts

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.

CVE-2025-61618
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:38

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61610
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:38

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61608
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:38

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-13814
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T09:30:38

1 posts

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not r

CVE-2025-61607
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:37

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-13808
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T06:30:36

1 posts

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability is the function update of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/UserController.java of the component User Profile Handler. This manipulation of the argument ID causes improper authorization. The attack is possible to be carried out remot

CVE-2025-13800
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T03:30:32

1 posts

A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the file /send_order.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13802
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T03:30:32

1 posts

A vulnerability was determined in jairiidriss RestaurantWebsite up to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654. Impacted is an unknown function of the component Make a Reservation. This manipulation of the argument selected_date causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases i

CVE-2025-64772
(7.8 HIGH)

EPSS: 0.01%

updated 2025-12-01T03:30:31

2 posts

The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

CVE-2025-13796
(6.3 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T00:30:27

1 posts

A security vulnerability has been detected in deco-cx apps up to 0.120.1. Affected by this vulnerability is the function AnalyticsScript of the file website/loaders/analyticsScript.ts of the component Parameter Handler. Such manipulation of the argument url leads to server-side request forgery. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Upgrading

1 repos

https://github.com/0xcucumbersalad/CVE-2025-13796-PoC

CVE-2025-13793
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T18:30:18

1 posts

A weakness has been identified in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some unknown functionality of the file /includes/header_menu.php of the component GET Parameter Handler. Executing manipulation of the argument Error can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to

CVE-2025-13790
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-11-30T15:30:28

1 posts

A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13786
(7.3 HIGH)

EPSS: 0.05%

updated 2025-11-30T09:30:19

1 posts

A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no

CVE-2025-13785
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T09:30:19

1 posts

A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5. This issue affects some unknown processing of the file /user/profile of the component Image Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosur

CVE-2025-13783
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T06:32:09

1 posts

A security flaw has been discovered in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of the file application/Comment/Controller/CommentadminController.class.php of the component CommentadminController. The manipulation of the argument ids results in sql injection. The attack can be executed remotely. The exploit has been released to the

CVE-2025-66433
(4.2 MEDIUM)

EPSS: 0.01%

updated 2025-11-30T06:32:09

1 posts

HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3.

CVE-2025-66432
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T06:32:09

1 posts

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date.

CVE-2025-13615
(9.8 CRITICAL)

EPSS: 0.11%

updated 2025-11-30T03:30:32

2 posts

The StreamTube Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 4.78. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. Note: T

1 repos

https://github.com/blossombutt4063/CVE-2025-13615

CVE-2025-12559
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T23:11:55.537000

1 posts

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint

CVE-2021-26829
(5.4 MEDIUM)

EPSS: 52.13%

updated 2025-11-28T21:31:18

6 posts

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.

CVE-2025-51734
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T18:31:27

1 posts

Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-51733
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T18:31:27

1 posts

Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-12183(CVSS UNKNOWN)

EPSS: 0.15%

updated 2025-11-28T18:30:32

2 posts

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.

CVE-2025-59790
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T18:30:24

1 posts

Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

CVE-2025-59792
(5.3 MEDIUM)

EPSS: 0.02%

updated 2025-11-28T18:30:24

1 posts

Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

CVE-2025-33187
(9.3 CRITICAL)

EPSS: 0.01%

updated 2025-11-28T15:30:47.670000

1 posts

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of privileges.

CVE-2025-11156(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-28T15:30:36

1 posts

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash (Blue-Screen-of-Death) and resulting in a Denial of Service (DoS) for the affected machine.

CVE-2025-12143
(6.1 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T12:30:28

1 posts

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.

CVE-2025-66385(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T09:30:22

2 posts

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a higher role such as admin) via the user-edit endpoint by supplying or modifying role_id or organisation_id fields in the edit request.

CVE-2025-13769
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T09:30:22

1 posts

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

CVE-2025-66386
(4.1 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T09:30:22

1 posts

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.

CVE-2025-66384
(8.2 HIGH)

EPSS: 0.03%

updated 2025-11-28T09:30:17

2 posts

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmp_name.

CVE-2025-58308
(7.3 HIGH)

EPSS: 0.01%

updated 2025-11-28T06:32:10

1 posts

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2025-58305
(6.2 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T06:32:10

1 posts

Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58302
(8.4 HIGH)

EPSS: 0.01%

updated 2025-11-28T06:32:09

2 posts

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-13737
(4.3 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T06:32:09

1 posts

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink the user's social login via a forged request granted they can trick a site administrator into performing

CVE-2025-66370
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T06:32:07

1 posts

Kivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD format, it is possible to read and exfiltrate files from the server's filesystem.

CVE-2025-64314
(9.4 CRITICAL)

EPSS: 0.01%

updated 2025-11-28T03:30:33

2 posts

Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2025-66360(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T00:30:28

1 posts

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

CVE-2025-66361(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T00:30:27

1 posts

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.

CVE-2025-13338
(0 None)

EPSS: 0.00%

updated 2025-11-27T23:15:50.550000

1 posts

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-41115
(10.0 CRITICAL)

EPSS: 0.02%

updated 2025-11-27T08:40:01

1 posts

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric ext

1 repos

https://github.com/Ashwesker/Blackash-CVE-2025-41115

CVE-2025-12003
(0 None)

EPSS: 0.26%

updated 2025-11-25T22:16:16.690000

1 posts

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59365
(0 None)

EPSS: 0.05%

updated 2025-11-25T22:16:16.690000

1 posts

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59370
(0 None)

EPSS: 0.73%

updated 2025-11-25T22:16:16.690000

1 posts

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-58360
(8.2 HIGH)

EPSS: 10.15%

updated 2025-11-25T22:16:16.690000

1 posts

GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define extern

Nuclei template

2 repos

https://github.com/Ashwesker/Blackash-CVE-2025-58360

https://github.com/quyenheu/CVE-2025-58360

CVE-2025-59366(CVSS UNKNOWN)

EPSS: 0.12%

updated 2025-11-25T09:31:31

1 posts

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware section on the ASUS Security Advisory for more information.

CVE-2025-59369(CVSS UNKNOWN)

EPSS: 0.13%

updated 2025-11-25T09:31:31

1 posts

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59368(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-25T09:31:31

1 posts

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59372(CVSS UNKNOWN)

EPSS: 0.20%

updated 2025-11-25T09:31:30

1 posts

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59371(CVSS UNKNOWN)

EPSS: 0.18%

updated 2025-11-25T09:31:30

1 posts

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-60709
(7.8 HIGH)

EPSS: 0.05%

updated 2025-11-11T18:30:30

1 posts

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-59287
(9.8 CRITICAL)

EPSS: 60.32%

updated 2025-11-11T15:32:22

1 posts

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Nuclei template

22 repos

https://github.com/esteban11121/WSUS-RCE-Mitigation-59287

https://github.com/dexterm300/cve-2025-59287-exploit-poc

https://github.com/0x7556/CVE-2025-59287

https://github.com/keeganparr1/CVE-2025-59287-hawktrace

https://github.com/QurtiDev/WSUS-CVE-2025-59287-RCE

https://github.com/garvitv14/CVE-2025-59287

https://github.com/th1n0/CVE-2025-59287

https://github.com/Lupovis/Honeypot-for-CVE-2025-59287-WSUS

https://github.com/RadzaRr/WSUSResponder

https://github.com/N3k0t-dev/PoC-CVE-collection

https://github.com/mrmtwoj/WSUS-Patch-Level-Scanner-A-Lightweight-Tool-for-Detecting-Vulnerable-Microsoft-WSUS-Deployments

https://github.com/Twodimensionalitylevelcrossing817/CVE-2025-59287

https://github.com/AdityaBhatt3010/CVE-2025-59287-When-your-patch-server-becomes-the-attack-vector

https://github.com/0xBruno/WSUSploit.NET

https://github.com/tecxx/CVE-2025-59287-WSUS

https://github.com/Adel-kaka-dz/cve-2025-59287

https://github.com/M507/CVE-2025-59287-PoC

https://github.com/mrk336/Breaking-the-Update-Chain-Inside-CVE-2025-59287-and-the-WSUS-RCE-Threat

https://github.com/mubix/Find-WSUS

https://github.com/fsanzmoya/wsus_CVE-2025-59287

https://github.com/FurkanKAYAPINAR/CVE-2025-59287

https://github.com/jiansiting/CVE-2025-59287

CVE-2025-53770
(9.8 CRITICAL)

EPSS: 87.49%

updated 2025-10-27T17:12:40.607000

1 posts

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation

Nuclei template

45 repos

https://github.com/soltanali0/CVE-2025-53770-Exploit

https://github.com/RukshanaAlikhan/CVE-2025-53770

https://github.com/GreenForceNetworks/Toolshell_CVE-2025-53770

https://github.com/imbas007/CVE-2025-53770-Vulnerable-Scanner

https://github.com/Michaael01/LetsDefend--SOC-342-CVE-2025-53770-SharePoint-Exploit-ToolShell

https://github.com/go-bi/sharepoint-CVE-2025-53770

https://github.com/BirdsAreFlyingCameras/CVE-2025-53770_Raw-HTTP-Request-Generator

https://github.com/bitsalv/ToolShell-Honeypot

https://github.com/Sec-Dan/CVE-2025-53770-Scanner

https://github.com/ghostn4444/CVE-2025-53770

https://github.com/unk9vvn/sharepoint-toolpane

https://github.com/exfil0/CVE-2025-53770

https://github.com/3a7/CVE-2025-53770

https://github.com/0xh3g4z1/CVE-2025-53770-SharePoint-RCE

https://github.com/Rabbitbong/OurSharePoint-CVE-2025-53770

https://github.com/r3xbugbounty/CVE-2025-53770

https://github.com/zach115th/ToolShellFinder

https://github.com/0x-crypt/CVE-2025-53770-Scanner

https://github.com/MuhammadWaseem29/CVE-2025-53770

https://github.com/CyprianAtsyor/ToolShell-CVE-2025-53770-SharePoint-Exploit-Lab-LetsDefend

https://github.com/n1chr0x/ZeroPoint

https://github.com/Cameloo1/sharepoint-toolshell-micro-postmortem

https://github.com/daryllundy/CVE-2025-53770

https://github.com/Ashwesker/Blackash-CVE-2025-53770

https://github.com/bossnick98/-SOC342---CVE-2025-53770-SharePoint-ToolShell-Auth-Bypass-and-RCE

https://github.com/nisargsuthar/suricata-rule-CVE-2025-53770

https://github.com/victormbogu1/LetsDefend-SOC342-CVE-2025-53770-SharePoint-ToolShell-Auth-Bypass-andRCE-EventID-320

https://github.com/bharath-cyber-root/sharepoint-toolshell-cve-2025-53770

https://github.com/siag-itsec/CVE-2025-53770-Hunting

https://github.com/hazcod/CVE-2025-53770

https://github.com/Bluefire-Redteam-Cybersecurity/bluefire-sharepoint-cve-2025-53770

https://github.com/tripoloski1337/CVE-2025-53770-scanner

https://github.com/paolokappa/SharePointSecurityMonitor

https://github.com/harryhaxor/CVE-2025-53770-SharePoint-Deserialization-RCE-PoC

https://github.com/grupooruss/CVE-2025-53770-Checker

https://github.com/saladin0x1/CVE-2025-53770

https://github.com/0xray5c68616e37/cve-2025-53770

https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

https://github.com/Udyz/CVE-2025-53770-Exploit

https://github.com/Agampreet-Singh/CVE-2025-53770

https://github.com/behnamvanda/CVE-2025-53770-Checker

https://github.com/kaizensecurity/CVE-2025-53770

https://github.com/Immersive-Labs-Sec/SharePoint-CVE-2025-53770-POC

https://github.com/AdityaBhatt3010/CVE-2025-53770-SharePoint-Zero-Day-Variant-Exploited-for-Full-RCE

https://github.com/ZephrFish/CVE-2025-53770-Scanner

CVE-2025-6543
(9.8 CRITICAL)

EPSS: 2.04%

updated 2025-10-22T00:34:22

1 posts

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

4 repos

https://github.com/abrewer251/CVE-2025-6543_CitrixNetScaler_PoC

https://github.com/lex1010/CVE-2025-6543

https://github.com/fox-it/citrix-netscaler-triage

https://github.com/grupooruss/Citrix-cve-2025-6543

CVE-2024-54085
(9.8 CRITICAL)

EPSS: 12.64%

updated 2025-10-22T00:33:14

1 posts

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

1 repos

https://github.com/Mr-Zapi/CVE-2024-54085

CVE-2019-1367
(7.5 HIGH)

EPSS: 89.26%

updated 2025-10-22T00:32:47

1 posts

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221.

1 repos

https://github.com/mandarenmanman/CVE-2019-1367

CVE-2023-7304(CVSS UNKNOWN)

EPSS: 3.26%

updated 2025-10-15T03:30:51

1 posts

Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmc_sync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the host. Successful exploitation can yield full control of the application process and may lead to syste

CVE-2025-59821
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-09-29T12:58:27.157000

1 posts

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.1.0, DNN’s URL/path handling and template rendering can allow specially crafted input to be reflected into a user profile that is returned to the browser. In these cases, the application does not sufficiently neutralize or encode characters that are meaningful in HTML,

CVE-2025-53771
(6.5 MEDIUM)

EPSS: 33.90%

updated 2025-08-14T17:29:05.870000

1 posts

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Nuclei template

2 repos

https://github.com/zach115th/ToolShellFinder

https://github.com/unk9vvn/sharepoint-toolpane

CVE-2025-66448
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-66403
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-66313
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-66206
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-66205
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-48572
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-48633
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-61260
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-66291
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-66290
(0 None)

EPSS: 0.03%

1 posts

N/A

CVE-2025-66225
(0 None)

EPSS: 0.04%

2 posts

N/A

CVE-2025-66224
(0 None)

EPSS: 0.07%

2 posts

N/A

CVE-2025-66217
(0 None)

EPSS: 0.31%

1 posts

N/A

CVE-2025-66216
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-65112
(0 None)

EPSS: 0.07%

1 posts

N/A

CVE-2025-53939
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-53897
(0 None)

EPSS: 0.01%

1 posts

N/A

CVE-2025-53896
(0 None)

EPSS: 0.01%

1 posts

N/A

CVE-2025-13086
(0 None)

EPSS: 0.00%

1 posts

N/A