CVE-2025-62220
(8.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:31

1 posts

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.

CVE-2025-60724
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-11-11T18:30:30

1 posts

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

CVE-2025-60715
(8.0 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:30

1 posts

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

CVE-2025-59499
(8.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:25

1 posts

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

CVE-2025-30398
(8.1 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:25

1 posts

Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.

CVE-2025-33178
(7.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:25

1 posts

NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information disclosure, and Data tampering.

CVE-2025-33202
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-11-11T18:30:25

1 posts

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-33185
(5.3 MEDIUM)

EPSS: 0.00%

updated 2025-11-11T18:30:25

1 posts

NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure.  A successful exploit of this vulnerability may lead to information disclosure.

CVE-2025-33186
(8.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:24

1 posts

NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, information disclosure, and data tampering.

CVE-2025-23357
(7.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:24

1 posts

NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering.

CVE-2025-62211
(8.7 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:23

1 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.

CVE-2025-62210
(8.7 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:23

1 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.

CVE-2025-62204
(8.0 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:23

1 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVE-2025-61831
(7.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:30:23

1 posts

Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-62452
(8.0 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:15:50.250000

1 posts

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

CVE-2025-62222
(8.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T18:15:49.887000

1 posts

Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.

CVE-2025-43079
(6.3 MEDIUM)

EPSS: 0.01%

updated 2025-11-11T18:15:35.277000

1 posts

The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to Linux supported versions that invoked multiple system commands without using absolute paths and without sanitizing the $PATH environment. If the uninstall script is executed with elevated privileges (e.g., via sudo) in an environment where $PATH has been manipulated, an attacker with root/sudo privileges

CVE-2025-23361
(7.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T17:15:41.260000

1 posts

NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

CVE-2025-64773
(2.7 LOW)

EPSS: 0.00%

updated 2025-11-11T16:15:40.260000

1 posts

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit

CVE-2025-10918
(7.1 HIGH)

EPSS: 0.00%

updated 2025-11-11T16:15:38.113000

2 posts

Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk

CVE-2025-11959
(8.1 HIGH)

EPSS: 0.00%

updated 2025-11-11T15:31:27

2 posts

Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse.This issue affects Excavation Management Information System: before v.10.2025.01.

CVE-2024-57695(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:27

1 posts

An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.

CVE-2025-9227
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-11-11T15:31:27

1 posts

Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.

CVE-2025-12101(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:27

1 posts

Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

CVE-2025-41103(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:27

1 posts

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'reply_message' in '/messages/reply'.

CVE-2025-11697(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:26

2 posts

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.

CVE-2025-11085(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:26

2 posts

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website.

CVE-2025-10161
(7.3 HIGH)

EPSS: 0.00%

updated 2025-11-11T15:31:26

1 posts

Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Technologies Inc. Perfektive allows Brute Force, Authentication Bypass, Functionality Bypass.This issue affects Perfektive: before Version: 12574 Build: 2701.

1 repos

https://github.com/FeZqq/CVE-2025-10161

CVE-2025-11696(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:21

2 posts

A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.

CVE-2025-41105(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:21

1 posts

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/tickets/save'.

CVE-2025-41104(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T15:31:20

1 posts

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'custom_field_1' in '/estimate_requests/save_estimate_request'.

CVE-2025-9223
(8.8 HIGH)

EPSS: 0.00%

updated 2025-11-11T14:15:35.507000

2 posts

Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature.

1 repos

https://github.com/networkkiller/CVE-2025-9223

CVE-2025-11862
(0 None)

EPSS: 0.00%

updated 2025-11-11T14:15:34.933000

2 posts

A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.

CVE-2025-8324
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-11-11T13:15:45.443000

2 posts

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration.

CVE-2025-64457
(0 None)

EPSS: 0.00%

updated 2025-11-11T13:15:45.183000

1 posts

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority while details are being clarified. A corrected record will be published once verification is complete.

CVE-2025-41106
(0 None)

EPSS: 0.00%

updated 2025-11-11T13:15:45.037000

1 posts

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.

CVE-2025-12846
(8.8 HIGH)

EPSS: 0.10%

updated 2025-11-11T12:30:25

1 posts

The Blocksy Companion plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 2.1.19. This is due to insufficient file type validation detecting SVG files, allowing double extension files to bypass sanitization while being accepted as a valid SVG file. This makes it possible for authenticated attackers, with author level access and above, to

CVE-2025-12539
(10.0 CRITICAL)

EPSS: 0.19%

updated 2025-11-11T12:30:25

1 posts

The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials (hostname, username, and API key) in files within the web-accessible wp-content directory without adequate protection in the "Tnc_Wp_Toolbox_Settings::save_settings" function. This makes it possib

1 repos

https://github.com/Nxploited/CVE-2025-12539

CVE-2025-41101(CVSS UNKNOWN)

EPSS: 0.05%

updated 2025-11-11T12:30:25

1 posts

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'.

CVE-2025-11960
(6.1 MEDIUM)

EPSS: 0.03%

updated 2025-11-11T12:30:25

1 posts

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aryom Software High Technology Systems Inc. KVKNET allows Reflected XSS.This issue affects KVKNET: before 2.1.8.

CVE-2025-7633
(7.3 HIGH)

EPSS: 0.03%

updated 2025-11-11T12:30:25

1 posts

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report.

CVE-2025-41102
(0 None)

EPSS: 0.05%

updated 2025-11-11T12:15:34.713000

1 posts

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.

CVE-2025-9055
(6.4 MEDIUM)

EPSS: 0.01%

updated 2025-11-11T09:30:41

1 posts

The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account.

CVE-2025-8998
(3.1 LOW)

EPSS: 0.04%

updated 2025-11-11T09:30:41

1 posts

It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account.

CVE-2025-6779
(6.7 MEDIUM)

EPSS: 0.03%

updated 2025-11-11T09:30:36

1 posts

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CVE-2025-5452
(6.6 MEDIUM)

EPSS: 0.04%

updated 2025-11-11T09:30:36

1 posts

A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege escalation of the malicious ACAP application. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACA

CVE-2025-5718
(6.8 MEDIUM)

EPSS: 0.04%

updated 2025-11-11T09:30:36

1 posts

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CVE-2025-5454
(6.4 MEDIUM)

EPSS: 0.01%

updated 2025-11-11T09:30:36

1 posts

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CVE-2025-10714
(8.4 HIGH)

EPSS: 0.01%

updated 2025-11-11T09:30:31

2 posts

AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights (administrator) to write data into the installation path of AXIS Optimizer.

CVE-2025-5317(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-11T09:30:30

1 posts

An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac (BEST) before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the application directory (/Applications/Endpoint Security for Mac.app/) and the related directories within /Libr

CVE-2025-4645
(6.7 MEDIUM)

EPSS: 0.02%

updated 2025-11-11T09:30:30

1 posts

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CVE-2025-9524
(4.3 MEDIUM)

EPSS: 0.06%

updated 2025-11-11T08:15:35.213000

1 posts

The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.

CVE-2025-7429
(7.3 HIGH)

EPSS: 0.03%

updated 2025-11-11T08:15:34.690000

1 posts

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Mails Deleted or Moved report.

CVE-2025-8108
(6.7 MEDIUM)

EPSS: 0.01%

updated 2025-11-11T07:15:36.413000

1 posts

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CVE-2025-6571
(6.0 MEDIUM)

EPSS: 0.01%

updated 2025-11-11T07:15:35.590000

1 posts

A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it.

CVE-2025-6298
(6.7 MEDIUM)

EPSS: 0.02%

updated 2025-11-11T07:15:35.397000

1 posts

ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CVE-2025-42940
(7.5 HIGH)

EPSS: 0.08%

updated 2025-11-11T03:30:36

1 posts

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact on confidentiality or integrity.

CVE-2025-42924
(6.1 MEDIUM)

EPSS: 0.05%

updated 2025-11-11T03:30:36

1 posts

SAP S/4HANA landscape SAP E-Recruiting BSP allows an unauthenticated attacker to craft malicious links, when clicked the victim could be redirected to the page controlled by the attacker. This has low impact on confidentiality and integrity of the application with no impact on availability.

CVE-2025-42899
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-11T03:30:36

1 posts

SAP S4CORE (Manage journal entries) does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application.

CVE-2025-42897
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-11T03:30:36

1 posts

Due to information disclosure vulnerability in anonymous API provided by SAP Business One (SLD), an attacker with normal user access could gain access to unauthorized information. As a result, it has a low impact on the confidentiality of the application but no impact on the integrity and availability.

CVE-2025-42894
(6.8 MEDIUM)

EPSS: 0.03%

updated 2025-11-11T03:30:36

1 posts

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system commands on the server, resulting in a complete compromise of the confidentiality, integrity, and avail

CVE-2025-42893
(6.1 MEDIUM)

EPSS: 0.05%

updated 2025-11-11T03:30:36

1 posts

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal sensitive information and perform unauthorized actions, impacting the confidentiality and integrity of web c

CVE-2025-42892
(6.8 MEDIUM)

EPSS: 0.34%

updated 2025-11-11T03:30:36

1 posts

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating system commands. Successful exploitation could lead to full compromise of the system�s confidentiality, in

CVE-2025-42887
(10.0 CRITICAL)

EPSS: 0.05%

updated 2025-11-11T03:30:36

1 posts

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availability of the system.

CVE-2025-21042
(8.8 HIGH)

EPSS: 21.58%

updated 2025-11-11T02:00:02.247000

9 posts

Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.

1 repos

https://github.com/B1ack4sh/Blackash-CVE-2025-21042

CVE-2025-42919
(5.3 MEDIUM)

EPSS: 0.11%

updated 2025-11-11T01:15:38.937000

1 posts

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URLs. An unauthenticated attacker could exploit this vulnerability by inserting arbitrary path components in the request, allowing unauthorized access to sensitive application metadata. This results in a partial compromise of the confidentiality of the

CVE-2025-42895
(6.9 MEDIUM)

EPSS: 0.02%

updated 2025-11-11T01:15:38.487000

1 posts

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability of the application.

CVE-2025-42890
(10.0 CRITICAL)

EPSS: 0.07%

updated 2025-11-11T01:15:37.820000

3 posts

SQL Anywhere Monitor (Non-GUI) baked credentials into the code,exposing the resources or functionality to unintended users and providing attackers with the possibility of arbitrary code execution.This could cause high impact on confidentiality integrity and availability of the system.

CVE-2021-4462(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-11-11T00:30:29

2 posts

Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded files can be executed because the application does not perform proper server-side validation.

CVE-2025-12542(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-11T00:30:29

1 posts

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-11892(CVSS UNKNOWN)

EPSS: 0.05%

updated 2025-11-11T00:30:28

2 posts

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege escalation and unauthorized workflow triggers. Successful exploitation requires an attacker to have access to the target GitHub Enterprise Server instance and to entice a user, while operating in sudo mod

CVE-2018-25124(CVSS UNKNOWN)

EPSS: 0.67%

updated 2025-11-11T00:30:28

2 posts

PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path' parameter. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-07 UTC.

CVE-2025-63678(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-11T00:30:28

1 posts

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file.

CVE-2025-64529
(0 None)

EPSS: 0.04%

updated 2025-11-10T23:15:42.170000

1 posts

SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions prior to 1.45.2, users who use the exclusion operator somewhere in their authorization schema; have configured their SpiceDB server such that `--write-relationships-max-updates-per-call` is bigger than 6500; and issue calls to WriteRelationships with a large enough number of u

CVE-2025-64519
(8.8 HIGH)

EPSS: 0.03%

updated 2025-11-10T23:15:41.833000

2 posts

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel (`modcp.php`). Users with moderator permissions can exploit this vulnerability by supplying a malicious `topic_id` (`t`) parameter. This allows an authenticated moderator to execute arbitrar

CVE-2025-59396
(0 None)

EPSS: 0.00%

updated 2025-11-10T23:15:41.620000

1 posts

Rejected reason: Not a security vulnerability

1 repos

https://github.com/cyberbyte000/CVE-2025-59396

CVE-2025-11578
(0 None)

EPSS: 0.05%

updated 2025-11-10T23:15:41.193000

1 posts

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker could replace system binaries during hook cleanup and execute a payload that adds their own SSH key to

CVE-2025-64512
(8.6 HIGH)

EPSS: 0.05%

updated 2025-11-10T22:15:40.067000

1 posts

Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The `CMapDB._load_data()` function in pdfminer.six uses `pickle.loads()` to deserialize pickle files. These pickle files are supposed to be

CVE-2025-12725
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-11-10T22:15:34.740000

3 posts

Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

CVE-2025-64522
(9.1 CRITICAL)

EPSS: 0.04%

updated 2025-11-10T22:10:18

2 posts

SUMMARY We have identified and verified an SSRF vulnerability where webhook URLs are not validated, allowing repository administrators to create webhooks targeting internal services, private networks, and cloud metadata endpoints. AFFECTED COMPONENTS (VERIFIED) 1. Webhook Creation (pkg/ssh/cmd/webhooks.go:125) 2. Backend CreateWebhook (pkg/backend/webhooks.go:17) 3. Backend UpdateWebhook (pkg/

CVE-2025-12779
(8.8 HIGH)

EPSS: 0.02%

updated 2025-11-10T21:31:37

3 posts

Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be able to extract another local user's authentication token from the shared client machine and access their WorkSpace. To

CVE-2025-12727(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-11-10T21:30:42

3 posts

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2025-12432
(8.8 HIGH)

EPSS: 0.06%

updated 2025-11-10T21:30:42

1 posts

Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2025-63149(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-10T21:30:42

1 posts

Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63384(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-10T21:30:42

1 posts

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET (Supervisor-mode Exception Return) instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode (M-mode) to Supervisor-mode (S-mode) as specified by the sstatus.SPP bit, the processor incorrectly remains in M-mode, leading to a critical privilege

CVE-2025-12729
(4.2 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T21:30:42

1 posts

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-12726
(7.5 HIGH)

EPSS: 0.07%

updated 2025-11-10T21:30:36

3 posts

Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

CVE-2025-60876(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-10T21:30:36

1 posts

BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).

CVE-2025-33150
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T21:30:36

1 posts

IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages.

CVE-2025-63455
(7.5 HIGH)

EPSS: 0.04%

updated 2025-11-10T21:30:35

1 posts

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-48878
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T21:15:39.263000

1 posts

Combodo iTop is a web based IT service management tool. In versions on the 3.x branch prior to 3.2.2, an insecure direct object reference allows a user (e.g. with Service desk agent profile) to create a ModuleInstallation object when they shouldn't be able to do so. Version 3.2.2 fixes the issue.

CVE-2025-48065
(8.8 HIGH)

EPSS: 0.04%

updated 2025-11-10T21:15:39.103000

2 posts

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a field with an error contains malicious content. Versions 2.7.13 and 3.2.2 protect rendered HTML content.

CVE-2025-12438
(8.8 HIGH)

EPSS: 0.07%

updated 2025-11-10T21:15:37.527000

1 posts

Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-64518
(7.5 HIGH)

EPSS: 0.05%

updated 2025-11-10T21:04:04

1 posts

### Impact The XML [`Validator`](https://docs.oracle.com/javase/8/docs/api/javax/xml/validation/Validator.html) used by cyclonedx-core-java was not configured securely, making the library vulnerable to XML External Entity (XXE) injection. The fix for GHSA-683x-4444-jxh8 / CVE-2024-38374 has been incomplete in that it only fixed *parsing* of XML BOMs, but not *validation*. ### Patches The vulne

CVE-2025-56503
(0 None)

EPSS: 0.02%

updated 2025-11-10T20:15:47.990000

1 posts

An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to Administrator via replacing the uninstall file with a crafted binary in the installation folder.

1 repos

https://github.com/secxplorers/CVE-2025-56503

CVE-2025-12967
(8.0 HIGH)

EPSS: 0.10%

updated 2025-11-10T19:15:56.320000

1 posts

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. We recommend customers upgrade to the following versions: AWS JDBC Wrapper to v2.6.5, AWS Go Wrapper to 2025-10-17, AWS NodeJ

CVE-2025-12735(CVSS UNKNOWN)

EPSS: 0.12%

updated 2025-11-10T19:06:04

1 posts

The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted variables object into the evaluate() function and trigger arbitrary code execution.

CVE-2025-63835(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-11-10T18:30:40

1 posts

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to denial of service (device crash) or potential remote code execution.

CVE-2025-63834(CVSS UNKNOWN)

EPSS: 0.08%

updated 2025-11-10T18:30:40

1 posts

A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage.

CVE-2025-63497(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-10T18:30:35

1 posts

The patient prescription viewing functionality in his_doc_view_single_patient.php of rickxy Hospital Management System version 1.0 contains an SQL injection vulnerability. The pat_number GET parameter is directly concatenated into SQL queries without proper sanitization, allowing authenticated attackers (doctor role) to execute arbitrary SQL queries.

CVE-2025-63456(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-10T18:30:35

1 posts

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63147(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-10T18:30:34

1 posts

Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63154(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-10T18:30:34

1 posts

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

CVE-2025-12907
(8.8 HIGH)

EPSS: 0.08%

updated 2025-11-10T18:30:34

1 posts

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)

1 repos

https://github.com/DExplo1ted/CVE-2025-12907-Exploit

CVE-2025-63457
(0 None)

EPSS: 0.02%

updated 2025-11-10T17:15:35.100000

1 posts

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-12480
(9.1 CRITICAL)

EPSS: 0.03%

updated 2025-11-10T16:15:43.237000

8 posts

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.

Nuclei template

CVE-2025-64456
(8.4 HIGH)

EPSS: 0.00%

updated 2025-11-10T15:31:11

2 posts

In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation

CVE-2025-64690
(5.4 MEDIUM)

EPSS: 0.00%

updated 2025-11-10T15:31:11

1 posts

In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes

CVE-2025-64687
(5.4 MEDIUM)

EPSS: 0.00%

updated 2025-11-10T15:31:11

1 posts

In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic

CVE-2025-64688
(7.4 HIGH)

EPSS: 0.00%

updated 2025-11-10T15:31:06

1 posts

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget

CVE-2025-64689
(9.6 CRITICAL)

EPSS: 0.00%

updated 2025-11-10T15:31:05

2 posts

In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token

CVE-2025-64684
(4.3 MEDIUM)

EPSS: 0.00%

updated 2025-11-10T15:31:05

1 posts

In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form

CVE-2025-64683
(5.3 MEDIUM)

EPSS: 0.00%

updated 2025-11-10T15:31:05

1 posts

In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API

CVE-2025-12929
(7.3 HIGH)

EPSS: 0.03%

updated 2025-11-10T15:15:36.903000

1 posts

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function save_user/update_user of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. Other parameters might be affected as well.

CVE-2025-64686
(3.1 LOW)

EPSS: 0.00%

updated 2025-11-10T14:15:44.223000

1 posts

In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context

CVE-2025-64685
(8.1 HIGH)

EPSS: 0.00%

updated 2025-11-10T14:15:44.070000

2 posts

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure

CVE-2025-12405(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-10T12:30:29

1 posts

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attached to the report. This vulnerability was patched on 21 July 2025, and no customer action is needed.

CVE-2025-41001(CVSS UNKNOWN)

EPSS: 0.16%

updated 2025-11-10T12:30:26

1 posts

Cross Site Scripting (XSS) vulnerability stored in SOPlanning v1.53.02, which consist of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'LOGOUT_REDIRECT' parameter in '/soplanning/www/process/options.php'. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.

CVE-2025-12397(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-11-10T09:30:28

1 posts

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 July 2025, and no customer action is needed.

CVE-2025-12155(CVSS UNKNOWN)

EPSS: 0.38%

updated 2025-11-10T09:30:28

1 posts

A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for Looker-hosted instances. No user action is required for thes

CVE-2025-41731
(7.4 HIGH)

EPSS: 0.01%

updated 2025-11-10T09:30:28

1 posts

A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the debug interface is still enabled.

CVE-2025-41107
(0 None)

EPSS: 0.16%

updated 2025-11-10T09:15:42.270000

1 posts

Stored Cross Site Scripting (XSS) vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/online_admission', wich affects the parameters 'firstname', 'lastname', 'guardian_name' and others. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal his/her session cookie details.

CVE-2025-12409
(0 None)

EPSS: 0.03%

updated 2025-11-10T09:15:42.107000

1 posts

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's permissions in BigQuery. This vulnerability was patched on 07 July 2025, and no customer action is neede

CVE-2025-62689
(7.5 HIGH)

EPSS: 0.03%

updated 2025-11-10T06:30:31

2 posts

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.

CVE-2025-59777
(7.5 HIGH)

EPSS: 0.03%

updated 2025-11-10T06:30:31

2 posts

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.

CVE-2025-12931
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T06:30:31

1 posts

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.

CVE-2025-12932
(4.7 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T06:30:31

1 posts

A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-12930
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T06:30:31

1 posts

A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown function of the file /view-ticket.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-12928
(7.3 HIGH)

EPSS: 0.03%

updated 2025-11-10T06:30:26

1 posts

A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.

CVE-2025-12868
(9.8 CRITICAL)

EPSS: 0.20%

updated 2025-11-10T06:30:25

2 posts

New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website.

CVE-2025-12867
(7.2 HIGH)

EPSS: 0.21%

updated 2025-11-10T06:30:25

1 posts

EIP Plus developed by Hundred Plus has an Arbitrary File Uplaod vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

CVE-2025-12933
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T06:15:34.133000

1 posts

A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.

CVE-2025-12613
(8.6 HIGH)

EPSS: 0.05%

updated 2025-11-10T05:15:42.900000

2 posts

Versions of the package cloudinary before 2.7.0 are vulnerable to Arbitrary Argument Injection due to improper parsing of parameter values containing an ampersand. An attacker can inject additional, unintended parameters. This could lead to a variety of malicious outcomes, such as bypassing security checks, altering data, or manipulating the application's behavior. **Note:** Following our establi

CVE-2025-12866
(9.8 CRITICAL)

EPSS: 0.08%

updated 2025-11-10T03:30:23

1 posts

EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechanism vulnerability, allowing unauthenticated remote attacker to predict or brute-force the 'forgot password' link, thereby successfully resetting any user's password.

CVE-2025-12865
(8.8 HIGH)

EPSS: 0.08%

updated 2025-11-10T03:30:23

1 posts

U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents.

CVE-2025-12925
(7.3 HIGH)

EPSS: 0.04%

updated 2025-11-10T03:30:23

1 posts

A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/deleteDic of the file src/main/java/com/rymcu/forest/lucene/api/UserDicController.java. The manipulation results in missing authorization. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous deliv

CVE-2025-12924
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T03:30:23

1 posts

A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the file src/main/java/com/rymcu/forest/web/api/bank/BankController.java. The manipulation leads to missing authorization. The attack may be initiated remotely. This product uses a rolling release model to deliver continuous updates. As a result, specific v

CVE-2025-12922
(6.3 MEDIUM)

EPSS: 0.05%

updated 2025-11-10T03:30:22

1 posts

A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xml_file results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosur

CVE-2025-12864
(8.8 HIGH)

EPSS: 0.08%

updated 2025-11-10T03:15:42.017000

1 posts

U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents.

CVE-2025-12923
(2.7 LOW)

EPSS: 0.04%

updated 2025-11-10T01:15:37.860000

1 posts

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-12920
(2.4 LOW)

EPSS: 0.03%

updated 2025-11-10T00:30:32

1 posts

A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any

CVE-2025-12921
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-10T00:15:44.943000

1 posts

A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xml_file leads to xml injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor wa

CVE-2025-12919
(3.7 LOW)

EPSS: 0.03%

updated 2025-11-09T21:30:24

1 posts

A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graphql/types/Order/Order.resolvers.js of the component Order Handler. The manipulation of the argument uuid results in improper control of resource identifiers. The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is told to be

CVE-2025-12918
(3.1 LOW)

EPSS: 0.03%

updated 2025-11-09T09:30:16

1 posts

A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoice_id results in improper control of resource identifiers. Remote exploitation of the attack is possible. The attack is considered to have hig

CVE-2025-12917
(4.3 MEDIUM)

EPSS: 0.01%

updated 2025-11-09T09:30:16

1 posts

A vulnerability was identified in TOZED ZLT T10 T10PLUS_3.04.15. The affected element is an unknown function of the file /reqproc/proc_post of the component Reboot Handler. Such manipulation leads to denial of service. Access to the local network is required for this attack to succeed. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did

1 repos

https://github.com/0xcucumbersalad/CVE-2025-12917-PoC

CVE-2025-9458
(7.8 HIGH)

EPSS: 0.01%

updated 2025-11-07T18:15:37.647000

2 posts

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

CVE-2025-52425
(0 None)

EPSS: 0.10%

updated 2025-11-07T16:15:38.753000

1 posts

An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QuMagie 2.7.0 and later

CVE-2025-34299(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-11-07T15:31:36

2 posts

Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.

2 repos

https://github.com/rxerium/CVE-2025-34299

https://github.com/crondenice/CVE-2025-34299

CVE-2025-52881(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-07T12:31:35

5 posts

### Impact ### This attack is primarily a more sophisticated version of CVE-2019-19921, which was a flaw which allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy `tmpfs` file and thus not apply the correct LSM labels to the container process. The mitigation runc applied for CVE-2019-19921 was fairly limited and effectively only caused runc t

2 repos

https://github.com/omne-earth/arca

https://github.com/jq6l43d1/proxmox-lxc-docker-fix

CVE-2025-52565(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-06T23:12:53

5 posts

### Impact ### This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). In runc version 1.0.0-rc3 and later, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside

1 repos

https://github.com/omne-earth/arca

CVE-2025-31133(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-06T23:12:38

4 posts

### Impact ### The OCI runtime specification has a `maskedPaths` feature that allows for files or directories to be "masked" by placing a mount on top of them to conceal their contents. This is primarily intended to protect against privileged users in non-user-namespaced from being able to write to files or access directories that would either provide sensitive information about the host to cont

2 repos

https://github.com/omne-earth/arca

https://github.com/sahar042/CVE-2025-31133

CVE-2025-10885
(7.8 HIGH)

EPSS: 0.02%

updated 2025-11-06T19:45:09.883000

2 posts

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM.

CVE-2025-40300(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-11-03T18:32:46

1 posts

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors af

CVE-2024-1086
(7.8 HIGH)

EPSS: 88.85%

updated 2025-10-27T17:06:37.437000

1 posts

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgradi

9 repos

https://github.com/xzx482/CVE-2024-1086

https://github.com/karim4353/CVE-2024-1086-Exploit

https://github.com/feely666/CVE-2024-1086

https://github.com/kevcooper/CVE-2024-1086-checker

https://github.com/andigandhi/bitpixie

https://github.com/Alicey0719/docker-POC_CVE-2024-1086

https://github.com/LLfam/CVE-2024-1086

https://github.com/Notselwyn/CVE-2024-1086

https://github.com/CCIEVoice2009/CVE-2024-1086

CVE-2025-55315
(9.9 CRITICAL)

EPSS: 0.07%

updated 2025-10-21T21:04:55

2 posts

# Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 10.0 , ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their appl

6 repos

https://github.com/sirredbeard/CVE-2025-55315-repro

https://github.com/ZemarKhos/CVE-2025-55315-PoC-Exploit

https://github.com/RootAid/CVE-2025-55315

https://github.com/7huukdlnkjkjba/CVE-2025-55315-

https://github.com/jlinebau/CVE-2025-55315-Scanner-Monitor

https://github.com/nickcopi/CVE-2025-55315-detection-playground

CVE-2025-62518
(8.1 HIGH)

EPSS: 0.01%

updated 2025-10-21T19:31:25.450000

4 posts

astral-tokio-tar is a tar archive reading/writing library for async Rust. Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrectly advances stream position b

1 repos

https://github.com/edera-dev/cve-tarmageddon

CVE-2025-54918
(8.8 HIGH)

EPSS: 0.15%

updated 2025-09-09T18:31:31

1 posts

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

1 repos

https://github.com/mrk336/From-Foothold-to-Domain-Admin-Weaponizing-CVE-2025-54918-in-Real-World-DevOps

CVE-2025-48561
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-09-05T21:34:34

1 posts

In multiple locations, there is a possible way to access data displayed on the screen due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

1 repos

https://github.com/demining/Pixnapping-Attack-on-Android

CVE-2025-47728
(7.3 HIGH)

EPSS: 0.01%

updated 2025-07-11T17:52:28.613000

2 posts

Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.

CVE-2024-38197
(6.5 MEDIUM)

EPSS: 6.58%

updated 2024-10-22T19:50:21.707000

1 posts

Microsoft Teams for iOS Spoofing Vulnerability

CVE-2022-1234
(6.1 MEDIUM)

EPSS: 0.13%

updated 2023-01-27T05:01:29

1 posts

XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.

CVE-2025-12686
(0 None)

EPSS: 0.00%

2 posts

N/A

CVE-2025-9408
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-48593
(0 None)

EPSS: 0.00%

3 posts

N/A

6 repos

https://github.com/GiladLeef/CVE-2025-48593

https://github.com/callinston/CVE-2025-48593

https://github.com/logesh-GIT001/CVE-2025-48593

https://github.com/skolepc/CVE-2025-48593

https://github.com/B1ack4sh/Blackash-CVE-2025-48593

https://github.com/letchupkt/CVE-2025-48593

CVE-2025-64513
(0 None)

EPSS: 0.24%

1 posts

N/A

CVE-2025-64507
(0 None)

EPSS: 0.01%

1 posts

N/A

CVE-2025-64484
(0 None)

EPSS: 0.06%

1 posts

N/A

CVE-2025-49145
(0 None)

EPSS: 0.03%

1 posts

N/A

CVE-2025-48055
(0 None)

EPSS: 0.03%

2 posts

N/A

CVE-2025-47932
(0 None)

EPSS: 0.04%

2 posts

N/A