CVE-2025-13683
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-11-28T21:32:24

1 posts

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.

CVE-2025-40934
(9.3 CRITICAL)

EPSS: 0.01%

updated 2025-11-28T21:32:24

1 posts

XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted. An attacker can remove the signature from the XML document to make it pass the verification check. XML-Sig is a Perl module to validate signatures on XML files.  An unsigned XML file should return an error message.  The affected versions return true when attempting to validate an XML file that

CVE-2025-45311
(8.8 HIGH)

EPSS: 0.01%

updated 2025-11-28T21:31:18

1 posts

Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root.

CVE-2025-65681
(3.3 LOW)

EPSS: 0.02%

updated 2025-11-28T21:15:48.280000

1 posts

An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.

1 repos

https://github.com/Rivek619/CVE-2025-65681

CVE-2021-26829
(5.4 MEDIUM)

EPSS: 0.25%

updated 2025-11-28T19:15:44.900000

5 posts

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.

CVE-2025-51736
(6.3 MEDIUM)

EPSS: 0.00%

updated 2025-11-28T18:31:28

1 posts

File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-51735
(7.5 HIGH)

EPSS: 0.00%

updated 2025-11-28T18:31:27

1 posts

CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-51734
(5.4 MEDIUM)

EPSS: 0.00%

updated 2025-11-28T18:31:27

1 posts

Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-51733
(5.5 MEDIUM)

EPSS: 0.00%

updated 2025-11-28T18:31:27

1 posts

Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-13742(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T18:31:27

1 posts

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an email template, it will be replaced with the buyer's name for the final email. If the name of the attendee contained HTML or Markdown formatting, this was rendered as HTML in the resulting email. This way, a user could inject links or other formatted text through a maliciou

CVE-2025-12183(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-28T18:30:32

2 posts

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.

CVE-2025-59790
(5.4 MEDIUM)

EPSS: 0.00%

updated 2025-11-28T18:30:24

1 posts

Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

CVE-2025-59792
(5.3 MEDIUM)

EPSS: 0.00%

updated 2025-11-28T18:30:24

1 posts

Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

CVE-2025-59454
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-11-28T18:30:23

1 posts

In Apache CloudStack, a gap in access control checks affected the APIs - createNetworkACL - listNetworkACLs - listResourceDetails - listVirtualMachinesUsageHistory - listVolumesUsageHistory While these APIs were accessible only to authorized users, insufficient permission validation meant that users could occasionally access information beyond their intended scope. Users are recommended to up

CVE-2025-59302
(4.7 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T15:31:38

1 posts

In Apache CloudStack improper control of generation of code ('Code Injection') vulnerability is found in the following APIs which are accessible only to admins. * quotaTariffCreate * quotaTariffUpdate * createSecondaryStorageSelector * updateSecondaryStorageSelector * updateHost * updateStorage This issue affects Apache CloudStack: from 4.18.0 before 4.20.2, from 4.21.0 befor

CVE-2025-12638
(8.0 HIGH)

EPSS: 0.00%

updated 2025-11-28T15:30:36

2 posts

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a

CVE-2025-11156(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-28T15:30:36

1 posts

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash (Blue-Screen-of-Death) and resulting in a Denial of Service (DoS) for the affected machine.

CVE-2025-65202
(8.0 HIGH)

EPSS: 0.16%

updated 2025-11-28T15:16:03.483000

1 posts

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "next_file," which allows an attacker to execute arbitrary commands with root privileges.

CVE-2025-12143
(6.1 MEDIUM)

EPSS: 0.00%

updated 2025-11-28T12:30:28

1 posts

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.

CVE-2025-66385(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T09:30:22

3 posts

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a higher role such as admin) via the user-edit endpoint by supplying or modifying role_id or organisation_id fields in the edit request.

CVE-2025-13769
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T09:30:22

1 posts

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

CVE-2025-13770
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T09:30:18

1 posts

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

CVE-2025-13768
(7.5 HIGH)

EPSS: 0.15%

updated 2025-11-28T09:30:18

1 posts

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.

CVE-2025-13771
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-11-28T09:30:17

2 posts

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

CVE-2025-66384
(8.2 HIGH)

EPSS: 0.03%

updated 2025-11-28T09:30:17

2 posts

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmp_name.

CVE-2025-66382
(2.9 LOW)

EPSS: 0.01%

updated 2025-11-28T09:30:17

1 posts

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

CVE-2025-66386
(4.1 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T07:15:59.900000

1 posts

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.

CVE-2025-58308
(7.3 HIGH)

EPSS: 0.01%

updated 2025-11-28T06:32:10

1 posts

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2025-58305
(6.2 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T06:32:10

1 posts

Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58302
(8.4 HIGH)

EPSS: 0.01%

updated 2025-11-28T06:32:09

3 posts

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-64312
(4.9 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T06:32:09

1 posts

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-13737
(4.3 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T06:32:09

1 posts

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink the user's social login via a forged request granted they can trick a site administrator into performing

CVE-2025-66372
(2.8 LOW)

EPSS: 0.01%

updated 2025-11-28T06:32:07

1 posts

Mustang before 2.16.3 allows exfiltrating files via XXE attacks.

CVE-2025-66370
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T06:32:07

1 posts

Kivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD format, it is possible to read and exfiltrate files from the server's filesystem.

CVE-2025-66371
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T04:16:01.293000

1 posts

Peppol-py before 1.1.1 allows XXE attacks because of the Saxon configuration. When validating XML-based invoices, the XML parser could read files from the filesystem and expose their content to a remote host.

CVE-2025-58311
(5.8 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T04:16:00.807000

1 posts

UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2025-58304
(4.9 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T04:16:00.347000

1 posts

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58303
(8.4 HIGH)

EPSS: 0.01%

updated 2025-11-28T03:30:34

1 posts

UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-58310
(8.0 HIGH)

EPSS: 0.01%

updated 2025-11-28T03:30:33

1 posts

Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-64314
(9.3 CRITICAL)

EPSS: 0.01%

updated 2025-11-28T03:16:00.867000

2 posts

Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2025-66360(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T00:30:28

1 posts

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

CVE-2025-66361(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T00:30:27

1 posts

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.

CVE-2025-66359
(8.5 HIGH)

EPSS: 0.05%

updated 2025-11-28T00:15:46.003000

2 posts

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.

CVE-2025-13338
(0 None)

EPSS: 0.00%

updated 2025-11-27T23:15:50.550000

1 posts

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-3261(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-11-27T18:30:34

1 posts

ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any pa

CVE-2025-12559
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T18:30:26

1 posts

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint

CVE-2025-12419
(10.0 CRITICAL)

EPSS: 0.07%

updated 2025-11-27T18:30:26

2 posts

Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via manipulation of authentication data during the OAuth completion flow. This requires email verification to be disabled (de

CVE-2025-13757(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-27T18:30:26

1 posts

SQL Injection vulnerability in last usage logs in Devolutions Server.This issue affects Devolutions Server: through 2025.2.20, through 2025.3.8.

CVE-2025-13765(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-27T18:30:26

1 posts

Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.

CVE-2025-12421
(9.9 CRITICAL)

EPSS: 0.07%

updated 2025-11-27T18:15:46.223000

2 posts

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-

CVE-2025-13758
(0 None)

EPSS: 0.02%

updated 2025-11-27T16:15:47.257000

1 posts

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.

CVE-2025-54057(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-11-27T15:32:27

1 posts

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: <= 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue.

CVE-2025-12140(CVSS UNKNOWN)

EPSS: 0.08%

updated 2025-11-27T15:31:32

2 posts

The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the value of the 'redirectUrlParameter' parameter. The application interprets the entered string of characters as a Java expression, allowing an unauthenticated attacer to perform arbitrary code execution. This issue was fixed in version wu#2016.1.5513#0#20251014_113353

CVE-2025-13692
(7.2 HIGH)

EPSS: 0.10%

updated 2025-11-27T15:31:32

1 posts

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. A form with a file uplo

CVE-2025-8890
(0 None)

EPSS: 0.29%

updated 2025-11-27T14:15:52.183000

2 posts

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.

CVE-2025-12971
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T13:15:58.547000

1 posts

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured capability check on the 'wcp_change_post_folder' function in all versions up to, and including, 3.1.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to move arbitrar

CVE-2025-10476
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:34

1 posts

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpfc_db_fix_callback() function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to initiate several database fix actions. This only affects sites with premium activated.

CVE-2025-59025
(6.1 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:34

1 posts

Malicious e-mail content can be used to execute script code. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Sanitization has been updated to avoid such bypasses. No publicly available exploits are known

CVE-2025-30186
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:34

1 posts

Malicious content uploaded as file can be used to execute script code when following attacker-controlled links. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

CVE-2025-13378
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-11-27T12:30:34

1 posts

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.0 via the ays_chatgpt_pinecone_upsert function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from

CVE-2025-12584
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:34

1 posts

The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqv_popup_content' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers to extract data from private products that they should not have access to.

CVE-2025-30190
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:29

1 posts

Malicious content at office documents can be used to inject script code when editing a document. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

CVE-2025-59890
(7.3 HIGH)

EPSS: 0.01%

updated 2025-11-27T11:15:48.080000

1 posts

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is available on the Eaton download center.

CVE-2025-59026
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T10:15:52.007000

1 posts

Malicious content uploaded as file can be used to execute script code when following attacker-controlled links. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

CVE-2025-13381
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-11-27T10:15:51.220000

1 posts

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'ays_chatgpt_save_wp_media' function in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to upload media files.

CVE-2025-13536
(8.8 HIGH)

EPSS: 0.22%

updated 2025-11-27T09:30:26

2 posts

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the 'powerpress_edit_post' function. This makes it possible for authenticated attackers, with Contributor-level access and a

CVE-2025-13157
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T09:30:26

1 posts

The QODE Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.7 via the 'qode_wishlist_for_woocommerce_wishlist_table_item_callback' function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to update the public view of arbitrary wishlists.

CVE-2025-13441
(5.3 MEDIUM)

EPSS: 0.05%

updated 2025-11-27T09:30:25

1 posts

The Hide Category by User Role for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.1. This is due to a missing capability check on the admin_init hook that executes wp_cache_flush(). This makes it possible for unauthenticated attackers to flush the site's object cache via forged requests, potentially degrading site performance.

CVE-2025-66028(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-27T09:01:21

1 posts

### Summary During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying this parameter value from false to true, a user is able to gain access to the admin dashboard interface. However, despite accessing the admin panel, the user does not have sufficient permissions to view or interact with actual data. ### PoC Intercept the login res

CVE-2025-62703
(8.8 HIGH)

EPSS: 0.33%

updated 2025-11-27T09:00:41

1 posts

### Summary The Fugue framework implements an RPC server system for distributed computing operations. In the core functionality of the RPC server implementation, I found that the _decode() function in fugue/rpc/flask.py directly uses cloudpickle.loads() to deserialize data without any sanitization. This creates a remote code execution vulnerability when malicious pickle data is processed by the RP

CVE-2025-13540
(9.8 CRITICAL)

EPSS: 0.07%

updated 2025-11-27T06:31:33

2 posts

The Tiare Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. This is due to the 'tiare_membership_init_rest_api_register' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site

CVE-2025-13675
(9.8 CRITICAL)

EPSS: 0.07%

updated 2025-11-27T06:31:33

2 posts

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the 'paypal-submit.php' file not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.

CVE-2025-12758
(7.5 HIGH)

EPSS: 0.04%

updated 2025-11-27T06:31:32

1 posts

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength() function that does not take into account Unicode variation selectors (\uFE0F, \uFE0E) appearing in a sequence which lead to improper string length calculation. This can lead to an application using isLength for input validation accepting strings si

CVE-2025-12151
(6.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T06:31:32

1 posts

The Simple Folio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'portfolio_name' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an

CVE-2025-12185
(4.4 MEDIUM)

EPSS: 0.02%

updated 2025-11-27T06:31:26

1 posts

The StaffList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected p

CVE-2025-12123
(6.1 MEDIUM)

EPSS: 0.07%

updated 2025-11-27T06:31:26

1 posts

The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into

CVE-2025-13539
(9.8 CRITICAL)

EPSS: 0.19%

updated 2025-11-27T06:31:26

2 posts

The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.4. This is due to the plugin not properly logging in a user with the data that was previously verified through the 'findall_membership_check_facebook_user' and the 'findall_membership_check_google_user' functions. This makes it possible for unauthenticated attackers to log i

CVE-2025-7820
(7.5 HIGH)

EPSS: 0.09%

updated 2025-11-27T06:31:26

1 posts

The SKT PayPal for WooCommerce plugin for WordPress is vulnerable to Payment Bypass in all versions up to, and including, 1.4. This is due to the plugin only enforcing client side controls instead of server-side controls when processing payments. This makes it possible for unauthenticated attackers to make confirmed purchases without actually paying for them.

CVE-2025-13525
(6.1 MEDIUM)

EPSS: 0.09%

updated 2025-11-27T06:15:46.830000

1 posts

The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'order_by' parameter in all versions up to, and including, 1.4.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such a

CVE-2025-13143
(4.3 MEDIUM)

EPSS: 0.01%

updated 2025-11-27T06:15:46.657000

1 posts

The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 19.12.0. This is due to missing or insufficient nonce validation on the disconnect_account_action function. This makes it possible for unauthenticated attackers to disconnect the site from the Opinion Stage platform integration via a forged re

CVE-2025-3784
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-11-27T05:16:15.467000

1 posts

Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential information, and obtain or modify project information.

CVE-2025-13680
(8.8 HIGH)

EPSS: 0.04%

updated 2025-11-27T05:16:15.253000

2 posts

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the plugin allowing a user to update the user role through the $user->set_role() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator.

CVE-2025-13538
(9.8 CRITICAL)

EPSS: 0.07%

updated 2025-11-27T05:16:12.453000

2 posts

The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.5. This is due to the 'findall_listing_user_registration_additional_params' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator acces

CVE-2025-66314
(7.5 HIGH)

EPSS: 0.03%

updated 2025-11-27T03:30:32

1 posts

Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNet_UME_R32_V16.23.20.04.

CVE-2025-34351(CVSS UNKNOWN)

EPSS: 0.47%

updated 2025-11-27T03:30:32

2 posts

Anyscale Ray 2.52.0 contains an insecure default configuration in which token-based authentication for Ray management interfaces (including the dashboard and Jobs API) is disabled unless explicitly enabled by setting RAY_AUTH_MODE=token. In the default unauthenticated state, a remote attacker with network access to these interfaces can submit jobs and execute arbitrary code on the Ray cluster. NOT

CVE-2024-5539(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-27T03:30:32

2 posts

The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to and including 8.5 allows a malicious actor to bypass intended access restrictions and expose sensitive information via the web based building automation server.

CVE-2024-5540(CVSS UNKNOWN)

EPSS: 0.05%

updated 2025-11-27T03:30:32

1 posts

The reflective cross-site scripting vulnerability found in ALC WebCTRL and Carrier i-Vu in versions older than 8.0 affects login panels allowing a malicious actor to compromise the client browser .

CVE-2025-0657(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-27T03:30:26

2 posts

A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drv_gen5_106-01-2380, allows malformed packets to be sent through BACnet MS/TP network causing the devices to enter a fault state. This fault state requires a manual power cycle to return the device to network visibility.

CVE-2025-0658
(0 None)

EPSS: 0.08%

updated 2025-11-27T01:15:46.583000

2 posts

A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the device to crash. The device enters a fault state; after a reset, a second packet can leave it permanently unresponsive until a manual power cycle is performed.

CVE-2020-36871(CVSS UNKNOWN)

EPSS: 0.34%

updated 2025-11-27T00:30:38

2 posts

ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint allows remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup can include administrative credentials and other sensitive device settings, enabling an unauthenticated remote att

CVE-2020-36874(CVSS UNKNOWN)

EPSS: 0.36%

updated 2025-11-27T00:30:27

1 posts

ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may include administrative credentials and other sensitive device settings, enabling an unauthenticated remo

CVE-2020-36872(CVSS UNKNOWN)

EPSS: 0.16%

updated 2025-11-27T00:30:27

1 posts

BACnet Test Server versions up to and including 1.01 contains a remote denial of service vulnerability in its BACnet/IP BVLC packet handling. The server fails to properly validate the BVLC Length field in incoming UDP BVLC frames on the default BACnet port (47808/udp). A remote unauthenticated attacker can send a malformed BVLC Length value to trigger an access violation and crash the application,

CVE-2019-25226(CVSS UNKNOWN)

EPSS: 0.22%

updated 2025-11-27T00:30:27

1 posts

Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/sys_system_config management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration may include administrative credentials and other sensitive settings, enablin

CVE-2025-66040
(3.6 LOW)

EPSS: 0.03%

updated 2025-11-27T00:15:55.343000

1 posts

Spotipy is a Python library for the Spotify Web API. Prior to version 2.25.2, there is a cross-site scripting (XSS) vulnerability in the OAuth callback server that allows for JavaScript injection through the unsanitized error parameter. Attackers can execute arbitrary JavaScript in the user's browser during OAuth authentication. This issue has been patched in version 2.25.2.

CVE-2025-59390
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-11-26T23:19:19

1 posts

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration is not explicitly set. In this case, the secret is generated using `ThreadLocalRandom`, which is not a crypto-graphically secure random number generator. This may allow an attacker to predict or brute force the secret used to sign authentication cookie

1 repos

https://github.com/Daeda1usUK/CVE-2025-59390-

CVE-2025-66035(CVSS UNKNOWN)

EPSS: 0.05%

updated 2025-11-26T23:18:51

1 posts

The vulnerability is a **Credential Leak by App Logic** that leads to the **unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token** to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (`http://` or `https://`) to determine if it is cross-origin. If the URL starts with protoc

CVE-2025-66030
(0 None)

EPSS: 0.03%

updated 2025-11-26T23:15:49.237000

1 posts

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream

CVE-2025-64335
(7.5 HIGH)

EPSS: 0.05%

updated 2025-11-26T23:15:48.913000

1 posts

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_da

CVE-2025-64330
(7.5 HIGH)

EPSS: 0.04%

updated 2025-11-26T23:15:48.093000

1 posts

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires the per packet alert queue to be filled with alerts and then followed by a pass rule. This issue has b

CVE-2025-62593
(0 None)

EPSS: 0.02%

updated 2025-11-26T23:15:47.927000

2 posts

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the User-Agent header starting with the string "Mozilla" as a defense mechanism. This defense is ins

1 repos

https://github.com/Ashwesker/Blackash-CVE-2025-62593

CVE-2020-36873
(0 None)

EPSS: 0.17%

updated 2025-11-26T23:15:47.397000

1 posts

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may include administrative credentials and other sensitive device settings, enabl

CVE-2019-25227
(0 None)

EPSS: 0.21%

updated 2025-11-26T23:15:46.880000

2 posts

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/system_config_file management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration may include administrative credentials, wireless keys, and other sensitive settings, enabling an una

CVE-2025-66031(CVSS UNKNOWN)

EPSS: 0.09%

updated 2025-11-26T22:08:40

2 posts

### Summary An Uncontrolled Recursion (CWE-674) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. ### Details An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge `

CVE-2025-6195
(4.3 MEDIUM)

EPSS: 0.01%

updated 2025-11-26T21:31:37

1 posts

GitLab has remediated an issue in GitLab EE affecting all versions from 13.7 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user to view information from security reports under certain configuration conditions.

CVE-2025-7449
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-11-26T21:31:37

1 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user with specific permissions to cause a denial of service condition through HTTP response processing.

CVE-2025-13611
(2.0 LOW)

EPSS: 0.01%

updated 2025-11-26T21:31:37

1 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions.

CVE-2025-65676(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-26T21:31:37

1 posts

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG cover images.

1 repos

https://github.com/Rivek619/CVE-2025-65676

CVE-2025-65675(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-26T21:31:26

1 posts

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures.

1 repos

https://github.com/Rivek619/CVE-2025-65675

CVE-2025-12653
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-11-26T20:15:49.023000

1 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that under specific conditions could have allowed an unauthenticated user to join arbitrary organizations by changing headers on some requests.

CVE-2025-12571
(7.5 HIGH)

EPSS: 0.04%

updated 2025-11-26T20:15:47.943000

1 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a Denial of Service condition by sending specifically crafted requests containing malicious JSON payloads.

CVE-2025-66020
(7.5 HIGH)

EPSS: 0.04%

updated 2025-11-26T19:33:36

1 posts

### Summary The `EMOJI_REGEX` used in the `emoji` action is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. A short, maliciously crafted string (e.g., <100 characters) can cause the regex engine to consume excessive CPU time (minutes), leading to a Denial of Service (DoS) for the application. ### Details The ReDoS vulnerability stems from "catastrophic backtracking" in the

CVE-2025-65966(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-26T19:33:10

2 posts

### Summary A low-permission user can create new accounts through a direct API request instead of being restricted to the intended interface. ### PoC A low-permission user sends a crafted API request to the user-creation endpoint and the system creates the account successfully. ![WhatsApp Image 2025-11-23 at 14 27 32_0e0f5889](https://github.com/user-attachments/assets/5a539310-c9a2-4466-8926-b49

CVE-2025-64128
(10.0 CRITICAL)

EPSS: 3.18%

updated 2025-11-26T18:31:15

1 posts

An OS command injection vulnerability exists due to incomplete validation of user-supplied input. Validation fails to enforce sufficient formatting rules, which could permit attackers to append arbitrary data. This could allow an unauthenticated attacker to inject arbitrary commands.

CVE-2025-64127
(10.0 CRITICAL)

EPSS: 3.18%

updated 2025-11-26T18:31:15

1 posts

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. The application accepts parameters that are later incorporated into OS commands without adequate validation. This could allow an unauthenticated attacker to execute arbitrary commands remotely.

CVE-2025-64126
(10.0 CRITICAL)

EPSS: 3.18%

updated 2025-11-26T18:31:15

1 posts

An OS command injection vulnerability exists due to improper input validation. The application accepts a parameter directly from user input without verifying it is a valid IP address or filtering potentially malicious characters. This could allow an unauthenticated attacker to inject arbitrary commands.

CVE-2025-65239
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-26T18:31:15

1 posts

Incorrect access control in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC Release:5, version 6.13.11 allows attackers with low-level privileges to read server logs.

CVE-2025-65238(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-26T18:31:15

1 posts

Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows attackers with low-level privileges to dump user records and access sensitive information.

CVE-2025-64130
(9.8 CRITICAL)

EPSS: 0.11%

updated 2025-11-26T18:15:50.243000

1 posts

Zenitel TCIV-3+ is vulnerable to a reflected cross-site scripting vulnerability, which could allow a remote attacker to execute arbitrary JavaScript on the victim's browser.

CVE-2025-2486
(0 None)

EPSS: 0.01%

updated 2025-11-26T18:15:48.357000

2 posts

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based decision to continue running inside the Shell itself, which is believed to be sufficient to enforce Secure

CVE-2025-63938
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-11-26T17:15:46.440000

1 posts

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c.

CVE-2025-66257
(0 None)

EPSS: 0.07%

updated 2025-11-26T16:15:51.030000

2 posts

Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deletepatch parameter allows unauthenticated deletion of arbitrary files. The `deletepatch` parameter in `patch_contents.php` allows unauthenticated deletion of arbitrary fi

CVE-2025-66026
(6.1 MEDIUM)

EPSS: 0.04%

updated 2025-11-26T16:15:50.917000

1 posts

REDAXO is a PHP-based CMS. Prior to version 5.20.1, a reflected Cross-Site Scripting (XSS) vulnerability exists in the Mediapool view where the request parameter args[types] is rendered into an info banner without HTML-escaping. This allows arbitrary JavaScript execution in the backend context when an authenticated user visits a crafted link while logged in. This issue has been patched in version

CVE-2025-66021
(0 None)

EPSS: 0.05%

updated 2025-11-26T16:15:50.413000

2 posts

OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in Java, allowing inclusion of HTML authored by third-parties in web applications while protecting against XSS. In version 20240325.1, OWASP java html sanitizer is vulnerable to XSS if HtmlPolicyBuilder allows noscript and style tags with allowTextIn inside the style tag. This could lead to XSS if the payload is crafted in such a

CVE-2025-9163
(6.1 MEDIUM)

EPSS: 0.07%

updated 2025-11-26T15:34:20

1 posts

The Houzez theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.1.6 due to insufficient input sanitization and output escaping in the houzez_property_img_upload() and houzez_property_attachment_upload() functions. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute w

CVE-2025-13601
(7.7 HIGH)

EPSS: 0.01%

updated 2025-11-26T15:34:20

1 posts

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

CVE-2025-12061
(8.6 HIGH)

EPSS: 0.03%

updated 2025-11-26T15:15:51.087000

1 posts

The TAX SERVICE Electronic HDM WordPress plugin before 1.2.1 does not authorization and CSRF checks in an AJAX action, allowing unauthenticated users to import and execute arbitrary SQL statements

CVE-2025-9191
(6.3 MEDIUM)

EPSS: 0.05%

updated 2025-11-26T13:16:00.923000

1 posts

The Houzez theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.6 via deserialization of untrusted input in saved-search-item.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unl

CVE-2025-13674
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-11-26T12:30:16

1 posts

BPv7 dissector crash in Wireshark 4.6.0 allows denial of service

CVE-2025-62728(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-26T09:31:30

1 posts

SQL injection vulnerability in Hive Metastore Server (HMS) when processing delete column statistics requests via the Thrift APIs. The vulnerability is only exploitable by trusted/authorized users/applications that are allowed to call directly the Thrift APIs. In most real-world deployments, HMS is accessible to only a handful of applications (e.g., Hiveserver2) thus the vulnerability is not exploi

CVE-2025-13735
(7.4 HIGH)

EPSS: 0.04%

updated 2025-11-26T07:16:00.173000

1 posts

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules). This vulnerability is associated with program files Code/nr_fw/DLP/src/NrCgi.C. This issue affects Lapwing_Linux: before 2025/11/26.

CVE-2025-64983
(8.0 HIGH)

EPSS: 0.03%

updated 2025-11-26T06:31:34

2 posts

Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device.

CVE-2025-66233(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-26T06:31:34

1 posts

Rejected reason: Not used

CVE-2025-66231(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-26T06:31:34

1 posts

Rejected reason: Not used

CVE-2025-66229(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-26T06:31:34

1 posts

Rejected reason: Not used

CVE-2025-55174
(3.2 LOW)

EPSS: 0.01%

updated 2025-11-26T06:31:28

1 posts

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.

CVE-2025-59820
(6.7 MEDIUM)

EPSS: 0.02%

updated 2025-11-26T06:31:28

1 posts

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.

CVE-2025-66235(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-26T06:31:28

1 posts

Rejected reason: Not used

CVE-2025-66232(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-26T06:31:28

1 posts

Rejected reason: Not used

CVE-2025-9557
(7.6 HIGH)

EPSS: 0.01%

updated 2025-11-26T06:15:46.007000

1 posts

‭An out-of-bound write can lead to an arbitrary code execution. Even on devices with some form of memory protection, this can still lead to‬ ‭a crash and a resultant denial of service.‬

CVE-2025-66234
(0 None)

EPSS: 0.00%

updated 2025-11-26T04:15:57.677000

1 posts

Rejected reason: Not used

CVE-2025-66230
(0 None)

EPSS: 0.00%

updated 2025-11-26T04:15:57.393000

1 posts

Rejected reason: Not used

CVE-2025-66250(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-26T03:30:28

1 posts

Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Allows unauthenticated arbitrary file upload via /var/tdf/status_contents.php.

CVE-2025-66253(CVSS UNKNOWN)

EPSS: 0.93%

updated 2025-11-26T03:30:28

1 posts

Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform User input passed directly to exec() allows remote code execution via start_upgrade.php. The `/var/tdf/start_upgrade.php` endpoint passes user-controlled `$_GET["filename"]` directl

CVE-2025-66258(CVSS UNKNOWN)

EPSS: 0.05%

updated 2025-11-26T03:30:28

1 posts

Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Stored XSS via crafted filenames injected into patchlist.xml. User-controlled filenames are directly concatenated into `patchlist.xml` without encoding, allowing injection of malicious JavaScr

CVE-2025-66261(CVSS UNKNOWN)

EPSS: 0.93%

updated 2025-11-26T03:30:28

2 posts

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform URL-decoded name parameter passed to exec() allows remote code execution. The `/var/tdf/restore_settings.php` endpoint passes user-controlled `$_GET["name"]` parameter through `u

CVE-2025-66259(CVSS UNKNOWN)

EPSS: 0.36%

updated 2025-11-26T03:30:28

2 posts

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in main_ok.php user supplied data/hour/time is passed directly into date shell command

CVE-2025-66266(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-11-26T03:30:28

2 posts

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; starting and stopping the service to immediately achieve code execution and privilege escalation

CVE-2025-66269(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-26T03:30:28

1 posts

The RupsMon and USBMate services in UPSilon 2000 run with SYSTEM privileges and contain unquoted service paths. This allows a local attacker to perform path interception and escalate privileges if they have write permissions to the directories proceeding that of which the real service executables live in

CVE-2025-12848(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-11-26T03:30:28

1 posts

Webform Multiple File Upload module for Drupal 7.x contains a cross-site scripting (XSS) vulnerability in the file name renderer. An unauthenticated attacker can exploit this vulnerability by uploading a file with a malicious filename containing JavaScript code (e.g., "<img src=1 onerror=alert(document.domain)>") to a Webform node with a Multifile field where file type validation is disabled. This

CVE-2025-66265(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-26T03:30:28

1 posts

CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files (such as snmp.conf) or hijack DLLs to escalate privileges.

CVE-2025-66251(CVSS UNKNOWN)

EPSS: 0.17%

updated 2025-11-26T03:30:27

1 posts

Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deletehidden parameter allows path traversal deletion of arbitrary .tgz files.

CVE-2025-66252(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-26T03:30:27

1 posts

Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink() fails in status_contents.php causing DoS. Due to the fact that the unlink operation is done in a while loop; if an immutable file is specified or otherwi

CVE-2025-64657
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-11-26T03:30:27

1 posts

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-66263(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-26T03:30:22

2 posts

Unauthenticated Arbitrary File Read via Null Byte Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Null byte injection in download_setting.php allows reading arbitrary files. The `/var/tdf/download_setting.php` endpoint constructs file paths by concatenating user-controlled `$

CVE-2025-66262(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-11-26T03:30:22

2 posts

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive. The `restore_mozzi_memories.sh` script extracts user-controlled tar archives with `-C /` flag, deposit

CVE-2025-66260(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-11-26T03:30:22

1 posts

PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in status_sql.php. The `status_sql.php` endpoint constructs SQL UPDATE queries by directly concatenating user-controlled `sw1` and `sw2` parameters without

CVE-2025-66256(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-26T03:30:22

1 posts

Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Unrestricted file upload in patch_contents.php allows uploading malicious files. The `/var/tdf/patch_contents.php` endpoint allows unauthenticated arbitrary file uploads without

CVE-2025-64656
(9.4 CRITICAL)

EPSS: 0.09%

updated 2025-11-26T03:30:21

1 posts

Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-66264
(0 None)

EPSS: 0.01%

updated 2025-11-26T01:16:10.023000

1 posts

The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write privileges to the filesystem to insert a malicious executable in the path, leading to privilege escalation.

CVE-2025-66255
(0 None)

EPSS: 0.10%

updated 2025-11-26T01:16:08.710000

1 posts

Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Missing signature validation allows uploading malicious firmware packages.  The firmware upgrade endpoint in `upgrade_contents.php` accepts arbitrary file uploads without valida

CVE-2025-66254
(0 None)

EPSS: 0.07%

updated 2025-11-26T01:16:08.570000

1 posts

Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deleteupgrade parameter allows unauthenticated deletion of arbitrary files.  The `deleteupgrade` parameter in `/var/www/upgrade_contents.php` allows unauthenticated delet

CVE-2025-13597
(9.8 CRITICAL)

EPSS: 0.19%

updated 2025-11-26T00:30:31

1 posts

The AI Feeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.0.11. This makes it possible for unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files on the affected site's server which may make remote code execution possible.

1 repos

https://github.com/d0n601/CVE-2025-13597

CVE-2025-13595
(9.8 CRITICAL)

EPSS: 0.19%

updated 2025-11-26T00:30:31

1 posts

The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.10.8. This makes it possible for unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files on the affected site's server which may make remote code execution possible.

1 repos

https://github.com/d0n601/CVE-2025-13595

CVE-2025-65952
(0 None)

EPSS: 0.04%

updated 2025-11-25T23:15:48.097000

1 posts

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This issue has been patched in version 2.8.0.

CVE-2025-41115
(10.0 CRITICAL)

EPSS: 0.02%

updated 2025-11-25T22:16:42.557000

1 posts

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric ext

1 repos

https://github.com/Ashwesker/Blackash-CVE-2025-41115

CVE-2025-59372
(0 None)

EPSS: 0.15%

updated 2025-11-25T22:16:16.690000

2 posts

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59369
(0 None)

EPSS: 0.10%

updated 2025-11-25T22:16:16.690000

2 posts

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59371
(0 None)

EPSS: 0.15%

updated 2025-11-25T22:16:16.690000

2 posts

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59365
(0 None)

EPSS: 0.04%

updated 2025-11-25T22:16:16.690000

2 posts

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59368
(0 None)

EPSS: 0.04%

updated 2025-11-25T22:16:16.690000

2 posts

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59366
(0 None)

EPSS: 0.10%

updated 2025-11-25T22:16:16.690000

4 posts

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware section on the ASUS Security Advisory for more information.

CVE-2025-59370
(0 None)

EPSS: 0.52%

updated 2025-11-25T22:16:16.690000

2 posts

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-12003
(0 None)

EPSS: 0.20%

updated 2025-11-25T22:16:16.690000

2 posts

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-58360
(8.2 HIGH)

EPSS: 7.96%

updated 2025-11-25T22:16:16.690000

3 posts

GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define extern

Nuclei template

2 repos

https://github.com/quyenheu/CVE-2025-58360

https://github.com/Ashwesker/Blackash-CVE-2025-58360

CVE-2025-33203
(7.6 HIGH)

EPSS: 0.03%

updated 2025-11-25T22:16:16.690000

1 posts

NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service.

CVE-2025-12816
(8.6 HIGH)

EPSS: 0.06%

updated 2025-11-25T22:16:16.690000

1 posts

An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.

CVE-2025-64064
(8.8 HIGH)

EPSS: 0.03%

updated 2025-11-25T21:32:13

1 posts

Primakon Pi Portal 1.0.18 /api/v2/pp_users endpoint fails to adequately check user permissions before processing a PATCH request to modify the PP_SECURITY_PROFILE_ID. Because of weak access controls any low level user can use this API and change their permission to Administrator by using PP_SECURITY_PROFILE_ID=2 inside body of request and escalate privileges.

CVE-2025-33187
(9.4 CRITICAL)

EPSS: 0.01%

updated 2025-11-25T18:32:29

3 posts

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of privileges.

CVE-2025-33205
(7.3 HIGH)

EPSS: 0.01%

updated 2025-11-25T18:32:29

1 posts

NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution.

CVE-2025-33204
(7.8 HIGH)

EPSS: 0.02%

updated 2025-11-25T18:32:29

1 posts

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

CVE-2025-59373(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-11-25T03:30:20

2 posts

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more information, please refer to section Security Update for MyAsus in the ASUS Security Advisory.

CVE-2025-9900
(8.8 HIGH)

EPSS: 0.03%

updated 2025-11-24T21:30:58

1 posts

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a deni

CVE-2025-7425
(7.8 HIGH)

EPSS: 0.04%

updated 2025-11-22T03:31:17

1 posts

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

CVE-2025-61757
(9.8 CRITICAL)

EPSS: 60.96%

updated 2025-11-21T21:30:16

1 posts

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager. CVSS 3.1 Base

Nuclei template

2 repos

https://github.com/Jinxia62/Oracle-Identity-Manager-CVE-2025-61757

https://github.com/Ashwesker/Blackash-CVE-2025-61757

CVE-2025-11001
(7.0 None)

EPSS: 0.38%

updated 2025-11-20T00:31:21

3 posts

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Craf

6 repos

https://github.com/mbanyamer/CVE-2025-11001---7-Zip

https://github.com/shalevo13/Se7enSlip

https://github.com/pacbypass/CVE-2025-11001

https://github.com/ranasen-rat/CVE-2025-11001

https://github.com/lastvocher/7zip-CVE-2025-11001

https://github.com/Ashwesker/Blackash-CVE-2025-11001

CVE-2025-37899
(7.8 HIGH)

EPSS: 0.01%

updated 2025-11-19T15:32:29

1 posts

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user.

2 repos

https://github.com/SeanHeelan/o3_finds_cve-2025-37899

https://github.com/vett3x/SMB-LINUX-CVE-2025-37899

CVE-2025-48593
(8.0 HIGH)

EPSS: 0.03%

updated 2025-11-18T12:31:19

1 posts

In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

6 repos

https://github.com/zhuowei/blueshrimp

https://github.com/Ashwesker/Blackash-CVE-2025-48593

https://github.com/skolepc/CVE-2025-48593

https://github.com/ranasen-rat/CVE-2025-48593

https://github.com/logesh-GIT001/CVE-2025-48593

https://github.com/letchupkt/CVE-2025-48593

CVE-2025-46817
(7.0 HIGH)

EPSS: 26.29%

updated 2025-11-12T11:34:13.390000

1 posts

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.

Nuclei template

2 repos

https://github.com/dwisiswant0/CVE-2025-46817

https://github.com/slayerkkkk/CVE-2025-46817-PoC

CVE-2025-59287
(9.8 CRITICAL)

EPSS: 64.04%

updated 2025-11-11T15:32:22

1 posts

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Nuclei template

22 repos

https://github.com/mrk336/Breaking-the-Update-Chain-Inside-CVE-2025-59287-and-the-WSUS-RCE-Threat

https://github.com/keeganparr1/CVE-2025-59287-hawktrace

https://github.com/jiansiting/CVE-2025-59287

https://github.com/RadzaRr/WSUSResponder

https://github.com/Twodimensionalitylevelcrossing817/CVE-2025-59287

https://github.com/QurtiDev/WSUS-CVE-2025-59287-RCE

https://github.com/dexterm300/cve-2025-59287-exploit-poc

https://github.com/FurkanKAYAPINAR/CVE-2025-59287

https://github.com/garvitv14/CVE-2025-59287

https://github.com/fsanzmoya/wsus_CVE-2025-59287

https://github.com/N3k0t-dev/PoC-CVE-collection

https://github.com/M507/CVE-2025-59287-PoC

https://github.com/mrmtwoj/WSUS-Patch-Level-Scanner-A-Lightweight-Tool-for-Detecting-Vulnerable-Microsoft-WSUS-Deployments

https://github.com/Adel-kaka-dz/cve-2025-59287

https://github.com/esteban11121/WSUS-RCE-Mitigation-59287

https://github.com/AdityaBhatt3010/CVE-2025-59287-When-your-patch-server-becomes-the-attack-vector

https://github.com/0x7556/CVE-2025-59287

https://github.com/0xBruno/WSUSploit.NET

https://github.com/Lupovis/Honeypot-for-CVE-2025-59287-WSUS

https://github.com/mubix/Find-WSUS

https://github.com/th1n0/CVE-2025-59287

https://github.com/tecxx/CVE-2025-59287-WSUS

CVE-2024-9680
(9.8 CRITICAL)

EPSS: 24.62%

updated 2025-11-04T00:31:33

1 posts

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, and Firefox ESR < 115.16.1.

2 repos

https://github.com/PraiseImafidon/Version_Vulnerability_Scanner

https://github.com/tdonaworth/Firefox-CVE-2024-9680

CVE-2023-44487
(5.3 MEDIUM)

EPSS: 94.50%

updated 2025-10-22T19:24:09

1 posts

## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the

19 repos

https://github.com/imabee101/CVE-2023-44487

https://github.com/pabloec20/rapidreset

https://github.com/bcdannyboy/CVE-2023-44487

https://github.com/nxenon/cve-2023-44487

https://github.com/BMG-Black-Magic/CVE-2023-44487

https://github.com/ByteHackr/CVE-2023-44487

https://github.com/studiogangster/CVE-2023-44487

https://github.com/madhusudhan-in/CVE_2023_44487-Rapid_Reset

https://github.com/zanks08/cve-2023-44487-demo

https://github.com/ReToCode/golang-CVE-2023-44487

https://github.com/moften/CVE-2023-44487-HTTP-2-Rapid-Reset-Attack

https://github.com/gmh5225/CVE_2023_44487-Rapid_Reset

https://github.com/sigridou/CVE-2023-44487-

https://github.com/secengjeff/rapidresetclient

https://github.com/TYuan0816/cve-2023-44487

https://github.com/ndrscodes/http2-rst-stream-attacker

https://github.com/sn130hk/CVE-2023-44487

https://github.com/threatlabindonesia/CVE-2023-44487-HTTP-2-Rapid-Reset-Exploit-PoC

https://github.com/aulauniversal/CVE-2023-44487

CVE-2023-29357
(9.8 CRITICAL)

EPSS: 94.36%

updated 2025-10-22T00:33:51

1 posts

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Nuclei template

7 repos

https://github.com/AhmedMansour93/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357

https://github.com/LuemmelSec/CVE-2023-29357

https://github.com/Guillaume-Risch/cve-2023-29357-Sharepoint

https://github.com/KeyStrOke95/CVE-2023-29357-ExE

https://github.com/DeividasTerechovas/SOC227-Microsoft-SharePoint-Server-Elevation-of-Privilege-Possible-CVE-2023-29357-Exploitation

https://github.com/Jev1337/CVE-2023-29357-Check

https://github.com/Chocapikk/CVE-2023-29357

CVE-2025-59821
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-09-23T19:13:36

1 posts

# Summary A reflected cross-site scripting (XSS) vulnerability exists under certain conditions, using a specially crafter url to view a user profile # Description DNN’s URL/path handling and template rendering can allow specially crafted input to be reflected into a user profile that are returned to the browser. In these cases, the application does not sufficiently neutralize or encode characters

CVE-2023-48733
(6.7 MEDIUM)

EPSS: 0.01%

updated 2025-05-08T18:31:34

1 posts

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.

CVE-2021-32682
(9.8 CRITICAL)

EPSS: 93.47%

updated 2023-01-29T05:02:39

1 posts

### Impact We recently fixed several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with the minimal configuration. ### Patches The issues were addressed in our last release, 2.1.59. ### Workarounds If you can't update to 2.1.59, make sure your connector is not

Nuclei template

CVE-2022-31806
(9.8 CRITICAL)

EPSS: 0.30%

updated 2023-01-27T05:04:35

1 posts

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller.

CVE-2022-22515
(8.1 HIGH)

EPSS: 0.08%

updated 2023-01-27T05:01:23

1 posts

A remote, unauthenticated attacker could utilize the control programmer of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.

CVE-2025-13086
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-64344
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-64332
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-64331
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-66270
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-64334
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-64333
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-13084
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-66022
(0 None)

EPSS: 0.18%

2 posts

N/A

1 repos

https://github.com/wasfyelbaz/CVE-2025-66022

CVE-2025-9558
(0 None)

EPSS: 0.01%

1 posts

N/A

CVE-2025-66025
(0 None)

EPSS: 0.03%

1 posts

N/A

CVE-2025-65957
(0 None)

EPSS: 0.04%

1 posts

N/A