CVE-2025-13836(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-01T21:31:28

1 posts

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

CVE-2024-56089
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T21:31:28

1 posts

An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack.

CVE-2025-2879
(5.1 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T21:31:28

1 posts

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architectu

CVE-2025-12106
(9.1 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T21:31:27

2 posts

Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses

CVE-2025-13757
(8.8 HIGH)

EPSS: 0.02%

updated 2025-12-01T21:31:27

1 posts

SQL Injection vulnerability in last usage logs in Devolutions Server.This issue affects Devolutions Server: through 2025.2.20, through 2025.3.8.

CVE-2025-66372
(2.8 LOW)

EPSS: 0.01%

updated 2025-12-01T20:46:22

1 posts

Mustang before 2.16.3 allows exfiltrating files via XXE attacks.

CVE-2025-65408
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T20:15:56.923000

3 posts

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.

CVE-2025-65406
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T20:15:56.120000

3 posts

A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file.

CVE-2025-65405
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T20:15:55.560000

2 posts

A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.

CVE-2025-65404
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T20:15:55.403000

2 posts

A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.

CVE-2025-65403
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T20:15:55.257000

2 posts

A buffer overflow in the g_cfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2025-13765
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T20:15:50.343000

1 posts

Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.

CVE-2025-13758
(3.5 LOW)

EPSS: 0.02%

updated 2025-12-01T20:15:50.103000

1 posts

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.

CVE-2025-63533
(8.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T19:15:52.080000

1 posts

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the rname, remail, rpassword, rphone, rcity parameters, which are then executed in the v

CVE-2025-63532
(9.6 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T19:15:51.927000

1 posts

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

CVE-2025-34297
(0 None)

EPSS: 0.00%

updated 2025-12-01T19:15:50.420000

2 posts

KissFFT versions prior to the fix commit 1b083165 contain an integer overflow in kiss_fft_alloc() in kiss_fft.c on platforms where size_t is 32-bit. The nfft parameter is not validated before being used in a size calculation (sizeof(kiss_fft_cpx) * (nfft - 1)), which can wrap to a small value when nfft is large. As a result, malloc() allocates an undersized buffer and the subsequent twiddle-factor

CVE-2025-13837
(0 None)

EPSS: 0.00%

updated 2025-12-01T19:15:49.920000

1 posts

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

CVE-2025-13792
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T19:15:49.523000

1 posts

A security flaw has been discovered in Qualitor up to 8.20.104/8.24.97. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. Upgrading to version 8.20

CVE-2025-58408
(5.9 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T18:31:39

1 posts

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in which the reference counts can become unbalanced. This can lead to the premature destruction of a resourc

CVE-2025-35028
(9.1 CRITICAL)

EPSS: 0.03%

updated 2025-12-01T18:31:39

2 posts

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There is no attempt to sanitize these arguments in the default configuration of this MCP server at the affec

CVE-2025-13835
(6.5 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T18:30:46

1 posts

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tyche Softwares Arconix Shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through 2.1.19.

CVE-2025-65794(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-01T18:30:46

1 posts

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2025-65793(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-01T18:30:45

1 posts

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2025-63535
(9.6 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T18:30:45

1 posts

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The application fails to properly sanitize usersupplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

CVE-2025-23417
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:45

1 posts

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2024-49572
(7.2 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:45

1 posts

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2025-63534
(8.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and error parameters, which are then executed in the victim's browser when the page is viewed.

CVE-2024-53684
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:44

1 posts

A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability.

CVE-2024-45370
(7.3 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:38

1 posts

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability.

CVE-2024-48882
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T18:30:37

1 posts

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2025-6349
(5.1 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T18:16:05.570000

1 posts

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

2 repos

https://github.com/xryptoh/CVE-2025-63498

https://github.com/xryptoh/CVE-2025-63499

CVE-2025-13653
(4.3 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T18:16:02.707000

1 posts

In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges.

CVE-2025-7007
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-01T17:15:50.733000

3 posts

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3.

CVE-2025-26858
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T17:15:49.157000

1 posts

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.

CVE-2025-20085
(7.2 HIGH)

EPSS: 0.00%

updated 2025-12-01T17:15:48.923000

1 posts

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

CVE-2024-48894
(5.9 MEDIUM)

EPSS: 0.00%

updated 2025-12-01T17:15:48.217000

1 posts

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

CVE-2025-8351
(9.0 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T16:15:57.857000

2 posts

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.

CVE-2025-55222
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T16:15:54.620000

1 posts

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus RTU over TCP on port 503.

CVE-2025-55221
(8.6 HIGH)

EPSS: 0.00%

updated 2025-12-01T16:15:54.443000

1 posts

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus TCP over port 502.

CVE-2025-3500
(9.0 CRITICAL)

EPSS: 0.00%

updated 2025-12-01T16:15:53.023000

3 posts

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

1 repos

https://github.com/chicken3962/CVE-2025-3500-Poc

CVE-2025-10101
(8.1 HIGH)

EPSS: 0.00%

updated 2025-12-01T16:15:50.690000

2 posts

Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025.

CVE-2025-66219(CVSS UNKNOWN)

EPSS: 0.53%

updated 2025-12-01T16:06:58

1 posts

willitmerge describes itself as a command line tool to check if pull requests are mergeable. There is a Command Injection vulnerability in version `willitmerge@0.2.1`. Resources: * Project's GitHub source code: https://github.com/shama/willitmerge/ * Project's npm package: https://www.npmjs.com/package/willitmerge ## Background on exploitation Reporting a Command Injection vulnerability in `

CVE-2025-59789
(7.5 HIGH)

EPSS: 0.06%

updated 2025-12-01T15:39:33.110000

2 posts

Uncontrolled recursion in the json2pb component in Apache bRPC (version < 1.15.0) on all platforms allows remote attackers to make the server crash via sending deep recursive json data. Root Cause: The bRPC json2pb component uses rapidjson to parse json data from the network. The rapidjson parser uses a recursive parsing method by default. If the input json has a large depth of recursive structur

CVE-2025-13296
(5.4 MEDIUM)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

Cross-Site Request Forgery (CSRF) vulnerability in Tekrom Technology Inc. T-Soft E-Commerce allows Cross Site Request Forgery.This issue affects T-Soft E-Commerce: through 28112025.

CVE-2025-8045
(4.0 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T15:39:33.110000

1 posts

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

CVE-2025-41070
(0 None)

EPSS: 0.05%

updated 2025-12-01T15:39:33.110000

1 posts

Reflected Cross-site Scripting (XSS) vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetes_varies.php'. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

CVE-2025-41700
(7.8 HIGH)

EPSS: 0.02%

updated 2025-12-01T15:39:33.110000

1 posts

An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.

CVE-2025-61619
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61617
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61609
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-3012
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61607
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T15:39:33.110000

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-13807
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineKeyController.java of the component API. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be

CVE-2025-13806
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation of the argument from/to/wei leads to improper authorization. Remote exploitation of the attack is poss

CVE-2025-64772
(7.8 HIGH)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

2 posts

The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

CVE-2025-13799
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function ap_macfilter_del of the file /send_order.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond

CVE-2025-13796
(6.3 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

A security vulnerability has been detected in deco-cx apps up to 0.120.1. Affected by this vulnerability is the function AnalyticsScript of the file website/loaders/analyticsScript.ts of the component Parameter Handler. Such manipulation of the argument url leads to server-side request forgery. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Upgrading

1 repos

https://github.com/0xcucumbersalad/CVE-2025-13796-PoC

CVE-2025-13795
(2.4 LOW)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the public and

CVE-2025-13791
(6.3 MEDIUM)

EPSS: 0.05%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respo

CVE-2025-13787
(5.4 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack remotely. Upgrading to version 21.7.7 is sufficient to fix this issue. You should upgrade the affected comp

CVE-2025-13784
(2.4 LOW)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted ear

CVE-2025-13782
(7.3 HIGH)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.class.php of the component SlideController. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be use

CVE-2025-66422
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

CVE-2025-66424
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for data export. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

CVE-2025-66420
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Tryton sao (aka tryton-sao) before 7.6.9 allows XSS via an HTML attachment. This is fixed in 7.6.9, 7.4.19, 7.0.38, and 6.0.67.

CVE-2025-66421
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Tryton sao (aka tryton-sao) before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69.

CVE-2025-6666
(2.0 LOW)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

A vulnerability was determined in motogadget mo.lock Ignition Lock up to 20251125. Affected by this vulnerability is an unknown functionality of the component NFC Handler. Executing manipulation can lead to use of hard-coded cryptographic key . The physical device can be targeted for the attack. A high complexity level is associated with this attack. The exploitation appears to be difficult. The

1 repos

https://github.com/anderruiz/CVE-2025-666666

CVE-2025-66289
(0 None)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

2 posts

OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application does not invalidate existing sessions when a user is disabled or when a password change occurs, allowing active session cookies to remain valid indefinitely. As a result, a disabled user, or an attacker using a compromised account, can continue to access protected pages and perform operati

CVE-2025-66225
(0 None)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

2 posts

OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the password reset workflow does not enforce that the username submitted in the final reset request matches the account for which the reset process was originally initiated. After obtaining a valid reset link for any account they can receive email for, an attacker can alter the username parameter in the f

CVE-2025-66224
(0 None)

EPSS: 0.07%

updated 2025-12-01T15:39:33.110000

2 posts

OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application contains an input-neutralization flaw in its mail configuration and delivery workflow that allows user-controlled values to flow directly into the system’s sendmail command. Because these values are not sanitized or constrained before being incorporated into the command execution path, cer

CVE-2025-66223
(0 None)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

2 posts

OpenObserve is a cloud-native observability platform. Prior to version 0.16.0, organization invitation tokens do not expire once issued, remain valid even after the invited user is removed from the organization, and allow multiple invitations to the same email with different roles where all issued links remain valid simultaneously. This results in broken access control where a removed or demoted u

CVE-2025-66217
(0 None)

EPSS: 0.31%

updated 2025-12-01T15:39:33.110000

1 posts

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Length field. This leads to an immediate Denial of Service (DoS) and, when used as a library, severe Memory

CVE-2025-66221
(0 None)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safe_join function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory. send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the applica

CVE-2025-53900
(6.5 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T15:39:33.110000

1 posts

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, an unfavourable definition of roles and permissions in Kiteworks MFT on managing Connections could lead to unexpected escalation of privileges for authorized users. This issue has been patched in version 9.1.0.

CVE-2025-53897
(6.8 MEDIUM)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has been patched in version 9.1.0.

CVE-2025-13683
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.

CVE-2025-59792
(5.3 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T15:39:33.110000

1 posts

Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

CVE-2025-51735
(7.5 HIGH)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-51734
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-51733
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-11156
(0 None)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash (Blue-Screen-of-Death) and resulting in a Denial of Service (DoS) for the affected machine.

CVE-2025-66384
(8.2 HIGH)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

2 posts

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmp_name.

CVE-2025-66386
(4.1 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.

CVE-2025-66371
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Peppol-py before 1.1.1 allows XXE attacks because of the Saxon configuration. When validating XML-based invoices, the XML parser could read files from the filesystem and expose their content to a remote host.

CVE-2025-13737
(4.3 MEDIUM)

EPSS: 0.01%

updated 2025-12-01T15:39:33.110000

1 posts

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink the user's social login via a forged request granted they can trick a site administrator into performing

CVE-2025-66361
(0 None)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.

CVE-2025-66359
(8.5 HIGH)

EPSS: 0.05%

updated 2025-12-01T15:39:33.110000

2 posts

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.

CVE-2025-59302
(4.7 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T15:39:33.110000

1 posts

In Apache CloudStack improper control of generation of code ('Code Injection') vulnerability is found in the following APIs which are accessible only to admins. * quotaTariffCreate * quotaTariffUpdate * createSecondaryStorageSelector * updateSecondaryStorageSelector * updateHost * updateStorage This issue affects Apache CloudStack: from 4.18.0 before 4.20.2, from 4.21.0 befor

1 repos

https://github.com/B1gh0rnn/CVE-2025-59302

CVE-2025-54057
(6.1 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: <= 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue.

CVE-2025-10476
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpfc_db_fix_callback() function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to initiate several database fix actions. This only affects sites with premium activated.

CVE-2025-30186
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

Malicious content uploaded as file can be used to execute script code when following attacker-controlled links. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

CVE-2025-12584
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T15:39:33.110000

1 posts

The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqv_popup_content' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers to extract data from private products that they should not have access to.

CVE-2025-13441
(5.3 MEDIUM)

EPSS: 0.05%

updated 2025-12-01T15:39:33.110000

1 posts

The Hide Category by User Role for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.1. This is due to a missing capability check on the admin_init hook that executes wp_cache_flush(). This makes it possible for unauthenticated attackers to flush the site's object cache via forged requests, potentially degrading site performance.

CVE-2025-13798
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T15:31:25

1 posts

A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function ap_macfilter_add of the file /send_order.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-65540
(6.1 MEDIUM)

EPSS: 0.02%

updated 2025-12-01T15:31:25

1 posts

Multiple Cross-Site Scripting (XSS) vulnerabilities exist in xmall v1.1 due to improper handling of user-supplied data. User input fields such as username and description are directly rendered into HTML without proper sanitization or encoding, allowing attackers to inject and execute malicious scripts.

CVE-2025-65892
(6.1 MEDIUM)

EPSS: 0.06%

updated 2025-12-01T15:31:24

1 posts

Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled.

CVE-2025-13797
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T15:30:17

1 posts

A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swifimac results in command injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respon

CVE-2021-26829
(5.4 MEDIUM)

EPSS: 52.13%

updated 2025-12-01T15:23:18.697000

6 posts

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.

CVE-2025-13770
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T14:38:59.533000

1 posts

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

CVE-2025-13771
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-12-01T14:23:55.363000

1 posts

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

CVE-2025-41739
(5.9 MEDIUM)

EPSS: 0.08%

updated 2025-12-01T12:30:34

1 posts

An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service.

CVE-2025-41738
(7.5 HIGH)

EPSS: 0.08%

updated 2025-12-01T12:30:33

1 posts

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.

CVE-2025-61618
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:38

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61610
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:38

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61608
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:38

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-13814
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T09:30:38

1 posts

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not r

CVE-2025-11133
(7.5 HIGH)

EPSS: 0.21%

updated 2025-12-01T09:30:38

1 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-13808
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T06:30:36

1 posts

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability is the function update of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/UserController.java of the component User Profile Handler. This manipulation of the argument ID causes improper authorization. The attack is possible to be carried out remot

CVE-2025-13805
(3.7 LOW)

EPSS: 0.03%

updated 2025-12-01T06:30:36

1 posts

A weakness has been identified in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This affects the function getInputStream of the file nutzcloud/nutzcloud-literpc/src/main/java/org/nutz/boot/starter/literpc/impl/endpoint/http/HttpServletRpcEndpoint.java of the component LiteRpc-Serializer. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized b

CVE-2025-13804
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T06:30:25

1 posts

A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler. Performing manipulation results in information disclosure. The attack may be initiated remotely. The exploi

CVE-2025-13803
(7.3 HIGH)

EPSS: 0.04%

updated 2025-12-01T03:30:32

1 posts

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be launched remotely.

CVE-2025-13800
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-01T03:30:32

1 posts

A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the file /send_order.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13802
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-01T03:30:32

1 posts

A vulnerability was determined in jairiidriss RestaurantWebsite up to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654. Impacted is an unknown function of the component Make a Reservation. This manipulation of the argument selected_date causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases i

CVE-2025-13793
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T18:30:18

1 posts

A weakness has been identified in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some unknown functionality of the file /includes/header_menu.php of the component GET Parameter Handler. Executing manipulation of the argument Error can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to

CVE-2025-13790
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-11-30T15:30:28

1 posts

A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13789
(6.3 MEDIUM)

EPSS: 0.04%

updated 2025-11-30T15:30:28

1 posts

A vulnerability was found in ZenTao up to 21.7.6-8564. This affects the function makeRequest of the file module/ai/model.php. The manipulation of the argument Base results in server-side request forgery. The attack can be launched remotely. The exploit has been made public and could be used. Upgrading to version 21.7.6 mitigates this issue. It is suggested to upgrade the affected component.

CVE-2025-13788
(7.3 HIGH)

EPSS: 0.03%

updated 2025-11-30T15:30:28

1 posts

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13786
(7.3 HIGH)

EPSS: 0.05%

updated 2025-11-30T09:30:19

1 posts

A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no

CVE-2025-13785
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T09:30:19

1 posts

A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5. This issue affects some unknown processing of the file /user/profile of the component Image Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosur

CVE-2025-13783
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T06:32:09

1 posts

A security flaw has been discovered in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of the file application/Comment/Controller/CommentadminController.class.php of the component CommentadminController. The manipulation of the argument ids results in sql injection. The attack can be executed remotely. The exploit has been released to the

CVE-2025-66433
(4.2 MEDIUM)

EPSS: 0.01%

updated 2025-11-30T06:32:09

1 posts

HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3.

CVE-2025-66432
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-11-30T06:32:09

1 posts

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date.

CVE-2025-13615
(9.8 CRITICAL)

EPSS: 0.11%

updated 2025-11-30T03:30:32

2 posts

The StreamTube Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 4.78. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. Note: T

1 repos

https://github.com/blossombutt4063/CVE-2025-13615

CVE-2025-66423
(7.1 HIGH)

EPSS: 0.03%

updated 2025-11-30T03:30:27

1 posts

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

CVE-2025-12421
(9.9 CRITICAL)

EPSS: 0.07%

updated 2025-11-28T23:11:55.537000

3 posts

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-

CVE-2025-58310
(8.0 HIGH)

EPSS: 0.01%

updated 2025-11-28T23:11:55.537000

1 posts

Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58303
(8.4 HIGH)

EPSS: 0.01%

updated 2025-11-28T23:11:55.537000

1 posts

UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-64312
(4.9 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T23:11:55.537000

1 posts

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58304
(4.9 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T23:11:55.537000

1 posts

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-51736
(6.3 MEDIUM)

EPSS: 0.04%

updated 2025-11-28T18:31:28

1 posts

File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2025-13742(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T18:31:27

1 posts

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an email template, it will be replaced with the buyer's name for the final email. If the name of the attendee contained HTML or Markdown formatting, this was rendered as HTML in the resulting email. This way, a user could inject links or other formatted text through a maliciou

CVE-2025-12183(CVSS UNKNOWN)

EPSS: 0.15%

updated 2025-11-28T18:30:32

2 posts

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.

CVE-2025-59790
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T18:30:24

1 posts

Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

CVE-2025-59454
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T18:30:23

1 posts

In Apache CloudStack, a gap in access control checks affected the APIs - createNetworkACL - listNetworkACLs - listResourceDetails - listVirtualMachinesUsageHistory - listVolumesUsageHistory While these APIs were accessible only to authorized users, insufficient permission validation meant that users could occasionally access information beyond their intended scope. Users are recommended to up

CVE-2025-33187
(9.3 CRITICAL)

EPSS: 0.01%

updated 2025-11-28T15:30:47.670000

1 posts

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of privileges.

CVE-2025-12638
(8.0 HIGH)

EPSS: 0.03%

updated 2025-11-28T15:30:36

2 posts

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a

CVE-2025-12143
(6.1 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T12:30:28

1 posts

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.

CVE-2025-66385(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T09:30:22

2 posts

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a higher role such as admin) via the user-edit endpoint by supplying or modifying role_id or organisation_id fields in the edit request.

CVE-2025-13769
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T09:30:22

1 posts

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

CVE-2025-13768
(7.5 HIGH)

EPSS: 0.15%

updated 2025-11-28T09:30:18

1 posts

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.

CVE-2025-66382
(2.9 LOW)

EPSS: 0.01%

updated 2025-11-28T09:30:17

1 posts

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

CVE-2025-58308
(7.3 HIGH)

EPSS: 0.01%

updated 2025-11-28T06:32:10

1 posts

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2025-58305
(6.2 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T06:32:10

1 posts

Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58302
(8.4 HIGH)

EPSS: 0.01%

updated 2025-11-28T06:32:09

2 posts

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-66370
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-11-28T06:32:07

1 posts

Kivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD format, it is possible to read and exfiltrate files from the server's filesystem.

CVE-2025-58311
(5.8 MEDIUM)

EPSS: 0.01%

updated 2025-11-28T06:32:06

1 posts

UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2025-64314
(9.4 CRITICAL)

EPSS: 0.01%

updated 2025-11-28T03:30:33

2 posts

Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2025-13338(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-11-28T00:30:32

1 posts

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-66360(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-11-28T00:30:28

1 posts

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

CVE-2025-3261(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-11-27T18:30:34

1 posts

ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any pa

CVE-2025-12419
(10.0 CRITICAL)

EPSS: 0.07%

updated 2025-11-27T18:30:26

3 posts

Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via manipulation of authentication data during the OAuth completion flow. This requires email verification to be disabled (de

CVE-2025-12559
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T18:30:26

2 posts

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint

CVE-2025-12140(CVSS UNKNOWN)

EPSS: 0.08%

updated 2025-11-27T15:31:32

2 posts

The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the value of the 'redirectUrlParameter' parameter. The application interprets the entered string of characters as a Java expression, allowing an unauthenticated attacer to perform arbitrary code execution. This issue was fixed in version wu#2016.1.5513#0#20251014_113353

CVE-2025-8890(CVSS UNKNOWN)

EPSS: 0.34%

updated 2025-11-27T15:31:32

2 posts

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.

CVE-2025-13692
(7.2 HIGH)

EPSS: 0.10%

updated 2025-11-27T15:31:32

1 posts

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. A form with a file uplo

CVE-2025-12971
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T15:31:32

1 posts

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured capability check on the 'wcp_change_post_folder' function in all versions up to, and including, 3.1.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to move arbitrar

CVE-2025-59890
(7.3 HIGH)

EPSS: 0.01%

updated 2025-11-27T12:30:35

1 posts

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is available on the Eaton download center.

CVE-2025-59026
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:34

1 posts

Malicious content uploaded as file can be used to execute script code when following attacker-controlled links. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

CVE-2025-59025
(6.1 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:34

1 posts

Malicious e-mail content can be used to execute script code. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Sanitization has been updated to avoid such bypasses. No publicly available exploits are known

CVE-2025-13378
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-11-27T12:30:34

1 posts

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.0 via the ays_chatgpt_pinecone_upsert function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from

CVE-2025-30190
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-11-27T12:30:29

1 posts

Malicious content at office documents can be used to inject script code when editing a document. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

CVE-2025-13381
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-11-27T12:30:28

1 posts

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'ays_chatgpt_save_wp_media' function in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to upload media files.

CVE-2025-13536
(8.8 HIGH)

EPSS: 0.22%

updated 2025-11-27T09:30:26

2 posts

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. This is due to the plugin validating file extensions but not halting execution when validation fails in the 'powerpress_edit_post' function. This makes it possible for authenticated attackers, with Contributor-level access and a

CVE-2025-58360
(8.2 HIGH)

EPSS: 10.15%

updated 2025-11-27T08:59:11

1 posts

## Description An XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint ``/geoserver/wms`` operation ``GetMap``. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. An XML External Entity attack is a type of attack that occurs when XML input contai

Nuclei template

2 repos

https://github.com/quyenheu/CVE-2025-58360

https://github.com/Ashwesker/Blackash-CVE-2025-58360

CVE-2025-13525
(6.1 MEDIUM)

EPSS: 0.09%

updated 2025-11-27T06:31:33

1 posts

The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'order_by' parameter in all versions up to, and including, 1.4.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such a

CVE-2025-41115
(10.0 CRITICAL)

EPSS: 0.02%

updated 2025-11-25T22:16:42.557000

1 posts

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric ext

1 repos

https://github.com/Ashwesker/Blackash-CVE-2025-41115

CVE-2025-59371
(0 None)

EPSS: 0.18%

updated 2025-11-25T22:16:16.690000

1 posts

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59368
(0 None)

EPSS: 0.04%

updated 2025-11-25T22:16:16.690000

1 posts

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-12003
(0 None)

EPSS: 0.26%

updated 2025-11-25T22:16:16.690000

1 posts

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59372
(0 None)

EPSS: 0.20%

updated 2025-11-25T22:16:16.690000

1 posts

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59369(CVSS UNKNOWN)

EPSS: 0.13%

updated 2025-11-25T09:31:31

1 posts

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59366(CVSS UNKNOWN)

EPSS: 0.12%

updated 2025-11-25T09:31:31

1 posts

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware section on the ASUS Security Advisory for more information.

CVE-2025-59365(CVSS UNKNOWN)

EPSS: 0.05%

updated 2025-11-25T09:31:31

1 posts

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-59370(CVSS UNKNOWN)

EPSS: 0.73%

updated 2025-11-25T09:31:30

1 posts

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVE-2025-7425
(7.8 HIGH)

EPSS: 0.04%

updated 2025-11-22T03:15:48.857000

1 posts

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

CVE-2023-7304
(0 None)

EPSS: 3.26%

updated 2025-11-21T17:15:49.873000

1 posts

Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmc_sync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the host. Successful exploitation can yield full control of the application process and may lead to syste

CVE-2025-60709
(7.8 HIGH)

EPSS: 0.05%

updated 2025-11-17T17:43:21.477000

2 posts

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-59287
(9.8 CRITICAL)

EPSS: 60.32%

updated 2025-11-12T14:33:19.727000

1 posts

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Nuclei template

22 repos

https://github.com/Lupovis/Honeypot-for-CVE-2025-59287-WSUS

https://github.com/0x7556/CVE-2025-59287

https://github.com/QurtiDev/WSUS-CVE-2025-59287-RCE

https://github.com/mubix/Find-WSUS

https://github.com/tecxx/CVE-2025-59287-WSUS

https://github.com/keeganparr1/CVE-2025-59287-hawktrace

https://github.com/FurkanKAYAPINAR/CVE-2025-59287

https://github.com/Twodimensionalitylevelcrossing817/CVE-2025-59287

https://github.com/0xBruno/WSUSploit.NET

https://github.com/garvitv14/CVE-2025-59287

https://github.com/fsanzmoya/wsus_CVE-2025-59287

https://github.com/th1n0/CVE-2025-59287

https://github.com/RadzaRr/WSUSResponder

https://github.com/esteban11121/WSUS-RCE-Mitigation-59287

https://github.com/Adel-kaka-dz/cve-2025-59287

https://github.com/mrmtwoj/WSUS-Patch-Level-Scanner-A-Lightweight-Tool-for-Detecting-Vulnerable-Microsoft-WSUS-Deployments

https://github.com/M507/CVE-2025-59287-PoC

https://github.com/jiansiting/CVE-2025-59287

https://github.com/dexterm300/cve-2025-59287-exploit-poc

https://github.com/mrk336/Breaking-the-Update-Chain-Inside-CVE-2025-59287-and-the-WSUS-RCE-Threat

https://github.com/N3k0t-dev/PoC-CVE-collection

https://github.com/AdityaBhatt3010/CVE-2025-59287-When-your-patch-server-becomes-the-attack-vector

CVE-2019-1367
(7.5 HIGH)

EPSS: 89.26%

updated 2025-10-29T14:34:22.990000

1 posts

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221.

1 repos

https://github.com/mandarenmanman/CVE-2019-1367

CVE-2024-21413
(9.8 CRITICAL)

EPSS: 93.38%

updated 2025-10-28T14:36:10.643000

1 posts

Microsoft Outlook Remote Code Execution Vulnerability

23 repos

https://github.com/dshabani96/CVE-2024-21413

https://github.com/ShubhamKanhere307/CVE-2024-21413

https://github.com/X-Projetion/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit

https://github.com/Redfox-Security/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape

https://github.com/hau2212/Moniker-Link-CVE-2024-21413-

https://github.com/ahmetkarakayaoffical/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability

https://github.com/ThemeHackers/CVE-2024-21413

https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability

https://github.com/CMNatic/CVE-2024-21413

https://github.com/gurleen-147/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability-PoC

https://github.com/duy-31/CVE-2024-21413

https://github.com/olebris/CVE-2024-21413

https://github.com/MSeymenD/CVE-2024-21413

https://github.com/th3Hellion/CVE-2024-21413

https://github.com/PolarisXSec/CVE-2024-21413

https://github.com/r00tb1t/CVE-2024-21413-POC

https://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability

https://github.com/yass2400012/Email-exploit-Moniker-Link-CVE-2024-21413-

https://github.com/Cyber-Trambon/CVE-2024-21413-exploit

https://github.com/mmathivanan17/CVE-2024-21413

https://github.com/D1se0/CVE-2024-21413-Vulnerabilidad-Outlook-LAB

https://github.com/ArtemCyberLab/Project-NTLM-Hash-Capture-and-Phishing-Email-Exploitation-for-CVE-2024-21413

https://github.com/MQKGitHub/Moniker-Link-CVE-2024-21413

CVE-2025-6543
(9.8 CRITICAL)

EPSS: 2.04%

updated 2025-10-24T13:42:21.210000

1 posts

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

4 repos

https://github.com/grupooruss/Citrix-cve-2025-6543

https://github.com/fox-it/citrix-netscaler-triage

https://github.com/lex1010/CVE-2025-6543

https://github.com/abrewer251/CVE-2025-6543_CitrixNetScaler_PoC

CVE-2024-54085
(9.8 CRITICAL)

EPSS: 12.64%

updated 2025-10-22T00:33:14

1 posts

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

1 repos

https://github.com/Mr-Zapi/CVE-2024-54085

CVE-2025-59821
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-09-29T12:58:27.157000

1 posts

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.1.0, DNN’s URL/path handling and template rendering can allow specially crafted input to be reflected into a user profile that is returned to the browser. In these cases, the application does not sufficiently neutralize or encode characters that are meaningful in HTML,

CVE-2021-32682
(9.8 CRITICAL)

EPSS: 93.47%

updated 2024-11-21T06:07:31.390000

1 posts

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed wi

Nuclei template

CVE-2025-48633
(0 None)

EPSS: 0.00%

2 posts

N/A

CVE-2025-48572
(0 None)

EPSS: 0.00%

2 posts

N/A

CVE-2025-61260
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-66291
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-66290
(0 None)

EPSS: 0.03%

1 posts

N/A

CVE-2025-66216
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-66201
(0 None)

EPSS: 0.08%

2 posts

N/A

CVE-2025-65112
(0 None)

EPSS: 0.07%

1 posts

N/A

CVE-2025-53939
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-53899
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-53896
(0 None)

EPSS: 0.01%

1 posts

N/A

CVE-2025-58436
(0 None)

EPSS: 0.01%

1 posts

N/A

CVE-2025-13086
(0 None)

EPSS: 0.00%

1 posts

N/A