CVE-2025-68147
(8.1 HIGH)

EPSS: 0.03%

updated 2025-12-18T19:53:06.907000

1 posts

Open Source Point of Sale (opensourcepos) is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Stored Cross-Site Scripting (XSS) vulnerability exists in the "Return Policy" configuration field. The application does not properly sanitize user input before saving it to the database or displaying it on receipts. A

1 repos

https://github.com/Nixon-H/CVE-2025-68147-OSPOS-Stored-XSS

CVE-2025-67074
(6.5 MEDIUM)

EPSS: 0.07%

updated 2025-12-18T19:16:34.560000

1 posts

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `serverName`) to /goform/AdvSetMacMtuWan.

CVE-2025-65568
(0 None)

EPSS: 0.00%

updated 2025-12-18T19:16:34.300000

1 posts

A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During parsing, parseFAR() calls ip2int(), which performs an out-of-bounds read on the IPv4 address buffer and tr

CVE-2025-65565
(0 None)

EPSS: 0.00%

updated 2025-12-18T19:16:34.080000

1 posts

A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID (CPF-SEID) Information Element is not properly validated. The session establishment handler calls IE.FSEID() on a nil pointer, which triggers a panic and termin

CVE-2025-14879
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-12-18T19:16:22.227000

3 posts

A weakness has been identified in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/onSSIDChange of the component HTTP Request Handler. This manipulation of the argument ssid_index causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.

CVE-2025-14739
(0 None)

EPSS: 0.00%

updated 2025-12-18T19:16:21.680000

2 posts

Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.

CVE-2023-53933
(8.8 HIGH)

EPSS: 0.24%

updated 2025-12-18T19:16:20.433000

1 posts

Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server.

CVE-2025-37164
(10.0 CRITICAL)

EPSS: 0.25%

updated 2025-12-18T18:31:33

1 posts

A remote code execution issue exists in HPE OneView.

1 repos

https://github.com/rxerium/CVE-2025-37164

CVE-2025-63390(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-18T18:30:37

2 posts

An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed data includes: workspace identifiers (id, name, slug), AI model configurations (chatProvider, chatModel

CVE-2025-63389(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-18T18:30:37

2 posts

A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations.

CVE-2025-64236
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-12-18T18:30:37

1 posts

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6.

CVE-2025-14896
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-18T18:30:37

1 posts

due to insufficient sanitazation in Vega’s `convert()` function when `safeMode` is enabled and the spec variable is an array. An attacker can craft a malicious Vega diagram specification that will allow them to send requests to any URL, including local file system paths, leading to exposure of sensitive information.

CVE-2025-63391
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-18T18:15:45.587000

2 posts

An authentication bypass vulnerability exists in Open-WebUI <=0.6.32 in the /api/config endpoint. The endpoint lacks proper authentication and authorization controls, exposing sensitive system configuration data to unauthenticated remote attackers.

CVE-2025-14738
(0 None)

EPSS: 0.00%

updated 2025-12-18T18:15:45.193000

2 posts

Improper authentication vulnerability in TP-Link WA850RE (httpd modules) allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922.

CVE-2025-14737
(0 None)

EPSS: 0.00%

updated 2025-12-18T18:15:45.027000

2 posts

Command Injection vulnerability in TP-Link WA850RE (httpd modules) allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922.

CVE-2025-14884
(7.2 HIGH)

EPSS: 0.00%

updated 2025-12-18T17:15:47.480000

3 posts

A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2025-68400
(8.8 HIGH)

EPSS: 0.03%

updated 2025-12-18T16:46:12.477000

1 posts

ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in the legacy endpoint `/Reports/ConfirmReportEmail.php` in ChurchCRM prior to version 6.5.3. Although the feature was removed from the UI, the file remains deployed and reachable directly via URL. This is a classic case of *dead but reachable code*. Any authenticated user - including one with zero assigned

CVE-2025-14878
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-12-18T16:15:52.960000

3 posts

A security flaw has been discovered in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/wirelessRestart of the component HTTP Request Handler. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.

CVE-2025-14763
(5.3 MEDIUM)

EPSS: 0.01%

updated 2025-12-18T15:47:08

1 posts

## Summary S3 Encryption Client for Java is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key (EDK) is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamanders" attack (https://eprint.iacr.org/2019/016), which could allow the EDK to be replaced with a

CVE-2025-14759
(5.3 MEDIUM)

EPSS: 0.01%

updated 2025-12-18T15:46:18

1 posts

## Summary S3 Encryption Client for .NET (S3EC) is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key (EDK) is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamanders" attack (https://eprint.iacr.org/2019/016), which could allow the EDK to be replaced

CVE-2025-59374
(9.8 CRITICAL)

EPSS: 56.04%

updated 2025-12-18T15:42:03.790000

5 posts

"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has

CVE-2025-20393
(10.0 CRITICAL)

EPSS: 4.03%

updated 2025-12-18T15:41:16.840000

18 posts

Cisco is aware of a potential vulnerability.&nbsp; Cisco is currently investigating and&nbsp;will update these details as appropriate&nbsp;as more information becomes available.

5 repos

https://github.com/StasonJatham/cisco-sa-sma-attack-N9bf4

https://github.com/KingHacker353/CVE-2025-20393

https://github.com/b1gchoi/CVE-2025-20393

https://github.com/thesystemowner/CVE-2025-20393-POC

https://github.com/cyberleelawat/CVE-2025-20393

CVE-2025-64466
(7.8 HIGH)

EPSS: 0.00%

updated 2025-12-18T15:30:52

1 posts

There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-64469
(7.8 HIGH)

EPSS: 0.00%

updated 2025-12-18T15:30:51

1 posts

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-64468
(7.8 HIGH)

EPSS: 0.00%

updated 2025-12-18T15:30:51

1 posts

There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions

CVE-2025-13110
(4.3 MEDIUM)

EPSS: 0.00%

updated 2025-12-18T15:30:51

1 posts

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.3 via the "woof_add_subscr" function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber level access and above, to create product messenger subscriptions on be

CVE-2025-14618
(4.3 MEDIUM)

EPSS: 0.00%

updated 2025-12-18T15:30:51

1 posts

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweet_energy_efficiency_action' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with subscriber level access and above, to read, modify, and delete arbitrary graphs.

CVE-2025-65007(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-18T15:30:51

1 posts

In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) due to lack of authentication in the configuration change module in the adm.cgi endpoint, the unauthenticated attacker can execute commands including backup creation, device restart and resetting the device to factory settings. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerabil

CVE-2025-64465
(7.8 HIGH)

EPSS: 0.00%

updated 2025-12-18T15:30:45

1 posts

There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-64467
(7.8 HIGH)

EPSS: 0.00%

updated 2025-12-18T15:15:58.893000

1 posts

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-53000
(0 None)

EPSS: 0.02%

updated 2025-12-18T15:15:54.730000

1 posts

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable

CVE-2025-68154
(8.1 HIGH)

EPSS: 0.12%

updated 2025-12-18T15:08:06.237000

2 posts

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command injection on Windows systems. The optional `drive` parameter is directly concatenated into a PowerShell command without sanitization, allowing arbitrary command execution when user-controlled input reaches this function. The ac

CVE-2025-47372
(9.0 CRITICAL)

EPSS: 0.02%

updated 2025-12-18T15:07:42.550000

1 posts

Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.

CVE-2025-47387
(7.8 HIGH)

EPSS: 0.01%

updated 2025-12-18T15:07:42.550000

1 posts

Memory Corruption when processing IOCTLs for JPEG data without verification.

CVE-2025-47382
(7.8 HIGH)

EPSS: 0.01%

updated 2025-12-18T15:07:42.550000

1 posts

Memory corruption while loading an invalid firmware in boot loader.

CVE-2025-14856
(6.3 MEDIUM)

EPSS: 0.04%

updated 2025-12-18T15:07:42.550000

1 posts

A security vulnerability has been detected in y_project RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

CVE-2025-66029
(7.6 HIGH)

EPSS: 0.03%

updated 2025-12-18T15:07:42.550000

1 posts

Open OnDemand provides remote web access to supercomputers. In versions 4.0.8 and prior, the Apache proxy allows sensitive headers to be passed to origin servers. This means malicious users can create an origin server on a compute node that record these headers when unsuspecting users connect to it. Maintainers anticipate a patch in a 4.1 release. Workarounds exist for 4.0.x versions. Using `custo

CVE-2025-68435
(9.1 CRITICAL)

EPSS: 0.07%

updated 2025-12-18T15:07:42.550000

2 posts

Zerobyte is a backup automation tool Zerobyte versions prior to 0.18.5 and 0.19.0 contain an authentication bypass vulnerability where authentication middleware is not properly applied to API endpoints. This results in certain API endpoints being accessible without valid session credentials. This is dangerous for those who have exposed Zerobyte to be used outside of their internal network. A fix h

CVE-2025-68129
(6.8 MEDIUM)

EPSS: 0.06%

updated 2025-12-18T15:07:42.550000

1 posts

Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. In applications built with the Auth0-PHP SDK, the audience validation in access tokens is performed improperly. Without proper validation, affected applications may accept ID tokens as Access tokens. Projects are affected if they use Auth0-PHP SDK versions between v8.0.0 and v8.17.0, or applications using the following SDKs that

CVE-2025-67073
(9.8 CRITICAL)

EPSS: 0.15%

updated 2025-12-18T15:07:42.550000

1 posts

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `serviceName`) to /goform/AdvSetMacMtuWan.

CVE-2025-14762
(5.3 MEDIUM)

EPSS: 0.02%

updated 2025-12-18T15:07:42.550000

1 posts

Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for Ruby to version 1.208.0 or later.

CVE-2025-14760
(5.3 MEDIUM)

EPSS: 0.02%

updated 2025-12-18T15:07:42.550000

1 posts

Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for C++ to version 1.11.712 or later

CVE-2025-14761
(5.3 MEDIUM)

EPSS: 0.02%

updated 2025-12-18T15:07:42.550000

1 posts

Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for PHP to version 3.368.0 or later

CVE-2025-14764
(5.3 MEDIUM)

EPSS: 0.01%

updated 2025-12-18T15:07:42.550000

1 posts

Missing cryptographic key commitment in the Amazon S3 Encryption Client for Go may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade Amazon S3 Encryption Client for Go to version 4.0 or later.

CVE-2025-65203
(7.1 HIGH)

EPSS: 0.01%

updated 2025-12-18T15:07:42.550000

1 posts

KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents rendered under a browser-enforced CSP directive and iframe attribute sandbox, allowing attacker-controlled script in the sandboxed document to access populated form fields and exfiltrate credentials.

CVE-2025-40602
(6.6 MEDIUM)

EPSS: 1.71%

updated 2025-12-18T15:07:18.427000

5 posts

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

1 repos

https://github.com/rxerium/CVE-2025-40602

CVE-2025-14437
(7.5 HIGH)

EPSS: 0.00%

updated 2025-12-18T15:07:18.427000

1 posts

The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials.

CVE-2025-14277
(4.3 MEDIUM)

EPSS: 0.00%

updated 2025-12-18T15:07:18.427000

1 posts

The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.9 via the import_elementor_template AJAX action. This makes it possible for authenticated attackers, with subscriber level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and m

CVE-2025-64374
(0 None)

EPSS: 0.02%

updated 2025-12-18T15:07:18.427000

1 posts

Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through <= 5.6.81.

CVE-2025-10910(CVSS UNKNOWN)

EPSS: 0.19%

updated 2025-12-18T12:30:33

2 posts

A flaw in the binding process of Govee’s cloud platform and devices allows a remote attacker to bind an existing, online Govee device to the attacker’s account, resulting in full control of the device and removal of the device from its legitimate owner’s account. The server‑side API allows device association using a set of identifiers: "device", "sku", "type", and a client‑computed "value", that a

CVE-2025-68459
(7.2 HIGH)

EPSS: 0.17%

updated 2025-12-18T06:30:19

2 posts

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service.

CVE-2025-68463
(4.9 MEDIUM)

EPSS: 0.03%

updated 2025-12-18T06:30:19

1 posts

Bio.Entrez in Biopython through 186 allows doctype XXE.

CVE-2025-68462
(3.2 LOW)

EPSS: 0.01%

updated 2025-12-18T06:30:19

1 posts

Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases.

CVE-2025-12885
(6.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-18T03:30:18

1 posts

The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sanitize_pdf_src function regex bypass in all versions up to, and including, 2.7.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary

CVE-2025-14841
(3.3 LOW)

EPSS: 0.01%

updated 2025-12-18T03:30:18

1 posts

A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation causes null pointer dereference. The attack requires local access. Upgrading to version 3.7.0 is sufficient to resolve

CVE-2025-14837
(4.7 MEDIUM)

EPSS: 0.04%

updated 2025-12-18T00:34:16

1 posts

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/siteconfig.php of the component Backend Website Settings Module. Such manipulation of the argument icp leads to code injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-14202(CVSS UNKNOWN)

EPSS: 0.05%

updated 2025-12-18T00:34:16

2 posts

A vulnerability in the file upload at bookmark + asset rendering pipeline allows an attacker to upload a malicious SVG file with JavaScript content. When an authenticated admin user views the SVG file with embedded JavaScript code of shared bookmark, JavaScript executes in the admin’s browser, retrieves the CSRF token, and sends a request to change the admin's password resulting in a full account

CVE-2025-67172
(7.2 HIGH)

EPSS: 0.24%

updated 2025-12-17T21:31:53

1 posts

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the parse_special_tags() function.

CVE-2025-66924
(6.1 MEDIUM)

EPSS: 0.04%

updated 2025-12-17T21:31:53

1 posts

A Cross-site scripting (XSS) vulnerability in Create/Update Item Kit(s) in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter.

CVE-2025-66923
(7.2 HIGH)

EPSS: 0.10%

updated 2025-12-17T21:31:52

1 posts

A Cross-site scripting (XSS) vulnerability in Create/Update Customer(s) in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the phone_number parameter.

CVE-2025-34437(CVSS UNKNOWN)

EPSS: 0.10%

updated 2025-12-17T21:30:56

1 posts

AVideo versions prior to 20.0 permit any authenticated user to upload comment images to videos owned by other users. The endpoint validates authentication but omits ownership checks, allowing attackers to perform unauthorized uploads to arbitrary video objects.

CVE-2025-34436(CVSS UNKNOWN)

EPSS: 0.10%

updated 2025-12-17T21:30:56

1 posts

AVideo versions prior to 20.0 allow any authenticated user to upload files into directories belonging to other users due to an insecure direct object reference. The upload functionality verifies authentication but does not enforce ownership checks.

CVE-2025-13326
(3.9 LOW)

EPSS: 0.01%

updated 2025-12-17T21:30:56

1 posts

Mattermost Desktop App versions <6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder.

CVE-2025-59718
(9.8 CRITICAL)

EPSS: 5.57%

updated 2025-12-17T13:54:45.390000

4 posts

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7

2 repos

https://github.com/Ashwesker/Blackash-CVE-2025-59718

https://github.com/exfil0/CVE-2025-59718-PoC

CVE-2025-68260(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-12-16T15:30:56

2 posts

In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix race condition on death_list Rust Binder contains the following unsafe operation: // SAFETY: A `NodeDeath` is never inserted into the death list // of any node other than its owner, so it is either in this // death list or in no death list. unsafe { node_inner.death_list.remove(self) }; This operation is u

CVE-2025-66471
(7.5 HIGH)

EPSS: 0.02%

updated 2025-12-10T16:10:33.500000

1 posts

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can

CVE-2025-59719
(9.8 CRITICAL)

EPSS: 0.07%

updated 2025-12-09T19:59:29.507000

3 posts

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

CVE-2025-41750
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:36:53.557000

1 posts

An XSS vulnerability in pxc_PortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device confi

CVE-2025-41752
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:36:53.557000

1 posts

An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device confi

CVE-2025-41694
(6.5 MEDIUM)

EPSS: 0.11%

updated 2025-12-09T18:36:53.557000

1 posts

A low privileged remote attacker can run the webshell with an empty command containing whitespace. The server will then block until it receives more data, resulting in a DoS condition of the websserver.

CVE-2025-41747
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:36:53.557000

1 posts

An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to devic

CVE-2025-41695
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:36:53.557000

1 posts

An XSS vulnerability in dyn_conn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device confi

CVE-2025-41746
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:36:53.557000

1 posts

An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device

CVE-2025-41749
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:30:45

1 posts

An XSS vulnerability in port_util.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configu

CVE-2025-41696
(4.6 MEDIUM)

EPSS: 0.02%

updated 2025-12-09T18:30:44

1 posts

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device.

CVE-2025-41748
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:30:44

1 posts

An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device conf

CVE-2025-41751
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:30:44

1 posts

An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device conf

CVE-2025-41697
(6.8 MEDIUM)

EPSS: 0.02%

updated 2025-12-09T18:30:44

1 posts

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692.

CVE-2025-41745
(7.1 HIGH)

EPSS: 0.09%

updated 2025-12-09T18:30:44

1 posts

An XSS vulnerability in pxc_portCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device

CVE-2025-41693
(4.3 MEDIUM)

EPSS: 0.23%

updated 2025-12-09T18:30:43

1 posts

A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected.

CVE-2025-41692
(6.8 MEDIUM)

EPSS: 0.02%

updated 2025-12-09T18:30:43

1 posts

A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm.

CVE-2025-55182
(10.0 CRITICAL)

EPSS: 44.14%

updated 2025-12-09T16:53:25

2 posts

### Impact There is an unauthenticated remote code execution vulnerability in React Server Components. We recommend upgrading immediately. The vulnerability is present in versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 of: * [react-server-dom-webpack](https://www.npmjs.com/package/react-server-dom-webpack) * [react-server-dom-parcel](https://www.npmjs.com/package/react-server-dom-parcel) * [react-s

Nuclei template

100 repos

https://github.com/gensecaihq/react2shell-scanner

https://github.com/m3m0ryc0rrupt/CVE-2025-55182-PoC

https://github.com/c0rydoras/CVE-2025-55182

https://github.com/SainiONHacks/CVE-2025-55182-Scanner

https://github.com/assetnote/react2shell-scanner

https://github.com/hidden-investigations/react2shell-scanner

https://github.com/santihabib/CVE-2025-55182-analysis

https://github.com/C00LN3T/React2Shell

https://github.com/Call123X/-cve-2025-55182

https://github.com/Saturate/CVE-2025-55182-Scanner

https://github.com/theori-io/reactguard

https://github.com/tobiasGuta/Next.js-RSC-RCE-Scanner-Burp-Suite-Extension

https://github.com/CirqueiraDev/MassExploit-CVE-2025-55182

https://github.com/sumanrox/rschunter

https://github.com/CymulateResearch/React2Shell-Scanner

https://github.com/zack0x01/vuln-app-CVE-2025-55182

https://github.com/aliclub0x00/CVE-2025-55182-POC-NEXTJS

https://github.com/ayoub-intigriti/react2shell-cve

https://github.com/freeqaz/react2shell

https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc

https://github.com/yanoshercohen/React2Shell_CVE-2025-55182

https://github.com/xiaopeng-ye/react2shell-detector

https://github.com/BankkRoll/Quickcheck-CVE-2025-55182-React-and-CVE-2025-66478-Next.js

https://github.com/techgaun/cve-2025-55182-scanner

https://github.com/nehkark/CVE-2025-55182

https://github.com/dwisiswant0/CVE-2025-55182

https://github.com/hoosin/CVE-2025-55182

https://github.com/f0xyx/CVE-2025-55182-Scanner

https://github.com/AliHzSec/CVE-2025-55182

https://github.com/ejpir/CVE-2025-55182-bypass

https://github.com/zr0n/react2shell

https://github.com/Cr4at0r/Next.js-RCE-Scanner-BurpSuite-Extension-

https://github.com/Dh4v4l8/CVE-2025-55182-poc-tool

https://github.com/cybertechajju/R2C-CVE-2025-55182-66478

https://github.com/EynaExp/CVE-2025-55182-POC

https://github.com/MoLeft/React2Shell-Toolbox

https://github.com/alsaut1/react2shell-lab

https://github.com/xcanwin/CVE-2025-55182-React-RCE

https://github.com/xkillbit/cve-2025-55182-scanner

https://github.com/pax-k/react2shell-CVE-2025-55182-full-rce-script

https://github.com/shyambhanushali/React2Shell

https://github.com/MrR0b0t19/CVE-2025-55182-shellinteractive

https://github.com/subhdotsol/CVE-2025-55182

https://github.com/anuththara2007-W/CVE-2025-55182-Exploit-extension

https://github.com/l4rm4nd/CVE-2025-55182

https://github.com/kavienanj/CVE-2025-55182

https://github.com/GelukCrab/React-Server-Components-RCE

https://github.com/whiteov3rflow/CVE-2025-55182-poc

https://github.com/acheong08/CVE-2025-55182-poc

https://github.com/zzhorc/CVE-2025-55182

https://github.com/onlylovetx/CVE-2025-55182-CVE-2025-66478-Exploit-GUI

https://github.com/emredavut/CVE-2025-55182

https://github.com/RuoJi6/CVE-2025-55182-RCE-shell

https://github.com/andrei2308/react2shell

https://github.com/7amzahard/React2shell

https://github.com/sickwell/CVE-2025-55182

https://github.com/mrknow001/RSC_Detector

https://github.com/raivenLockdown/RCE_React2Shell_ButCooler-SomeUselessUsefulThingsLMAO-

https://github.com/Ashwesker/Blackash-CVE-2025-55182

https://github.com/LemonTeatw1/CVE-2025-55182-exploit

https://github.com/xalgord/React2Shell

https://github.com/keklick1337/CVE-2025-55182-golang-PoC

https://github.com/SoICT-BKSEC/CVE-2025-55182-docker-lab

https://github.com/ejpir/CVE-2025-55182-research

https://github.com/Syrins/CVE-2025-55182-React2Shell-RCE

https://github.com/msanft/CVE-2025-55182

https://github.com/hualy13/CVE-2025-55182

https://github.com/sho-luv/React2Shell

https://github.com/XiaomingX/CVE-2025-55182-poc

https://github.com/AggressiveUser/React2Hell

https://github.com/surajhacx/react2shellpoc

https://github.com/yz9yt/React2Shell-CTF

https://github.com/Security-Phoenix-demo/react2shell-scanner-rce-react-next-CVE-2025-55182-CVE-2025-66478

https://github.com/BeichenDream/CVE-2025-55182-GodzillaMemoryShell

https://github.com/Spritualkb/CVE-2025-55182-exp

https://github.com/websecuritylabs/React2Shell-Library

https://github.com/im-ezboy/CVE-2025-55182-zoomeye

https://github.com/hackersatyamrastogi/react2shell-ultimate

https://github.com/AdityaBhatt3010/React2Shell-CVE-2025-55182-The-Deserialization-Bug-That-Broke-the-Web

https://github.com/StealthMoud/CVE-2025-55182-Scanner

https://github.com/pyroxenites/Nextjs_RCE_Exploit_Tool

https://github.com/sudo-Yangziran/CVE-2025-55182POC

https://github.com/Rsatan/Next.js-Exploit-Tool

https://github.com/ynsmroztas/NextRce

https://github.com/jf0x3a/CVE-2025-55182-exploit

https://github.com/kOaDT/poc-cve-2025-55182

https://github.com/Chocapikk/CVE-2025-55182

https://github.com/timsonner/React2Shell-CVE-2025-55182

https://github.com/M4xSec/CVE-2025-55182-React2Shell-RCE-Shell

https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-

https://github.com/songsanggggg/CVE-2025-55182

https://github.com/VeilVulp/RscScan-cve-2025-55182

https://github.com/logesh-GIT001/CVE-2025-55182

https://github.com/Pizz33/CVE-2025-55182-burpscanner

https://github.com/shamo0/react2shell-PoC

https://github.com/heiheishushu/rsc_detect_CVE-2025-55182

https://github.com/ThemeHackers/CVE-2025-55182

https://github.com/alfazhossain/CVE-2025-55182-Exploiter

https://github.com/ZihxS/check-react-rce-cve-2025-55182

https://github.com/fatguru/CVE-2025-55182-scanner

CVE-2025-34352(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-12-02T21:31:37

1 posts

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on predictable files inside a user-writable %TEMP% subdirectory without validating that the directory is tr

CVE-2025-40300(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-11-17T18:30:25

1 posts

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors af

CVE-2025-7962
(7.5 HIGH)

EPSS: 0.01%

updated 2025-11-13T18:36:55.173000

1 posts

In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages.

CVE-2025-53066
(7.5 HIGH)

EPSS: 0.09%

updated 2025-11-03T18:16:57.227000

2 posts

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Easily exploitable vulnerability allows unauthenticated attacker

CVE-2025-53057
(5.9 MEDIUM)

EPSS: 0.07%

updated 2025-11-03T18:16:56.973000

2 posts

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Difficult to exploit vulnerability allows unauthenticated at

CVE-2025-49146
(8.2 HIGH)

EPSS: 0.01%

updated 2025-06-11T16:17:03

1 posts

### Impact When the PostgreSQL JDBC driver is configured with channel binding set to `required` (default value is `prefer`), the driver would incorrectly allow connections to proceed with authentication methods that do not support channel binding (such as password, MD5, GSS, or SSPI authentication). This could allow a man-in-the-middle attacker to intercept connections that users believed were pr

CVE-2025-5516
(2.4 LOW)

EPSS: 0.05%

updated 2025-06-03T18:30:53

1 posts

A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor w

CVE-2025-2039
(4.7 MEDIUM)

EPSS: 0.09%

updated 2025-05-13T20:57:18.117000

2 posts

A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/delete_members.php. The manipulation of the argument member_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

4 repos

https://github.com/thesystemowner/CVE-2025-20393-POC

https://github.com/cyberleelawat/CVE-2025-20393

https://github.com/KingHacker353/CVE-2025-20393

https://github.com/b1gchoi/CVE-2025-20393

CVE-2025-32210
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-04-11T15:39:52.920000

1 posts

Missing Authorization vulnerability in CreativeMindsSolutions CM Registration and Invitation Codes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Registration and Invitation Codes: from n/a through 2.5.2.

CVE-2025-68161
(0 None)

EPSS: 0.00%

2 posts

N/A

CVE-2025-63820
(0 None)

EPSS: 0.00%

2 posts

N/A

1 repos

https://github.com/Xernary/CVE-2025-63820

CVE-2025-63821
(0 None)

EPSS: 0.00%

2 posts

N/A

1 repos

https://github.com/Xernary/CVE-2025-63821

CVE-2025-67745
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-65567
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-65564
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2025-68434
(0 None)

EPSS: 0.06%

1 posts

N/A

1 repos

https://github.com/Nixon-H/CVE-2025-68434-OSPOS-CSRF

CVE-2025-68401
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-68399
(0 None)

EPSS: 0.05%

1 posts

N/A

CVE-2025-68275
(0 None)

EPSS: 0.04%

1 posts

N/A

CVE-2025-66397
(0 None)

EPSS: 0.03%

1 posts

N/A