Skip to main content
CVE-2025-1829 MEDIUM POC This Month

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X18 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
3.4%
CVE-2025-1834 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass File Upload Zz
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-1833 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Java Zz
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-1818 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8.upload. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass File Upload Java Zz
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-1832 MEDIUM POC This Month

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Java Zz
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1831 MEDIUM POC This Month

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Java Zz
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1821 MEDIUM POC This Month

A vulnerability was found in zj1983 zz up to 2024-8 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Java Zz
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1820 MEDIUM POC This Month

A vulnerability has been found in zj1983 zz up to 2024-8 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Java Zz
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1812 MEDIUM POC This Month

A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zz
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-1813 MEDIUM POC This Month

A vulnerability classified as problematic was found in zj1983 zz up to 2024-08. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Zz
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-1830 MEDIUM POC This Month

A vulnerability was found in zj1983 zz up to 2024-8. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zz
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-1817 MEDIUM POC This Month

A vulnerability classified as problematic was found in Mini-Tmall up to 20250211. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mini Tmall
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-1814 HIGH This Week

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-25724 MEDIUM POC PATCH This Month

list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Libarchive Red Hat Suse
NVD GitHub
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-1815 MEDIUM This Month

A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-1811 MEDIUM This Month

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-1809 MEDIUM This Month

A vulnerability was found in Pixsoft Sol up to 7.6.6c and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-1808 MEDIUM This Month

A vulnerability has been found in Pixsoft E-Saphira 1.7.24 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2024-36353 MEDIUM PATCH This Month

Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss of confidentiality. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-1819 MEDIUM This Month

A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Tenda Ac7 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.7%
CVE-2025-1816 MEDIUM PATCH This Month

A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Suse
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-1835 MEDIUM This Month

A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1806 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in Eastnets PaymentSafe 2.5.26.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1836 MEDIUM This Month

A vulnerability was found in Incorta 2023.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1810 MEDIUM This Month

A vulnerability was found in Pixsoft Vivaz 6.0.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-1807 MEDIUM This Month

A vulnerability, which was classified as problematic, was found in Eastnets PaymentSafe 2.5.26.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2022-49733 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC There is a small race window at snd_pcm_oss_sync() that is called from OSS PCM. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-0895 LOW Monitor

IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from debugging code log messages. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google IBM Cognos Analytics Mobile Android
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2024-55907 LOW Monitor

IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions,. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.

Apple IBM Information Disclosure Cognos Analytics Mobile iOS
NVD
CVSS 3.1
2.0
EPSS
0.1%
CVE-2025-25726 Awaiting Data

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.

Information Disclosure
NVD
CVE-2025-25725 Awaiting Data

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.

Information Disclosure
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy