Skip to main content
CVE-2025-3990 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow N150rt Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.6%
CVE-2025-3989 HIGH POC This Week

A vulnerability classified as critical was found in TOTOLINK N150RT 3.4.0-B20190525. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow N150rt Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.6%
CVE-2025-3988 HIGH POC This Week

A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow N150rt Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-46657 HIGH POC This Week

Karaz Karazal through 2025-04-14 allows reflected XSS via the lang parameter to the default URI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Karazal
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-3987 MEDIUM POC This Month

A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N150rt Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
8.9%
CVE-2025-3963 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in withstars Books-Management-System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Books Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.4%
CVE-2025-3960 MEDIUM POC This Month

A vulnerability was found in withstars Books-Management-System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Books Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.4%
CVE-2025-3975 MEDIUM POC This Month

A vulnerability was found in ScriptAndTools eCommerce-website-in-PHP 3.0 and classified as problematic.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Ecommerce Website In Php
NVD VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3983 MEDIUM POC This Month

A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP Hibos
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
3.9%
CVE-2025-46687 MEDIUM POC PATCH This Month

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. Rated medium severity (CVSS 5.6), this vulnerability is no authentication required. Public exploit code available.

Buffer Overflow Denial Of Service Quickjs
NVD GitHub
CVSS 3.1
5.6
EPSS
0.1%
CVE-2025-46688 MEDIUM POC PATCH This Month

quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. Rated medium severity (CVSS 5.6), this vulnerability is no authentication required. Public exploit code available.

Buffer Overflow Quickjs
NVD GitHub
CVSS 3.1
5.6
EPSS
0.1%
CVE-2025-46689 MEDIUM POC This Month

Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ververica Platform
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-3982 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Sverchok
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2025-3969 MEDIUM POC This Month

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass File Upload News Publishing Site Dashboard
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2025-3980 MEDIUM POC This Month

A vulnerability classified as problematic was found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Internet Doctor Workstation System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-3967 MEDIUM POC This Month

A vulnerability was found in itwanger paicoding 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Paicoding
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-3957 MEDIUM POC This Month

A vulnerability was found in opplus springboot-admin 1.0 and classified as critical.xml. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Springboot Admin
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3968 MEDIUM POC This Month

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi News Publishing Site Dashboard
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3978 MEDIUM POC This Month

A vulnerability was found in dazhouda lecms 3.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lecms
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3966 MEDIUM POC This Month

A vulnerability was found in itwanger paicoding 1.0.3 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Paicoding
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3979 MEDIUM POC This Month

A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Lecms
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3964 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in withstars Books-Management-System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Books Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3959 MEDIUM POC This Month

A vulnerability was found in withstars Books-Management-System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Books Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3955 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in codeprojects Patient Record Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Patient Record Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-3981 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Internet Doctor Workstation System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-3962 MEDIUM POC This Month

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Books Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-3961 MEDIUM POC This Month

A vulnerability classified as problematic has been found in withstars Books-Management-System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Books Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-3958 MEDIUM POC This Month

A vulnerability was found in withstars Books-Management-System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Books Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-3965 MEDIUM POC This Month

A vulnerability has been found in itwanger paicoding 1.0.3 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Paicoding
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-3970 MEDIUM POC This Month

A vulnerability classified as problematic has been found in baseweb JSite up to 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft XSS Jsite
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-46690 MEDIUM POC This Month

Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ververica Platform
NVD GitHub
CVSS 3.1
5.0
EPSS
0.2%
CVE-2025-46673 MEDIUM POC This Month

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Authentication Bypass Cryptolib
NVD GitHub
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-46579 HIGH This Week

There is a DDE injection vulnerability in the GoldenDB database product. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Zxcloud Goldendb
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2025-46580 HIGH This Week

There is a code-related vulnerability in the GoldenDB database product. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Zxcloud Goldendb
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2025-46674 LOW POC PATCH Monitor

NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Oracle Cryptolib
NVD GitHub
CVSS 3.1
3.5
EPSS
0.3%
CVE-2025-46675 LOW POC PATCH Monitor

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Cryptolib
NVD GitHub
CVSS 3.1
3.5
EPSS
0.2%
CVE-2025-46672 LOW POC Monitor

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Cryptolib
NVD GitHub
CVSS 3.1
3.5
EPSS
0.2%
CVE-2025-3976 MEDIUM This Month

A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Covid19 Testing Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3974 MEDIUM This Month

A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Covid19 Testing Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3973 MEDIUM This Month

A vulnerability, which was classified as critical, was found in PHPGurukul COVID19 Testing Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Covid19 Testing Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3972 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in PHPGurukul COVID19 Testing Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Covid19 Testing Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3971 MEDIUM This Month

A vulnerability classified as critical was found in PHPGurukul COVID19 Testing Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Covid19 Testing Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-46578 MEDIUM This Month

There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Zxcloud Goldendb
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-46577 MEDIUM This Month

There is a SQL injection vulnerability in the GoldenDB database product. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Zxcloud Goldendb
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-3886 MEDIUM This Month

An issue in CatoNetworks CatoClient before v.5.8.0 allows attackers to escalate privileges and achieve a race condition (TOCTOU) via the PrivilegedHelperTool component. Rated medium severity (CVSS 5.7). No vendor patch available.

Race Condition Privilege Escalation Cato Client
NVD
CVSS 4.0
5.7
EPSS
0.1%
CVE-2025-46576 MEDIUM This Month

There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Zxcloud Goldendb
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-52888 MEDIUM This Month

For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mobile Access Remote Access Vpn
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-3986 MEDIUM This Month

A vulnerability was found in Apereo CAS 5.2.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Central Authentication Service
NVD VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2025-3956 MEDIUM This Month

A vulnerability has been found in 201206030 novel-cloud 1.4.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Novel Cloud
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3977 MEDIUM This Month

A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dreamer Cms
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy