Skip to main content
CVE-2025-2011 HIGH POC THREAT Act Now

The Depicter Slider & Popup Builder WordPress plugin through version 3.6.1 contains an unauthenticated SQL injection via the 's' search parameter. The insufficient escaping allows attackers to append additional SQL queries, extracting the entire WordPress database without authentication.

WordPress SQLi PHP
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
52.4%
Threat
4.6
CVE-2025-4355 HIGH POC This Week

A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Dap 1520 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.4%
CVE-2025-4354 HIGH POC This Week

A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Dap 1520 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.4%
CVE-2025-4356 HIGH POC This Week

A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Dap 1520 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.8%
CVE-2025-2509 HIGH POC This Week

Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Chrome Os Chrome
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-46728 HIGH POC PATCH This Week

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Nginx Denial Of Service Cpp Httplib Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2025-4350 HIGH This Week

A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
5.3%
CVE-2025-4349 HIGH This Week

A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
5.3%
CVE-2025-3610 HIGH This Week

The Reales WP STPT plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.1.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE WordPress Authentication Bypass Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2025-4368 HIGH This Week

A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Ac8 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.3%
CVE-2025-4299 HIGH This Week

A vulnerability was found in Tenda AC1206 up to 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.3%
CVE-2025-4348 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4347 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4346 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4345 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4344 HIGH This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-0649 HIGH PATCH This Week

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Buffer Overflow Stack Overflow Tensorflow Serving Tensorflow +1
NVD GitHub
CVSS 4.0
8.9
EPSS
0.1%
CVE-2025-4343 HIGH This Week

A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4342 HIGH This Week

A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4298 HIGH This Week

A vulnerability was found in Tenda AC1206 up to 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4372 HIGH PATCH This Week

Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Google Denial Of Service Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-47420 HIGH This Week

266 vulnerability in Crestron Automate VX allows Privilege Escalation.6.8161.21536 through 6.4.0.49. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2025-46573 HIGH PATCH This Week

passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 4.0
8.6
EPSS
0.2%
CVE-2025-22477 HIGH This Week

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Dell Authentication Bypass Storage Manager
NVD
CVSS 3.1
8.3
EPSS
0.1%
CVE-2024-49846 HIGH This Week

Memory corruption while decoding of OTA messages from T3448 IE. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qca6688aq Firmware Qca6698aq Firmware Qca8081 Firmware Qca8337 Firmware +27
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2025-30165 HIGH PATCH This Week

vLLM is an inference and serving engine for large language models. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Deserialization Vllm Red Hat
NVD GitHub
CVSS 3.1
8.0
EPSS
1.3%
CVE-2025-0984 HIGH This Week

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Netoloji Software E-Flow allows Accessing. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS File Upload
NVD VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2025-22478 HIGH This Week

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XXE Dell Information Disclosure Storage Manager
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-46815 HIGH PATCH This Week

The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Zitadel Suse
NVD GitHub
CVSS 3.1
8.0
EPSS
0.2%
CVE-2025-21475 HIGH This Week

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +36
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21468 HIGH PATCH This Week

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21467 HIGH PATCH This Week

Memory corruption while reading the FW response from the shared queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +100
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21462 HIGH This Week

Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sa4150p Firmware +10
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21460 HIGH This Week

Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qam8255p Firmware Qam8295p Firmware Qam8620p Firmware Qam8650p Firmware +32
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21453 HIGH PATCH This Week

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware +257
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49845 HIGH This Week

Memory corruption during the FRS UDS generation process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Wcd9385 Firmware Wcd9390 Firmware Wcd9395 Firmware Wcn3950 Firmware +140
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49844 HIGH This Week

Memory corruption while triggering commands in the PlayReady Trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +175
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49841 HIGH This Week

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon Ar2 Gen 1 Firmware Snapdragon Auto 5g Modem Rf Gen 2 Firmware Snapdragon X24 Lte Modem Firmware Snapdragon X32 5g Modem Rf Firmware +166
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49835 HIGH This Week

Memory corruption while reading secure file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Csra6620 Firmware +204
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45579 HIGH PATCH This Week

Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sdm429w Firmware Snapdragon 429 Mobile Firmware +6
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45578 HIGH PATCH This Week

Memory corruption while acquire and update IOCTLs during IFE output resource ID validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sdm429w Firmware Snapdragon 429 Mobile Firmware +10
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45577 HIGH PATCH This Week

Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sdm429w Firmware Snapdragon 429 Mobile Firmware +6
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45576 HIGH PATCH This Week

Memory corruption while prociesing command buffer buffer in OPE module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sdm429w Firmware Snapdragon 429 Mobile Firmware +15
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45575 HIGH PATCH This Week

Memory corruption Camera kernel when large number of devices are attached through userspace. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sdm429w Firmware +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45574 HIGH PATCH This Week

Memory corruption during array access in Camera kernel due to invalid index from invalid command data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sdm429w Firmware Snapdragon 429 Mobile Firmware Wcn3620 Firmware Wcn3660b Firmware
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45567 HIGH PATCH This Week

Memory corruption while encoding JPEG format. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45566 HIGH PATCH This Week

Memory corruption during concurrent buffer access due to modification of the reference count. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow Fastconnect 6800 Firmware Fastconnect 6900 Firmware +20
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45564 HIGH PATCH This Week

Memory corruption during concurrent access to server info object due to incorrect reference count update. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow C V2x 9150 Firmware Fastconnect 6800 Firmware +59
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21470 HIGH This Week

Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +30
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21469 HIGH This Week

Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +17
NVD
CVSS 3.1
7.8
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy