Skip to main content
CVE-2025-49113 CRITICAL POC KEV PATCH THREAT Act Now

Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows authenticated users to achieve remote code execution through a crafted upload URL. With EPSS 90.4% and KEV listing, this vulnerability in one of the most widely deployed open-source webmail platforms enables any email user to compromise the mail server, accessing all hosted mailboxes.

Roundcube PHP RCE Deserialization Authentication Bypass +4
NVD GitHub Exploit-DB
CVSS 3.1
9.9
EPSS
90.4%
Threat
7.7
CVE-2025-5086 CRITICAL POC KEV THREAT Emergency

Dassault Systemes DELMIA Apriso (releases 2020-2025) contains an unauthenticated deserialization vulnerability (CVE-2025-5086, CVSS 9.0) that enables remote code execution on manufacturing execution systems. KEV-listed with EPSS 39.2% and public PoC, this vulnerability threatens industrial manufacturing operations by targeting the MES (Manufacturing Execution System) layer that controls production processes.

Deserialization RCE Delmia Apriso
NVD
CVSS 3.1
9.0
EPSS
39.2%
Threat
6.0
CVE-2025-1750 CRITICAL POC PATCH Act Now

SQL injection in llama_index DuckDB vector store v0.12.19. PoC and patch available.

SQLi RCE Llamaindex
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2024-54028 HIGH POC PATCH This Week

Integer underflow vulnerability in catdoc 0.95's OLE Document DIFAT (Double-Indirect File Allocation Table) Parser that enables heap-based memory corruption through specially crafted malformed files. An attacker can exploit this local vulnerability (no privileges required) by providing a malicious OLE document to trigger the integer underflow, potentially achieving arbitrary code execution or denial of service. While no active KEV status or widespread POC is confirmed in this dataset, the CVSS 8.4 score and high impact ratings (confidentiality, integrity, availability all marked 'H') indicate this is a critical local code execution risk for users who process untrusted OLE documents.

Buffer Overflow Catdoc Debian Linux
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-48877 HIGH POC PATCH This Week

Heap buffer overflow vulnerability in the Shared String Table Record Parser of xls2csv utility version 0.95, allowing unauthenticated local attackers to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. The vulnerability is triggered by processing a specially crafted malformed Excel file, presenting significant risk to users who process untrusted spreadsheet inputs. No confirmed active exploitation in the wild has been reported at this time, though the local attack vector and lack of privilege requirements suggest moderate real-world exploitability.

Buffer Overflow Xls2csv
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-52035 HIGH POC PATCH This Week

CVE-2024-52035 is an integer overflow vulnerability in catdoc 0.95's OLE Document File Allocation Table (FAT) parser that enables heap-based memory corruption when processing malformed files. The vulnerability affects users of catdoc 0.95 who process untrusted OLE documents (Microsoft Office legacy formats), allowing local attackers to corrupt heap memory and potentially achieve code execution. No active KEV status or widespread exploitation has been reported; however, the high CVSS score (8.4) and local attack vector indicate moderate real-world risk for environments processing user-supplied documents.

Integer Overflow Heap Overflow Memory Corruption Debian Linux Catdoc
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2025-27956 HIGH POC This Week

Directory Traversal vulnerability (CWE-22) in WebLaudos version 24.2 (04) that allows unauthenticated remote attackers to read arbitrary files and obtain sensitive information through improper validation of the 'id' parameter. With a CVSS score of 7.5 and network-based attack vector requiring no privileges or user interaction, this vulnerability poses a significant confidentiality risk to exposed WebLaudos instances. The vulnerability's active exploitation status and proof-of-concept availability should be verified through current KEV databases and security advisories.

Path Traversal Information Disclosure Weblaudos
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2025-48866 HIGH POC PATCH This Week

ModSecurity versions prior to 2.9.10 contain a denial of service vulnerability in the `sanitiseArg` and `sanitizeArg` actions that allows unauthenticated remote attackers to cause service disruption by submitting requests with an excessive number of arguments. This is a network-accessible DoS vulnerability with high impact on availability that affects widely-deployed WAF deployments across Apache, IIS, and Nginx platforms.

Apache Denial Of Service Nginx Modsecurity Red Hat +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-48957 HIGH POC PATCH This Week

AstrBot versions 3.4.4 through 3.5.12 contain a path traversal vulnerability (CWE-23) in the dashboard feature that allows unauthenticated remote attackers to disclose sensitive information including LLM provider API keys, account passwords, and other confidential data. The vulnerability has a CVSS score of 7.5 (High) with high confidentiality impact and no authentication requirements. Patch is available in version 3.5.13 and later via Pull Request #1676.

Information Disclosure Path Traversal Astrbot
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-45542 HIGH POC This Week

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0, where the 'pass' parameter fails to properly validate user input, allowing unauthenticated attackers to inject arbitrary SQL queries over the network. This vulnerability can lead to confidentiality, integrity, and availability compromise with a CVSS score of 7.3 (High), though active exploitation status and proof-of-concept availability could not be verified from the provided data.

SQLi PHP Cloudclassroom Php Project
NVD GitHub Exploit-DB
CVSS 3.1
7.3
EPSS
0.4%
CVE-2025-5447 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. This vulnerability affects the function ssid1MACFilter of the file /goform/ssid1MACFilter. The manipulation of the argument apselect_%d/newap_text_%d leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6250 Firmware Re6300 Firmware Re7000 Firmware Re9000 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
2.0%
CVE-2025-5438 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6250 Firmware Re6300 Firmware Re6350 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.8%
CVE-2025-5445 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this issue is the function RP_checkFWByBBS of the file /goform/RP_checkFWByBBS. The manipulation of the argument type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re7000 Firmware Re6500 Firmware Re6350 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.6%
CVE-2025-5444 MEDIUM POC This Month

A vulnerability has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this vulnerability is the function RP_UpgradeFWByBBS of the file /goform/RP_UpgradeFWByBBS. The manipulation of the argument type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6500 Firmware Re6300 Firmware Re6250 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.6%
CVE-2025-5443 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function wirelessAdvancedHidden of the file /goform/wirelessAdvancedHidden. The manipulation of the argument ExtChSelector/24GSelector/5GSelector leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6500 Firmware Re6350 Firmware Re7000 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.6%
CVE-2025-5446 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been classified as critical. This affects the function RP_checkCredentialsByBBS of the file /goform/RP_checkCredentialsByBBS. The manipulation of the argument pwd leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re7000 Firmware Re6250 Firmware Re6350 Firmware Re6300 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.2%
CVE-2025-5442 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument ip/nm/gw leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6350 Firmware Re7000 Firmware Re6250 Firmware Re6500 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.2%
CVE-2025-5441 MEDIUM POC This Month

A vulnerability classified as critical was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setDeviceURL of the file /goform/setDeviceURL. The manipulation of the argument DeviceURL leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6250 Firmware Re6300 Firmware Re7000 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.2%
CVE-2025-20001 MEDIUM POC This Month

An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability.

Buffer Overflow Information Disclosure Fontcreator
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-5440 MEDIUM POC This Month

A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument manual_year_select/manual_month_select/manual_day_select/manual_hour_select/manual_min_select/manual_sec_select leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re7000 Firmware Re9000 Firmware Re6300 Firmware Re6500 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.1%
CVE-2025-5439 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The manipulation of the argument uid/accessToken leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6350 Firmware Re6500 Firmware Re7000 Firmware Re6250 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.1%
CVE-2025-44172 MEDIUM POC This Month

Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.

Buffer Overflow Stack Overflow Ac6 Firmware Tenda
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-40113 MEDIUM POC This Month

A security vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before (CVSS 6.5). Risk factors: public PoC available.

Information Disclosure Wlx 2006 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-5430 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in AssamLook CMS 1.0. This issue affects some unknown processing of the file /product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PHP SQLi Assamlook Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5429 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5428 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5427 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5426 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5425 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5424 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5423 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5421 MEDIUM POC This Month

A security vulnerability in juzaweb CMS (CVSS 6.3). Risk factors: public PoC available.

Information Disclosure Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5432 MEDIUM POC This Month

A vulnerability has been found in AssamLook CMS 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /view_tender.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PHP SQLi Assamlook Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-5431 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in AssamLook CMS 1.0. Affected is an unknown function of the file /department-profile.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PHP SQLi Assamlook Cms
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2024-40114 MEDIUM POC This Month

A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code.

XSS Wlx 2006 Firmware
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-40112 MEDIUM POC This Month

A Local File Inclusion (LFI) vulnerability exists in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before, which allows an attacker to manipulate the "language" cookie to include arbitrary files from the server. This vulnerability can be exploited to disclose sensitive information.

PHP LFI Information Disclosure Wlx 2006 Firmware
NVD GitHub
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-37096 CRITICAL PATCH Act Now

Command Injection Rce (3Rd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-37092 CRITICAL PATCH Act Now

Command Injection Rce (2Nd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-37089 CRITICAL PATCH Act Now

Command Injection Rce in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-37095 CRITICAL PATCH Act Now

Directory Traversal in HPE StoreOnce backup storage software. One of 6 critical CVEs.

Information Disclosure Path Traversal Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-20672 CRITICAL Act Now

Heap OOB write in Android Bluetooth driver via incorrect bounds check.

Bluetooth Privilege Escalation Buffer Overflow Mt7902 Firmware Mt7927 Firmware +3
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-20674 CRITICAL Act Now

Remote privilege escalation in Android WLAN AP driver via packet injection.

Privilege Escalation Code Injection Software Development Kit Openwrt
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-37090 CRITICAL PATCH Act Now

Ssrf in HPE StoreOnce backup storage software. One of 6 critical CVEs.

SSRF Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-37093 CRITICAL PATCH Act Now

Auth Bypass in HPE StoreOnce backup storage software. One of 6 critical CVEs.

Authentication Bypass Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-48958 MEDIUM POC PATCH This Month

Froxlor is open source server administration software. Prior to version 2.2.6, an HTML Injection vulnerability in the customer account portal allows an attacker to inject malicious HTML payloads in the email section. This can lead to phishing attacks, credential theft, and reputational damage by redirecting users to malicious external websites. The vulnerability has a medium severity, as it can be exploited through user input without authentication. Version 2.2.6 fixes the issue.

XSS Debian Froxlor
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-0324 CRITICAL PATCH Act Now

Privilege escalation in Axis VAPIX framework.

Privilege Escalation Axis Os 2024 Axis Os
NVD
CVSS 3.1
9.4
EPSS
0.1%
CVE-2025-44115 MEDIUM POC This Month

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.

PHP XSS Cotonti Siena
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-23099 CRITICAL Act Now

OOB write in Samsung Exynos 1480/2400 processors.

Buffer Overflow Samsung Exynos 1480 Firmware Exynos 2400 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-1051 HIGH This Week

Heap-based buffer overflow vulnerability in Sonos Era 300 speakers that allows unauthenticated, network-adjacent attackers to execute arbitrary code with high severity (CVSS 8.8). The flaw exists in ALAC (Apple Lossless Audio Codec) data processing where insufficient length validation enables buffer overflow conditions. This vulnerability poses significant risk as it requires no authentication, no user interaction, and can be exploited by any attacker on the local network segment to achieve remote code execution in the context of the anacapa user.

Buffer Overflow RCE Era 300 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2025-0358 HIGH PATCH This Week

Privilege escalation vulnerability in Axis Communications' VAPIX Device Configuration framework that allows a local, authenticated user with lower privileges to escalate to administrator-level access. Discovered during a penetration test by Truesec, this flaw affects Axis network devices and cameras utilizing the vulnerable VAPIX framework. With a CVSS score of 8.8 and local attack vector, the vulnerability poses significant risk to organizations deploying Axis devices in multi-user or untrusted environments, though it requires prior authentication and local access to exploit.

Privilege Escalation Axis Os
NVD
CVSS 3.1
8.8
EPSS
0.1%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy