CVE-2025-23103 is an out-of-bounds write vulnerability in Samsung's Exynos 1480 and 2400 mobile processors caused by insufficient length validation, allowing remote unauthenticated attackers to achieve high confidentiality impact with medium integrity and availability impact. The vulnerability has a CVSS score of 8.6 with low attack complexity and no privilege requirements, making it a significant risk to Samsung Galaxy devices using these processors; exploitation status and active use in the wild have not been confirmed at this time.
Foxcms v1.25 contains a SQL time-based injection vulnerability in the installdb.php installation script, specifically in the $_POST['dbname'] parameter, allowing unauthenticated local attackers to execute arbitrary SQL commands and fully compromise database confidentiality, integrity, and availability. With a CVSS score of 8.4 and local attack vector, this vulnerability poses a significant risk during initial application deployment; exploitation status and POC availability should be confirmed against current threat intelligence feeds, though the high CVSS and local-only requirement suggests moderate real-world impact depending on deployment model.
A vulnerability was found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. It has been rated as problematic. Affected by this issue is the function image of the file src/main/java/cn/gson/oasys/controller/user/UserpanelController.java. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoLTE and VoWiFi call processing. When a malicious or malformed RTCP (Real-time Transport Control Protocol) packet is received during an active call, the vulnerable system leaks sensitive information to a network-adjacent attacker without requiring authentication or user interaction. The CVSS 8.2 rating reflects high confidentiality impact with partial availability degradation; exploitation likelihood and real-world activity status require cross-referencing with EPSS and KEV data.
CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processing that allows unauthenticated remote attackers to leak sensitive data through malicious goodbye (BYE) RTCP packets. The vulnerability affects multiple VoIP and real-time communication products processing RTCP traffic; attackers can extract confidential information across the network without authentication or user interaction, and may also cause limited availability impact. The high CVSS score of 8.2 reflects the severe confidentiality impact and network-based attack vector, though exploitation complexity is low.
CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that occurs when decoding packets with malformed header extensions. An attacker on the network can send specially crafted RTP packets to trigger memory disclosure, potentially exposing sensitive information while also causing minor availability impact. The vulnerability affects multiple implementations of RTP protocol handling across various media processing frameworks and VoIP applications; while there is no confirmed active KEV status or public exploit code documented, the high CVSS score (8.2) combined with network accessibility (CVSS:3.1/AV:N) indicates significant real-world risk to exposed services.
Network-based information disclosure vulnerability in RTP (Real-time Transport Protocol) packet decoding that occurs when the CSRC (Contributing Source) count header field is improperly validated, allowing an attacker to read sensitive memory contents. The vulnerability affects any system processing RTP streams with malformed headers and has a high CVSS score of 8.2 due to the combination of high confidentiality impact and network accessibility without authentication; no patch availability, KEV status, EPSS score, or active exploitation details are currently documented.
Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability (CWE-61) that allows a local user with limited privileges to escalate their permissions to higher levels without user interaction. The vulnerability has a CVSS score of 7.8 (High) with local attack vector and low attack complexity, indicating straightforward exploitation by unprivileged local users. No active exploitation in the wild has been confirmed at this time, but the local privilege escalation nature and availability of detailed CVE information presents a meaningful post-patch exploitation risk.
Use-After-Free (UAF) vulnerability in Samsung's Exynos mobile processors (980, 990, 1080, 2100, 1280, 2200, 1380) that enables local privilege escalation. An authenticated attacker with local access can exploit this memory safety flaw to gain elevated privileges on affected devices. The vulnerability has a CVSS 3.1 score of 7.8 (High), reflecting high impact on confidentiality, integrity, and availability, though exploitation requires local access and existing user-level privileges.
Use-after-free memory corruption vulnerability in IOCTL command processing that occurs when buffers in write loopback mode are accessed after being freed. This local privilege escalation affects authenticated users (PR:L) on affected systems and can enable attackers to achieve confidentiality, integrity, and availability compromise (C:H/I:H/A:H). The vulnerability requires local access and low complexity exploitation, making it a significant risk for multi-user systems or systems where local code execution is possible.
Memory corruption vulnerability in dynamic process creation functionality that occurs when a client passes only the address and length of a shell binary without proper validation or bounds checking. This vulnerability affects local attackers with limited user privileges who can exploit the memory corruption to achieve arbitrary code execution with full system impact (confidentiality, integrity, and availability compromise). The vulnerability requires local access and low complexity exploitation, making it a significant risk for multi-user systems; KEV and active exploitation status are not confirmed in available data, but the high CVSS score (7.8) and memory corruption nature suggest this warrants urgent patching.
Memory corruption vulnerability in Qualcomm's Virtual Machine (VM) attachment mechanism that occurs when the Host Linux OS (HLOS) retains access to a VM during attachment operations. This local privilege escalation vulnerability affects Qualcomm System-on-Chip (SoC) implementations and allows a local attacker with user-level privileges to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has not been reported as actively exploited in the KEV catalog, but the high CVSS score (7.8) and local attack vector indicate significant real-world risk for deployed Qualcomm-based devices.
Memory corruption vulnerability in Qualcomm's FastRPC implementation that affects local privilege escalation through malformed INIT and multimode invoke IOCTL calls. An attacker with local access and basic user privileges can trigger memory corruption to achieve code execution with elevated privileges, potentially compromising system integrity and confidentiality. The vulnerability carries a CVSS 7.8 score indicating high severity, though exploitation requires local access and authenticated session context.
Path traversal vulnerability in Python's tarfile module extraction filters that allows attackers to bypass the 'data' and 'tar' filter protections, enabling symlink targets to point outside the extraction directory and permitting modification of file metadata. This affects any application using TarFile.extractall() or TarFile.extract() with filter='data' or filter='tar' on untrusted tar archives, as well as Python 3.14+ users relying on the new 'data' default filter. The vulnerability has a CVSS score of 7.5 (High) with high integrity impact, though exploitation requires an attacker to control the tar archive contents.
Logic flaw in Python's TarFile module where the documented behavior of errorlevel=0 (skip filtered members) contradicts the actual implementation (extract filtered members anyway). This affects any application using Python's tarfile library with extraction filters, allowing attackers to extract files that should be blocked, potentially leading to path traversal or extraction of malicious content. The vulnerability has a high CVSS score (7.5) with network-accessible attack vector and no authentication required, though exploitation requires the application to implement extraction filters expecting them to be respected.
NULL pointer dereference vulnerability in Samsung's Exynos mobile processors (models 1280, 2200, 1380, 1480, 2400) that allows unauthenticated remote attackers to trigger a denial of service condition without user interaction. The vulnerability has a CVSS 3.1 score of 7.5 (High) with network-based attack vector and high availability impact, though no integrity or confidentiality compromise occurs. Exploitation likelihood and active weaponization status cannot be confirmed without KEV catalog verification and public exploit availability data.
Network-accessible denial-of-service vulnerability in tone measurement response buffer processing that occurs when buffer contents fall outside expected range parameters, resulting in application/service crashes. The vulnerability affects systems implementing tone measurement protocols with improper input validation on buffer boundaries. An unauthenticated remote attacker can trigger this vulnerability with minimal complexity, causing service unavailability; however, without CVE details indicating active KEV status or public PoC availability, real-world exploitation likelihood remains moderate despite the high CVSS 7.5 score.
Transient denial-of-service vulnerability in wireless beacon frame processing that occurs when a device receives a malformed EHT (Extremely High Throughput) operation information element. An unauthenticated remote attacker can trigger a temporary service disruption by sending a specially crafted beacon frame, affecting WiFi 6E and later devices. With a CVSS score of 7.5 and high availability impact, this vulnerability requires no user interaction and is network-accessible, making it a notable threat to wireless infrastructure and client devices, though there is currently no evidence of active exploitation in the wild.
CVE-2025-4138 is a security vulnerability (CVSS 7.5) that allows the extraction filter. High severity vulnerability requiring prompt remediation.
A vulnerability has been found in quequnlong shiyi-blog up to 1.2.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dev-api/api/comment/add. The manipulation of the argument content leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability classified as problematic has been found in enilu web-flash 1.0. This affects the function fileService.upload of the file src/main/java/cn/enilu/flash/api/controller/FileController/upload of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A information disclosure vulnerability (CVSS 7.3) that allows an attacker. High severity vulnerability requiring prompt remediation. Vendor patch is available.
Critical improper authorization vulnerability in the bskms 蓝天幼儿园管理系统 (Lantian Kindergarten Management System) affecting the /sa/addUser endpoint of the User Creation Handler component. The vulnerability allows unauthenticated remote attackers to bypass authorization controls and manipulate user creation functionality, potentially leading to unauthorized account creation, privilege escalation, or data compromise. The exploit has been publicly disclosed with proof-of-concept code available, and the affected product uses continuous delivery with rolling releases, making precise version tracking difficult.
A security vulnerability in Jupyter Core (CVSS 7.3) that allows users. High severity vulnerability requiring prompt remediation.
PC Time Tracer versions prior to 5.2 contain an incorrect default permissions vulnerability (CWE-276) that allows local authenticated attackers to execute arbitrary code with SYSTEM privileges on Windows systems. The vulnerability requires local access and user interaction but provides complete system compromise capability. No KEV/CISA known exploited vulnerability status or public POC availability is confirmed from the provided data, though the CVSS 7.3 score and EPSS analysis should be monitored for exploitation likelihood.
A cross-site scripting vulnerability in Secure File Sharing (CVSS 7.2). High severity vulnerability requiring prompt remediation.
CVE-2025-25021 is a security vulnerability (CVSS 7.2) that allows a privileged execute code. High severity vulnerability requiring prompt remediation.
A cross-site scripting vulnerability in wpForo Advanced Attachments (CVSS 7.2). High severity vulnerability requiring prompt remediation.
CVE-2025-49163 is a security vulnerability (CVSS 6.7) that allows booting an arbitrary image. Remediation should follow standard vulnerability management procedures.
Memory corruption while handling test pattern generator IOCTL command.
Memory corruption while processing IOCTL command to handle buffers associated with a session.
Memory corruption may occur while processing voice call registration with user.
CVE-2024-53018 is a security vulnerability (CVSS 6.6). Remediation should follow standard vulnerability management procedures.
CVE-2024-53016 is a security vulnerability (CVSS 6.6). Remediation should follow standard vulnerability management procedures.
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an authenticated user to cause a denial of service due to improperly validating API data input.
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation.
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IP Port Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Parent Controls Page. The manipulation of the argument Device Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's user_meta and compare shortcodes in all versions up to, and including, 3.13.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The WP Plugin Info Card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘containerid’ parameter in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This issue is due to an incomplete patch for CVE-2025-31835.
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘album_buy_url’ parameter in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popupID' parameter in all versions up to, and including, 1.20.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Vayu Blocks - Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘containerWidth’ parameter in all versions up to, and including, 1.3.1 due to a missing capability check on the vayu_blocks_option_panel_callback() function and insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
The Bit File Manager - 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
CVE-2025-49162 is a security vulnerability (CVSS 6.4) that allows file overwrite. Remediation should follow standard vulnerability management procedures.