Skip to main content
CVE-2025-5502 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this issue is the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X15 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
4.2%
CVE-2025-5504 MEDIUM POC This Month

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X2000r Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.9%
CVE-2025-46548 MEDIUM POC PATCH This Month

If you enable Basic Authentication in Pekko Management using the Java DSL, the authenticator may not be properly applied. Users that rely on authentication instead of making sure the Management API ports are only available to trusted users are recommended to upgrade to version 1.1.1, which fixes this issue. Akka was affected by the same issue and has released the fix in version 1.6.1.

Java Authentication Bypass Akka Management Pekko Management
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2025-5515 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X2000r Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.7%
CVE-2025-30360 MEDIUM POC PATCH This Month

webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source code may be stolen when you access a malicious web site with non-Chromium based browser. The `Origin` header is checked to prevent Cross-site WebSocket hijacking from happening, which was reported by CVE-2018-14732. But webpack-dev-server always allows IP address `Origin` headers. This allows websites that are served on IP addresses to connect WebSocket. An attacker can obtain source code via a method similar to that used to exploit CVE-2018-14732. Version 5.2.1 contains a patch for the issue.

Information Disclosure Google Webpack Dev Server Chrome Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-5509 MEDIUM POC This Month

A vulnerability classified as critical has been found in quequnlong shiyi-blog up to 1.2.1. This affects an unknown part of the file /api/file/upload. The manipulation of the argument file/source leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Path Traversal Shiyi Blog
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.3%
CVE-2025-5510 MEDIUM POC This Month

A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This vulnerability affects unknown code of the file /app/sys/article/optimize. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

SSRF Shiyi Blog
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5493 MEDIUM POC This Month

A vulnerability was found in Baison Channel Middleware Product 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file /e3api/api/main/ToJsonByControlName. The manipulation of the argument data leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQLi Channel Middleware Product
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-3662 MEDIUM POC PATCH This Month

The FancyBox for WordPress plugin before 3.3.6 does not escape captions and titles attributes before using them to populate galleries' caption fields. The issue was received as a Contributor+ Stored XSS, however one of our researcher (Marc Montpas) escalated it to an Unauthenticated Stored XSS

WordPress XSS Fancybox PHP
NVD WPScan
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-5525 MEDIUM POC This Month

A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This vulnerability affects the function LogChan of the file trojan/util/linux.go. The manipulation of the argument c leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Command Injection Trojan
NVD GitHub VulDB
CVSS 3.1
5.6
EPSS
0.6%
CVE-2025-5498 MEDIUM POC This Month

A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It has been rated as critical. This issue affects the function file_get_contents/is_file of the file include/inc_lib/content/cnt21.readform.inc.php of the component Custom Source Tab. The manipulation of the argument cpage_custom leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.9.46 and 1.10.9 is able to address this issue. It is recommended to upgrade the affected component.

Deserialization PHP Phpwcms
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2025-5501 MEDIUM POC PATCH This Month

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named 2daa44adab762c47a8cef69cc984946973a845b3. It is recommended to apply a patch to fix this issue.

Denial Of Service Debian Open5gs
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-5520 MEDIUM POC PATCH This Month

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmm_state_authentication/emm_state_authentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 9f5d133657850e6167231527514ee1364d37a884. It is recommended to apply a patch to fix this issue. This is a different issue than CVE-2025-1893.

Denial Of Service Debian Open5gs
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-30359 MEDIUM POC PATCH This Month

A remote code execution vulnerability in webpack-dev-server (CVSS 5.3) that allows users. Risk factors: public PoC available. Vendor patch is available.

Code Injection Webpack Dev Server Red Hat
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-5511 MEDIUM POC This Month

A security vulnerability in quequnlong shiyi-blog (CVSS 5.3). Risk factors: public PoC available.

Information Disclosure Shiyi Blog
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-24015 MEDIUM POC PATCH This Month

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions 1.46.0 through 2.1.6 have an issue that affects AES-256-GCM and AES-128-GCM in Deno in which the authentication tag is not being validated. This means tampered ciphertexts or incorrect keys might not be detected, which breaks the guarantees expected from AES-GCM. Older versions of Deno correctly threw errors in such cases, as does Node.js. Without authentication tag verification, AES-GCM degrades to essentially CTR mode, removing integrity protection. Authenticated data set with set_aad is also affected, as it is incorporated into the GCM hash (ghash) but this too is not validated, rendering AAD checks ineffective. Version 2.1.7 includes a patch that addresses this issue.

Node.js Information Disclosure Deno Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-5521 MEDIUM POC This Month

A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CSRF Wukongcrm
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-4567 MEDIUM POC PATCH This Month

The Post Slider and Post Carousel with Post Vertical Scrolling Widget WordPress plugin before 3.2.10 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

WordPress XSS Post Slider And Post Carousel PHP
NVD WPScan
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-3584 MEDIUM POC PATCH This Month

The Newsletter WordPress plugin before 8.8.2 does not sanitise and escape some of its Subscription settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

WordPress XSS Newsletter PHP
NVD WPScan
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-5544 MEDIUM POC This Month

A vulnerability was found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. It has been rated as problematic. Affected by this issue is the function image of the file src/main/java/cn/gson/oasys/controller/user/UserpanelController.java. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

Java Path Traversal Oa System
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-49163 MEDIUM This Month

CVE-2025-49163 is a security vulnerability (CVSS 6.7) that allows booting an arbitrary image. Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2024-53017 MEDIUM This Month

Memory corruption while handling test pattern generator IOCTL command.

Buffer Overflow Memory Corruption Wcn3620 Firmware Wcn3660b Firmware Snapdragon 429 Mobile Platform Firmware +1
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-53015 MEDIUM This Month

Memory corruption while processing IOCTL command to handle buffers associated with a session.

Use After Free Buffer Overflow Memory Corruption Wcd9340 Firmware Snapdragon 480 5g Mobile Platform Firmware +78
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-53013 MEDIUM This Month

Memory corruption may occur while processing voice call registration with user.

Buffer Overflow Qca9367 Firmware Wcn3620 Firmware Wsa8810 Firmware Wsa8815 Firmware +54
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-53018 MEDIUM This Month

CVE-2024-53018 is a security vulnerability (CVSS 6.6). Remediation should follow standard vulnerability management procedures.

Buffer Overflow Wsa8835 Firmware Wcd9385 Firmware Wsa8830 Firmware Sw5100 Firmware +14
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-53016 MEDIUM This Month

CVE-2024-53016 is a security vulnerability (CVSS 6.6). Remediation should follow standard vulnerability management procedures.

Buffer Overflow Wcn3660b Firmware Wcn3980 Firmware Wsa8810 Firmware Wcd9385 Firmware +27
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-25020 MEDIUM This Month

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an authenticated user to cause a denial of service due to improperly validating API data input.

Denial Of Service IBM Qradar Suite Cloud Pak For Security
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-43923 MEDIUM This Month

An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation.

SQLi Focal Point
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-4671 MEDIUM This Month

The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's user_meta and compare shortcodes in all versions up to, and including, 3.13.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-5116 MEDIUM This Month

The WP Plugin Info Card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘containerid’ parameter in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This issue is due to an incomplete patch for CVE-2025-31835.

WordPress XSS PHP
NVD GitHub
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-5340 MEDIUM This Month

The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘album_buy_url’ parameter in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-4205 MEDIUM This Month

The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popupID' parameter in all versions up to, and including, 1.20.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-4420 MEDIUM This Month

The Vayu Blocks - Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘containerWidth’ parameter in all versions up to, and including, 1.3.1 due to a missing capability check on the vayu_blocks_option_panel_callback() function and insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-1725 MEDIUM This Month

The Bit File Manager - 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

WordPress File Upload XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-49162 MEDIUM This Month

CVE-2025-49162 is a security vulnerability (CVSS 6.4) that allows file overwrite. Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-5492 MEDIUM This Month

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub_456DE8 of the file /msp_info.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack can be launched remotely.

Command Injection Di 500wf Wt Firmware D-Link
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2025-43924 MEDIUM This Month

Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController (for /fp/admin/settings/loginpage) and the rootserviceurl parameter in FriendsController (for /fp/admin/settings/friends), entered by an admin, allow stored XSS.

XSS Focal Point
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-31710 MEDIUM This Month

In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.

Privilege Escalation Command Injection Android Google
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-2939 MEDIUM This Month

The Ninja Tables - Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.0.18 via deserialization of untrusted input from the args[callback] parameter . This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to execute arbitrary functions, though it does not allow user supplied parameters only single functions can be called so the impact is limited.

Deserialization WordPress PHP Ninja Tables
NVD
CVSS 3.1
5.6
EPSS
0.2%
CVE-2025-48953 MEDIUM PATCH This Month

Umbraco is an ASP.NET content management system (CMS). Starting in version 14.0.0 and prior to versions 15.4.2 and 16.0.0, it's possible to upload a file that doesn't adhere with the configured allowable file extensions via a manipulated API request. The issue is patched in versions 15.4.2 and 16.0.0. No known workarounds are available.

File Upload Umbraco Cms
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-45655 MEDIUM This Month

IBM Application Gateway 19.12 through 24.09 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.

Authentication Bypass IBM Application Gateway
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-45855 MEDIUM This Month

An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary code via uploading a crafted file.

File Upload RCE Erupt
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-12718 MEDIUM PATCH This Month

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

Python RCE Path Traversal Ubuntu Debian +2
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-41428 MEDIUM This Month

Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker.

Path Traversal
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2025-31712 MEDIUM This Month

In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.

Buffer Overflow Denial Of Service Android Google
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-31711 MEDIUM This Month

In cplog service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with no additional execution privileges needed.

Null Pointer Dereference Denial Of Service Android Google
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-5103 MEDIUM PATCH This Month

The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to boolean-based SQL Injection via the 'default_price' and 'product_id' parameters in all versions up to, and including, 3.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi Ultimate Gift Cards For Woocommerce PHP
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-25019 MEDIUM This Month

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which could allow a user to impersonate another user on the system.

Information Disclosure IBM Cloud Pak For Security Qradar Suite
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-43925 MEDIUM This Month

An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data.

Information Disclosure Focal Point
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-4047 MEDIUM This Month

A security vulnerability in Broken Link Checker (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

WordPress Authentication Bypass PHP
NVD
CVSS 3.1
4.3
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy