Skip to main content
CVE-2025-5600 CRITICAL POC Act Now

Buffer overflow in TOTOLINK EX1200T via setLanguageCfg. EPSS 0.52%. PoC available.

Buffer Overflow TP-Link Ex1200t Firmware TOTOLINK
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-4578 CRITICAL POC Act Now

SQL injection in File Provider WordPress plugin through 1.2.3. PoC available.

WordPress SQLi PHP File Provider
NVD WPScan
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-48935 CRITICAL POC PATCH Act Now

Deno versions 2.2.0 through 2.2.4 contain an authorization bypass vulnerability in SQLite database handling that allows attackers to circumvent read/write database permission checks via the SQL `ATTACH DATABASE` statement. An unauthenticated remote attacker can exploit this with no user interaction to gain unauthorized read and write access to protected databases, achieving high confidentiality and integrity impact. Patch is available in Deno 2.2.5.

Authentication Bypass SQLi Deno Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-5597 CRITICAL Act Now

Auth bypass in Airleader MASTER. CVSS 10.0.

Authentication Bypass
NVD GitHub
CVSS 4.0
10.0
EPSS
0.1%
CVE-2025-20286 CRITICAL Act Now

Default credentials in Cisco ISE cloud deployments on AWS/Azure/OCI. CVSS 9.9.

Cisco Oracle Information Disclosure Authentication Bypass Azure +2
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-49223 CRITICAL PATCH Act Now

Prototype pollution in billboard.js before 3.15.1 via generate function.

RCE Denial Of Service Billboard.Js
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-5598 CRITICAL Act Now

Path traversal in Airleader MASTER enables reading embedded sensitive data.

Information Disclosure Path Traversal
NVD GitHub
CVSS 4.0
9.2
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy