CVE-2025-34029 is an OS command injection vulnerability in Edimax EW-7438RPn Mini wireless router firmware version 1.13 and prior that allows authenticated remote attackers to execute arbitrary shell commands as root through the /goform/formSysCmd endpoint. The vulnerability has a CVSS score of 8.8 (High) and was observed being exploited in the wild by the Shadowserver Foundation on 2024-09-14 UTC, indicating active real-world attack activity against this widely-deployed consumer networking device.
CVE-2025-34024 is an OS command injection vulnerability in Edimax EW-7438RPn wireless range extender firmware versions 1.13 and prior, allowing authenticated attackers to execute arbitrary commands as root via the /goform/mp endpoint. The vulnerability results from improper input validation on the 'command' parameter in the mp.asp form handler, enabling shell metacharacter injection. Active exploitation was observed by the Shadowserver Foundation on 2024-09-14 UTC, indicating real-world threat activity against this device.
CVE-2025-6337 is a critical buffer overflow vulnerability in TOTOLINK A3002R and A3002RU routers affecting versions 3.0.0-B20230809.1615 and 4.0.0-B20230531.1404. An authenticated attacker can exploit the 'submit-url' parameter in the /boafrm/formTmultiAP HTTP POST handler to achieve remote code execution with complete system compromise (confidentiality, integrity, and availability). Public exploit code exists and the vulnerability is exploitable over the network with low complexity.
CVE-2025-6336 is a critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter in the /boafrm/formTmultiAP endpoint to achieve remote code execution with full system compromise (confidentiality, integrity, and availability). Public exploit code is available and the vulnerability has been disclosed; exploitation requires valid credentials but no user interaction.
CVE-2025-34023 is a path traversal vulnerability in Karel IP1211 IP Phone's web management panel that allows remote authenticated attackers to read arbitrary files from the underlying system via unsanitized input to the /cgi-bin/cgiServer.exx endpoint's page parameter. This vulnerability affects IP phone administrators with network access to the management interface and carries a CVSS 8.5 score reflecting high confidentiality impact. Active exploitation evidence was documented by Shadowserver Foundation on 2025-02-02 UTC, indicating real-world attack activity.
CVE-2025-6302 is a critical stack-based buffer overflow vulnerability in TOTOLINK EX1200T router firmware version 4.1.2cu.5232_B20210713, specifically in the setStaticDhcpConfig function of /cgi-bin/cstecgi.cgi. An authenticated attacker can exploit this by sending a malicious Comment parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code has been disclosed, making this actively exploitable.
CVE-2025-6292 is a critical stack-based buffer overflow vulnerability in D-Link DIR-825 routers (version 2.03 and potentially others) that allows authenticated attackers to execute arbitrary code remotely via malformed HTTP POST requests to the vulnerable HTTP POST Request Handler function. The vulnerability affects end-of-life products no longer receiving security updates from D-Link, and public exploit code has been disclosed, increasing real-world exploitation risk despite requiring valid credentials.
CVE-2025-6291 is a critical stack-based buffer overflow vulnerability in D-Link DIR-825 firmware version 2.03, exploitable via HTTP POST requests to the do_file function. An authenticated attacker can achieve complete system compromise (confidentiality, integrity, and availability violations) remotely without user interaction. Public exploit code exists and the affected product is end-of-life with no vendor support, elevating real-world risk despite authentication requirement.
A critical stack-based buffer overflow vulnerability exists in D-Link DIR-815 firmware version 1.01 within the hedwig.cgi module (function sub_403794), allowing remote attackers with low privilege access to execute arbitrary code with high impact on confidentiality, integrity, and availability. Public exploit code is available and the vulnerability may be actively exploited in the wild, making this a high-priority remediation target.
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.
CVE-2025-6369 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L v2.06B01 affecting the /goform/formdumpeasysetup endpoint. An authenticated remote attacker can exploit improper input validation of the curTime or config.save_network_enabled parameters to achieve remote code execution with high impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and the affected product is end-of-life with no vendor support available.
A critical stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the formSetEmail function via the curTime and config.smtp_email_subject parameters. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). Public exploit code has been disclosed, and the affected product is end-of-life with no vendor support available.
CVE-2025-6367 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the /goform/formSetDomainFilter endpoint. An authenticated remote attacker can exploit improper input validation on the curTime, sched_name_%d, and url_%d parameters to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and affects end-of-life hardware no longer receiving vendor support.
CVE-2025-6371 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the formSetEnableWizard function. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation has been publicly disclosed with proof-of-concept available, and this vulnerability only affects end-of-life products no longer receiving vendor support.
A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.
CVE-2025-32879 is a security vulnerability (CVSS 8.8) that allows an attacker. Risk factors: public PoC available.
CVE-2024-4994 is a Cross-Site Request Forgery (CSRF) vulnerability in GitLab's GraphQL API that allows unauthenticated attackers to execute arbitrary GraphQL mutations through a malicious website visited by authenticated GitLab users. This affects GitLab CE/EE versions 16.1.0-16.11.4, 17.0.0-17.0.2, and 17.1.0, with a CVSS score of 8.1 indicating high severity. The vulnerability requires user interaction (clicking a malicious link) but can result in unauthorized data manipulation or system compromise depending on the mutations executed.
CVE-2025-34021 is a critical Server-Side Request Forgery (SSRF) vulnerability affecting multiple Selea Targa IP OCR-ANPR camera models that allows remote unauthenticated attackers to induce arbitrary HTTP requests through unvalidated JSON POST parameters (ipnotify_address and url). An attacker can bypass firewall policies, enumerate internal services, or redirect image fetch and DNS lookup operations to internal or external systems of their choosing. Active exploitation was confirmed by the Shadowserver Foundation on 2025-01-25, indicating real-world attack activity and operational risk.
CVE-2025-45331 is a Null Pointer Dereference (NPD) vulnerability in brplot v420.69.1's br_dagens_handle_once function that causes denial of service through segmentation faults and program crashes. The vulnerability is remotely exploitable without authentication or user interaction (CVSS 7.5), making it a high-availability risk for any system processing brplot data. While KEV status and active exploitation data are not provided, the network-accessible attack vector and high availability impact suggest this warrants prioritization for patched deployments.
CVE-2025-48705 is a NULL pointer dereference vulnerability in COROS PACE 3 smartwatch (versions 3.0 through 3.0808.0) that allows unauthenticated remote attackers to trigger a device reboot by sending a specially crafted Bluetooth Low Energy (BLE) message. The vulnerability results in denial of service with no additional privileges required, affecting the availability of the device. Given the CVSS 7.5 score and remote/network attack vector over BLE, this poses a significant nuisance risk to users, though impact is limited to device unavailability rather than data compromise.
A SQL injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.
CVE-2025-6363 is a critical SQL injection vulnerability in code-projects Simple Pizza Ordering System version 1.0, specifically in the /adding-exec.php file where the 'ingname' parameter is improperly sanitized. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of database records. With a CVSS score of 7.3 and network-based attack vector requiring no user interaction, this vulnerability poses significant risk to affected deployments, though real-world exploitation likelihood depends on whether POC code and active exploitation attempts are documented.
CVE-2025-6362 is a critical SQL injection vulnerability in code-projects Simple Pizza Ordering System version 1.0, specifically in the /editpro.php file where the ID parameter is improperly validated. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or system compromise. The vulnerability has a CVSS score of 7.3 (High) and requires no user interaction or authentication, making it a significant risk for deployments of this application.
CVE-2025-6361 is a critical SQL injection vulnerability in code-projects Simple Pizza Ordering System version 1.0, affecting the /adds.php file's userid parameter. An unauthenticated remote attacker can exploit this vulnerability without user interaction to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of the application database. The vulnerability has a CVSS score of 7.3 (High) and represents an immediate risk to any organization running this unpatched system in production.
CVE-2025-6334 is a critical stack-based buffer overflow vulnerability in D-Link DIR-867 1.0 routers, affecting the Query String Handler's strncpy function implementation. Remote attackers with low privileges can exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability breaches. The vulnerability has documented public exploits available, affects end-of-life hardware no longer receiving vendor support, and carries a high CVSS 3.1 score of 8.8.
A privilege escalation vulnerability in Rameez Iqbal Real Estate Manager allows Privilege Escalation (CVSS 8.8). High severity vulnerability requiring prompt remediation.
A security vulnerability in all (CVSS 8.7) that allows for cross-site-scripting attack and content security policy bypass. High severity vulnerability requiring prompt remediation.
CVE-2025-52822 is an SQL injection vulnerability in Iqonic Design's WP Roadmap WordPress plugin (versions up to 2.1.3) that allows authenticated attackers to execute arbitrary SQL commands. An attacker with user-level privileges can exploit this via network access without user interaction to read sensitive database contents and cause denial of service. The vulnerability has not been confirmed as actively exploited in the wild, but the high CVSS score (8.5) and low attack complexity indicate this should be treated as a priority for affected WordPress installations.
CVE-2025-52821 is a SQL Injection vulnerability in thanhtungtnt Video List Manager versions up to 1.7 that allows authenticated attackers to execute arbitrary SQL commands. The vulnerability has a CVSS score of 8.5 with high confidentiality impact and cross-site scope implications, meaning successful exploitation could lead to unauthorized data access and potential lateral movement within affected systems. While the attack requires valid credentials (PR:L), the network accessibility and low attack complexity make this a significant risk for organizations using this plugin.
GitLab CE/EE contains a missing authorization check (CWE-862) in its compliance frameworks feature that allows authenticated users with limited privileges to apply compliance frameworks to projects outside the intended scope of the framework's group, potentially affecting confidentiality, integrity, and availability. This vulnerability affects GitLab versions 17.11 before 17.11.4 and 18.0 before 18.0.2. The CVSS 8.5 score reflects high severity due to the scope change and multiple impact categories, though exploitation requires low-level user authentication and higher-than-typical attack complexity.
pycares versions prior to 4.9.0 contain a use-after-free vulnerability (CWE-416) in the Channel object that crashes the Python interpreter when garbage collection occurs during pending DNS queries. This denial-of-service vulnerability affects any application using pycares for asynchronous DNS resolution; attackers can trigger interpreter crashes by manipulating DNS query timing, though no active exploitation or public POC is documented. The CVSS 8.2 score reflects high availability impact, but real-world exploitability is limited by the requirement for application-level DNS query patterns and Python garbage collection timing.
PowSyBl versions 6.3.0 through 6.7.1 contain an unsafe deserialization vulnerability in the SparseMatrix.read() method that allows remote attackers to achieve arbitrary code execution and privilege escalation without authentication or user interaction. The vulnerability affects the powsybl-math library, a core component of the Power System Blocks framework used in power grid management software. Exploitation requires only network access to an application exposing the vulnerable deserialization method.
CVE-2025-3319 is an authentication bypass vulnerability in IBM Spectrum Protect Server versions 8.1 through 8.1.26 caused by improper session authentication mechanisms. This flaw allows unauthenticated network attackers to bypass authentication and gain unauthorized access to protected resources, potentially compromising backup and recovery infrastructure. With a CVSS score of 8.1 (High) and network-based attack vector, this vulnerability poses significant risk to organizations relying on Spectrum Protect for data protection.
CVE-2025-49715 is a private personal information disclosure vulnerability in Microsoft Dynamics 365 FastTrack Implementation Assets that allows unauthenticated network-based attackers to access sensitive user data without any user interaction. The vulnerability has a CVSS score of 7.5 (High) with confirmed high confidentiality impact, and affects organizations using Dynamics 365 FastTrack resources. Given the network-accessible nature and lack of authentication requirements, this poses significant risk to enterprise customer data security.
CVE-2025-52715 is a PHP Local File Inclusion (LFI) vulnerability in RadiusTheme's Classified Listing plugin that allows authenticated attackers to include and execute arbitrary local files through improper filename validation in PHP include/require statements. The vulnerability affects Classified Listing versions up to 4.2.0, and while the CVSS score of 7.5 indicates high severity, exploitation requires local authentication and non-standard attack complexity, suggesting moderate real-world risk absent evidence of active exploitation or public proof-of-concept.
CVE-2025-52708 is a PHP Local File Inclusion (LFI) vulnerability in RealMag777 HUSKY versions up to 1.3.7, stemming from improper control of filenames in include/require statements. An authenticated attacker with low-to-medium privilege requirements can exploit this remotely to read arbitrary files from the server filesystem, potentially leading to information disclosure, code execution, or system compromise. The CVSS 7.5 score and requirement for authenticated access (PR:L) suggest moderate real-world risk; active exploitation status and POC availability are not confirmed from available data, but the vulnerability class (CWE-98 RFI/LFI) is historically high-value for attackers.
CVE-2025-52802 is a security vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.
CVE-2025-44203 is a critical information disclosure vulnerability in HotelDruid 3.0.7 that allows unauthenticated attackers to extract sensitive database credentials (administrator username, password hash, and salt) through verbose SQL error messages on the creadb.php endpoint. The vulnerability can also cause denial of service conditions that lock administrators out of the system. With a CVSS score of 7.5 and no authentication required, this poses an immediate threat to unpatched HotelDruid installations.
The Beaver Builder Plugin (Starter Version) for WordPress contains an arbitrary file upload vulnerability in the 'save_enabled_icons' function due to missing file type validation, affecting all versions up to and including 2.9.1. Authenticated attackers with Administrator-level access can upload arbitrary files to the server, potentially enabling remote code execution. The vulnerability was only partially patched in version 2.9.1, indicating residual risk in the latest release.
CVE-2025-52782 is a Reflected Cross-Site Scripting (XSS) vulnerability in King Rayhan Scroll UP WordPress plugin versions through 2.0 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by users. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector requiring user interaction; attackers can steal session cookies, perform actions on behalf of users, or redirect users to malicious sites. KEV status and active exploitation data were not provided in available intelligence sources, though the reflected XSS nature suggests moderate real-world exploitability.
CVE-2025-49873 is a Reflected Cross-Site Scripting (XSS) vulnerability in NasaTheme's Elessi WordPress theme that allows unauthenticated attackers to inject malicious scripts into web pages viewed by victims. Versions up to and including 6.3.9 are affected. An attacker can steal session cookies, perform actions on behalf of users, or redirect users to malicious sites with minimal complexity (network-accessible input, user interaction required). The vulnerability lacks confirmed EPSS data and KEV listing at this time, but the CVSS 7.1 score and reflected XSS nature indicate moderate-to-high priority.
CVE-2025-52794 is a Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Creative Contact Form (versions up to 1.0.0) that enables Stored XSS attacks. An unauthenticated attacker can craft malicious requests to inject persistent JavaScript payloads through contact form submissions, affecting any user who views the contaminated form data. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector and low attack complexity, making it readily exploitable in typical web deployments.
CVE-2025-52793 is a Cross-Site Request Forgery (CSRF) vulnerability in Esselink.nu Settings that enables reflected Cross-Site Scripting (XSS) attacks. The vulnerability affects Esselink.nu Settings versions up to and including 2.94, allowing unauthenticated remote attackers to perform actions on behalf of users and inject malicious scripts with minimal user interaction. With a CVSS score of 7.1 and network-based attack vector, this vulnerability poses a moderate-to-significant risk to affected installations, particularly if actively exploited or if public proof-of-concept code becomes available.
CVE-2025-52792 is a Cross-Site Request Forgery (CSRF) vulnerability in the vgstef WP User Stylesheet Switcher WordPress plugin (versions up to v2.2.0) that enables Stored XSS attacks. An unauthenticated attacker can exploit this via a simple network request with user interaction to inject malicious scripts that execute in victims' browsers, potentially compromising user sessions and data. The vulnerability has not been confirmed as actively exploited in the wild, though the high CVSS score (7.1) and network-accessible attack vector indicate practical exploitability.
CVE-2025-52791 is a CSRF vulnerability in devfelixmoira Knowledge Base Maker (versions up to 1.1.8) that enables Stored XSS attacks, allowing unauthenticated remote attackers to inject malicious scripts that persist and execute in users' browsers. The vulnerability requires user interaction (clicking a malicious link) but can affect multiple users through stored payloads, with a CVSS score of 7.1 indicating medium-high severity. No KEV listing or confirmed EPSS data is available in public sources, and patch availability status requires verification with the vendor.
CVE-2025-52790 is a CSRF vulnerability in the r-win WP-DownloadCounter WordPress plugin (versions through 1.01) that enables Stored XSS attacks. An attacker can craft malicious requests that, when clicked by an administrator, inject persistent JavaScript into the plugin's data storage, affecting all site visitors. The CVSS 7.1 score reflects moderate severity with network-based attack delivery and user interaction requirements, though the actual exploitability and active exploitation status require verification against KEV and EPSS data.
A cross-site scripting vulnerability in George Lewe Lewe ChordPress allows Stored XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.
CVE-2025-52784 is a Cross-Site Request Forgery (CSRF) vulnerability in hideoguchi Bluff Post that enables Stored XSS attacks, affecting versions through 1.1.1. An unauthenticated attacker can craft malicious requests to inject persistent JavaScript payloads that execute in victims' browsers when they view affected content, potentially leading to session hijacking, credential theft, or defacement. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector and low complexity, indicating moderate real-world risk.
A remote code execution vulnerability in themelocation Change Cart button Colors WooCommerce allows Stored XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.
CVE-2025-52781 is a Cross-Site Request Forgery (CSRF) vulnerability in Beee TinyNav versions up to 1.4 that enables Stored XSS attacks. An unauthenticated attacker can craft malicious requests to inject persistent JavaScript payloads into the application, which are then executed in the browsers of other users who interact with the compromised content. With a CVSS score of 7.1 and network-based attack vector requiring only user interaction, this vulnerability poses a moderate-to-significant risk to affected deployments, particularly if actively exploited in the wild or publicly disclosed with proof-of-concept code.