Skip to main content
CVE-2024-51977 MEDIUM POC THREAT This Month

An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631), can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mnt_info.csv can be accessed via a GET request and no authentication is required. The returned result is a comma separated value (CSV) table of information. The leaked information includes the device’s model, firmware version, IP address, and serial number.

Information Disclosure
NVD GitHub
CVSS 3.1
5.3
EPSS
39.5%
CVE-2024-57708 MEDIUM POC This Month

An issue in OneTrust SDK v.6.33.0 allows a local attacker to cause a denial of service via the Object.setPrototypeOf, __proto__, and Object.assign components. NOTE: this is disputed by the Supplier who does not agree it is a prototype pollution vulnerability.

Denial Of Service
NVD GitHub Exploit-DB
CVSS 3.1
5.7
EPSS
0.3%
CVE-2025-6668 MEDIUM POC This Month

CVE-2025-6668 is a critical SQL injection vulnerability in code-projects Inventory Management System 1.0 affecting the /php_action/fetchSelectedBrand.php endpoint via the brandId parameter. An unauthenticated remote attacker can exploit this vulnerability to read, modify, or delete database contents, with disclosed public exploits and active exploitation potential. The CVSS 7.3 score reflects moderate impact across confidentiality, integrity, and availability, though the attack requires no privileges or user interaction.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-6665 MEDIUM POC This Month

CVE-2025-6665 is a critical SQL injection vulnerability in code-projects Inventory Management System 1.0, specifically in the /php_action/editBrand.php file's editBrandStatus parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with a proof-of-concept available, increasing real-world exploitation risk.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-6612 MEDIUM POC This Month

CVE-2025-6612 is a critical SQL injection vulnerability in code-projects Inventory Management System 1.0 affecting the /php_action/removeCategories.php endpoint. An unauthenticated remote attacker can manipulate the 'categoriesId' parameter to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with exploit code available and demonstrates active exploitation potential with a CVSS 7.3 score indicating moderate-to-high severity.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-6611 MEDIUM POC This Month

CVE-2025-6611 is a critical SQL injection vulnerability in code-projects Inventory Management System 1.0 affecting the /php_action/createBrand.php endpoint via the brandStatus parameter. The vulnerability allows unauthenticated remote attackers to manipulate SQL queries, potentially resulting in unauthorized data access, modification, or deletion. Public exploit disclosure and active exploitation risk are confirmed.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2024-51984 MEDIUM This Month

A remote code execution vulnerability (CVSS 6.8). Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD GitHub
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-5829 MEDIUM This Month

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26330.

RCE Buffer Overflow Stack Overflow Maxicharger Dc Compact Pedestal Firmware Maxicharger Dc Compact Mobile Firmware +7
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-5828 MEDIUM This Month

Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of USB frame packets. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26328.

RCE Buffer Overflow Maxicharger Single Charger Firmware Maxicharger Ac Ultra Firmware Maxicharger Ac Pro Firmware +6
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-5832 MEDIUM This Month

Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the software update verification process. The issue results from the lack of validating all the data in the software update. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26079.

RCE Dmh Wt7600nex Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2025-5833 MEDIUM This Month

Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the operating system. The issue results from the lack of properly configured protection for the root file system. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26077.

Authentication Bypass Dmh Wt7600nex Firmware
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-52569 MEDIUM PATCH This Month

GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 5.9.1 lack input validation of input validation for user-provided values in certain functions. In the `GitHub.repo()` function, the user can provide any string for the `repo_name` field. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on `api.github.com` that were not intended. Users should upgrade immediately to v5.9.1 or later to receive a patch. All prior versions are vulnerable. No known workarounds are available.

Path Traversal
NVD GitHub
CVSS 4.0
6.6
EPSS
0.2%
CVE-2025-50178 MEDIUM PATCH This Month

GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 0.4.3 lack input validation for user provided values in certain functions. In the `GitForge.get_repo` function for GitHub, the user can provide any string for the owner and repo fields. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on api.github.com that were not intended. Version 0.4.3 contains a patch for the issue. No known workarounds are available.

Path Traversal
NVD GitHub
CVSS 4.0
6.6
EPSS
0.2%
CVE-2025-5823 MEDIUM This Month

Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the Autel Technician API. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26351.

Information Disclosure Maxicharger Single Charger Firmware Maxicharger Dc Compact Pedestal Firmware Maxicharger Dh480 Firmware Maxicharger Dc Compact Mobile Firmware +5
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49135 MEDIUM PATCH This Month

CVAT is an open source interactive video and image annotation tool for computer vision. Versions 2.2.0 through 2.39.0 have no validation during the import process of a project or task backup to check that the filename specified in the query parameter refers to a TUS-uploaded file belonging to the same user. As a result, if an attacker with a CVAT account and a `user` role knows the filenames of other users' uploads, they could potentially access and steal data by creating projects or tasks using those files. This issue does not affect annotation or dataset TUS uploads, since in this case object-specific temporary directories are used. Users should upgrade to CVAT 2.40.0 or a later version to receive a patch. No known workarounds are available.

Authentication Bypass Computer Vision Annotation Tool
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-20264 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms for users created by SAML SSO integration with an external identity provider. An attacker could exploit this vulnerability by submitting a series of specific commands to an affected device. A successful exploit could allow the attacker to modify a limited number of system settings, including some that would result in a system restart. In single-node Cisco ISE deployments, devices that are not authenticated to the network will not be able to authenticate until the Cisco ISE system comes back online. 

Cisco Authentication Bypass Identity Services Engine
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-5585 MEDIUM This Month

The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url` DOM Element Attribute in all versions up to, and including, 1.68.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS Siteorigin Widgets Bundle PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-5826 MEDIUM This Month

CVE-2025-5826 is a security vulnerability (CVSS 6.3) that allows network-adjacent attackers. Remediation should follow standard vulnerability management procedures.

Code Injection Maxicharger Ac Elite Business C50 Firmware Maxicharger Ac Ultra Firmware Maxicharger Dc Hipower Firmware Maxicharger Dc Compact Pedestal Firmware +5
NVD
CVSS 3.0
6.3
EPSS
0.0%
CVE-2025-6442 MEDIUM PATCH This Month

Ruby WEBrick read_header HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The specific flaw exists within the read_headers method. The issue results from the inconsistent parsing of terminators of HTTP headers. An attacker can leverage this vulnerability to smuggle arbitrary HTTP requests. Was ZDI-CAN-21876.

Information Disclosure Ubuntu Debian Webrick Red Hat +1
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-6444 MEDIUM This Month

ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of the GetErrorResponse method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to relay NTLM credentials in the context of the current user. Was ZDI-CAN-25834.

Information Disclosure Servicestack
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-41647 MEDIUM This Month

A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions.

Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-51981 MEDIUM This Month

An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control all the HTTP data sent in the SSRF connection, but the attacker can not receive any data back from this connection.

SSRF
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-51980 MEDIUM This Month

An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service (HTTP TCP port 80) SOAP request. The attacker can not control the data sent in the SSRF connection, nor can the attacker receive any data back. This SSRF is suitable for TCP port scanning of an internal network when the Web service (HTTP TCP port 80) is exposed across a network segment.

SSRF
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-52576 MEDIUM PATCH This Month

A remote code execution vulnerability in Kanboard (CVSS 5.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Authentication Bypass Debian Kanboard
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-6603 MEDIUM This Month

A vulnerability was found in coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e. It has been rated as problematic. Affected by this issue is the function qcow_make_empty of the file qCUDA/qcu-device/block/qcow.c. The manipulation of the argument s->l1_size leads to integer overflow. The attack needs to be approached locally. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-44206 MEDIUM This Month

Hexagon HxGN OnCall Dispatch Advantage (Web) v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage (Mobile) v10.2402 are vulnerable to Cross Site Scripting (XSS) which allows a remote authenticated attacker with access to the Broadcast (Person) functionality to execute arbitrary code.

RCE XSS
NVD GitHub
CVSS 3.1
4.6
EPSS
0.1%
CVE-2025-50179 MEDIUM PATCH This Month

Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-site request forgery vulnerability in Tuleap Community Edition prior to version 16.8.99.1749830289 and Tuleap Enterprise Edition prior to version 16.9-1 to trick victims into changing the canned responses. Tuleap Community Edition 16.8.99.1749830289 and Tuleap Enterprise Edition 16.9-1 contain a patch for the issue.

CSRF Tuleap
NVD GitHub
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-48991 MEDIUM PATCH This Month

Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability present in Tuleap Community Edition prior to version 16.8.99.1748845907 and Tuleap Enterprise Edition prior to versions 16.8-3 and 16.7-5 to trick victims into changing the canned responses. Tuleap Community Edition 16.8.99.1748845907, Tuleap Enterprise Edition 16.8-3, and Tuleap Enterprise Edition 16.7-5 contain a fix for the vulnerability.

CSRF Tuleap
NVD GitHub
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-52893 MEDIUM PATCH This Month

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. This issue has been fixed in OpenBao v2.3.0 and later. Like with HCSEC-2025-09, there is no known workaround except to ensure properly formatted requests from all clients.

Information Disclosure Ubuntu Debian Openbao Suse
NVD GitHub
CVSS 3.1
4.5
EPSS
0.0%
CVE-2025-49550 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction.

Adobe Authentication Bypass Commerce Commerce B2b Magento
NVD GitHub
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43880 MEDIUM This Month

Inefficient regular expression complexity issue exists in GROWI prior to v7.1.6. If exploited, a logged-in user may cause a denial of service (DoS) condition.

Denial Of Service
NVD GitHub
CVSS 3.0
4.3
EPSS
0.1%
CVE-2025-25012 MEDIUM PATCH CERT-EU This Month

URL redirection to an untrusted site ('Open Redirect') in Kibana can lead to sending a user to an arbitrary site and server-side request forgery via a specially crafted URL.

SSRF Open Redirect Debian Kibana Red Hat
NVD
CVSS 3.1
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy