DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Electron Capture facilitates video playback for screen-sharing and capture. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.
VTun-ng is a Virtual Tunnel over TCP/IP network. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Russh is a Rust SSH client & server library. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Rated high severity (CVSS 7.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
pyLoad is the free and open-source Download Manager written in pure Python. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Claude Code is an agentic coding tool. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Claude Code is an agentic coding tool. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IPX is an image optimizer powered by sharp and svgo. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.
Cursor is a code editor built for programming with AI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
EspoCRM is a web application with a frontend designed as a single-page application and a REST API backend written in PHP. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Rejected reason: This CVE is a duplicate of CVE-2025-52464. No vendor patch available.