Skip to main content
CVE-2025-57802 HIGH This Month

Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Docker Information Disclosure
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-6737 HIGH This Month

Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-57773 HIGH POC PATCH This Week

DataEase is an open source business intelligence and data visualization tool. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Deserialization Code Injection Dataease
NVD GitHub
CVSS 4.0
8.2
EPSS
0.4%
CVE-2025-57772 HIGH POC PATCH This Week

DataEase is an open source business intelligence and data visualization tool. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Dataease
NVD GitHub
CVSS 4.0
8.2
EPSS
0.2%
CVE-2025-57760 HIGH PATCH This Month

Langflow is a tool for building and deploying AI-powered agents and workflows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Langflow
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-53120 CRITICAL This Week

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal
NVD
CVSS 3.1
9.4
EPSS
1.1%
CVE-2025-50722 CRITICAL POC Act Now

Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP RCE Sparkshop
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-29421 HIGH POC This Month

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Perfreeblog
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-29420 HIGH POC This Month

PerfreeBlog v4.0.11 has a directory traversal vulnerability in the getThemeFilesByName function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Perfreeblog
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-55575 CRITICAL This Week

SQL Injection vulnerability in SMM Panel 3.1 allowing remote attackers to gain sensitive information via a crafted HTTP request with action=service_detail. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-55574 MEDIUM This Month

Cross Site Scripting vulnerability in docmost v.0.21.0 and before allows an attacker to execute arbitrary code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS Docmost
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-53119 HIGH This Month

An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-29523 HIGH POC This Month

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dsl 7740C Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2025-5302 HIGH PATCH This Month

A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Python Red Hat
NVD GitHub
CVSS 3.0
8.6
EPSS
0.1%
CVE-2025-53510 HIGH POC This Week

A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-53085 HIGH POC This Week

A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-52930 HIGH POC This Week

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-52456 HIGH POC This Week

A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-51281 HIGH POC This Month

D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and id parameters in the qj_asp function. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow D-Link Di 8100 Firmware
NVD GitHub
CVSS 3.1
7.0
EPSS
0.1%
CVE-2025-50900 CRITICAL POC Act Now

An issue was discovered in getrebuild/rebuild 4.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Rebuild
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-50129 HIGH POC This Week

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-46407 HIGH POC This Week

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-44179 MEDIUM This Month

Hitron CGNF-TWN 3.1.1.43-TWN-pre3 contains a command injection vulnerability in the telnet service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Command Injection RCE
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-44178 MEDIUM This Month

DASAN GPON ONU H660WM H660WMR210825 is susceptible to improper access control under its default settings. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-35984 HIGH POC This Week

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-32468 HIGH POC This Week

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Sail
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-29525 MEDIUM This Month

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-29524 MEDIUM This Month

Incorrect access control in the component /cgi-bin/system_diagnostic_main.asp of DASAN GPON ONU H660WM H660WMR210825 allows attackers to access sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-29522 MEDIUM POC This Week

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dsl 7740C Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2025-29521 MEDIUM POC This Month

Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation D-Link Dsl 7740C Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-29520 MEDIUM POC This Month

Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Dsl 7740C Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-29519 MEDIUM POC This Month

A command injection vulnerability in the EXE parameter of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to execute arbitrary commands via supplying a crafted GET request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dsl 7740C Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2024-46413 MEDIUM POC This Month

Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex method. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Rebuild
NVD GitHub
CVSS 3.1
5.1
EPSS
0.0%
CVE-2024-46412 MEDIUM This Month

Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-54494 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54493 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54492 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54491 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54490 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54489 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54488 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54487 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54486 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54485 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54484 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54483 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54482 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54481 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54480 CRITICAL POC Act Now

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54462 CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.2%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy