Skip to main content
CVE-2025-66294 HIGH POC PATCH THREAT Act Now

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by unauthenticated attackers. This vulnerability stems from weak regex validation in the cleanDangerousTwig method. This vulnerability is fixed in 1.8.0-beta.27.

RCE Code Injection Grav
NVD GitHub
CVSS 3.1
8.8
EPSS
38.3%
Threat
4.4
CVE-2025-66297 HIGH POC PATCH This Week

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a user with admin panel access and permissions to create or edit pages in Grav CMS can enable Twig processing in the page frontmatter. By injecting malicious Twig expressions, the user can escalate their privileges to admin or execute arbitrary system commands via the scheduler API. This results in both Privilege Escalation (PE) and Remote Code Execution (RCE) vulnerabilities. This vulnerability is fixed in 1.8.0-beta.27.

Privilege Escalation RCE Grav
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-66299 HIGH POC PATCH This Week

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassing the existing security sandbox. Since the security sandbox does not fully protect the Twig object, it is possible to interact with it (e.g., call methods, read/write attributes) through maliciously crafted Twig template directives injected into a web page. This allows an authenticated editor to add arbitrary functions to the Twig attribute system.twig.safe_filters, effectively bypassing the Grav CMS sandbox. This vulnerability is fixed in 1.8.0-beta.27.

RCE Code Injection Grav
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-65840 HIGH POC This Week

PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the CkEditorAdminController.

CSRF Publiccms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-66300 HIGH POC PATCH This Week

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A low privilege user account with page editing privilege can read any server files using "Frontmatter" form. This includes Grav user account files (/grav/user/accounts/*.yaml), which store hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise any registered account by resetting a password for a user to get access to the password reset token from the file or by cracking the hashed password. This vulnerability is fixed in 1.8.0-beta.27.

Path Traversal Grav
NVD GitHub
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-63528 HIGH POC This Week

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the blooddinfo.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the error parameter, which is then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-63527 HIGH POC This Week

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the hname, hemail, hpassword, hphone, hcity parameters, which are then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-63526 HIGH POC This Week

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter, which is then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-55749 HIGH POC PATCH This Week

XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package (XJetty), a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials. Fixed in 16.10.11, 17.4.4, and 17.7.0.

Authentication Bypass Xwiki
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2025-64775 HIGH POC PATCH This Week

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.

Denial Of Service Apache Ubuntu Debian Struts +1
NVD GitHub HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-65838 HIGH POC This Week

PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method.

Path Traversal Publiccms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-66298 HIGH POC PATCH This Week

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, having a simple form on site can reveal the whole Grav configuration details (including plugin configuration details) by using the correct POST payload to exploit a Server-Side Template (SST) vulnerability. Sensitive information may be contained in the configuration details. This vulnerability is fixed in 1.8.0-beta.27.

Information Disclosure Grav
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-7007 HIGH POC This Week

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3.

Microsoft Denial Of Service Null Pointer Dereference Apple Windows +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-66313 HIGH POC PATCH This Week

ChurchCRM is an open-source church management system. In ChurchCRM 6.2.0 and earlier, there is a time-based blind SQL injection in the handling of the 1FieldSec parameter. Injecting SLEEP() causes deterministic server-side delays, proving the value is incorporated into a SQL query without proper parameterization. The issue allows data exfiltration and modification via blind techniques.

SQLi Churchcrm
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-11699 HIGH POC PATCH This Week

nopCommerce v4.70 and prior, and version 4.80.3, does not invalidate session cookies after logout or session termination, allowing an attacker who has a a valid session cookie access to privileged endpoints (such as /admin) even after the legitimate user has logged out, enabling session hijacking. Any version above 4.70 that is not 4.80.3 fixes the vulnerability.

Information Disclosure Nopcommerce
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-66412 HIGH PATCH CISA GHSA Act Now

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.

XSS
NVD GitHub HeroDevs
CVSS 4.0
8.5
EPSS
0.0%
CVE-2025-66295 HIGH PATCH This Week

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, when a user with privilege of user creation creates a new user through the Admin UI and supplies a username containing path traversal sequences (for example ..\Nijat or ../Nijat), Grav writes the account YAML file to an unintended path outside user/accounts/. The written YAML can contain account fields such as email, fullname, twofa_secret, and hashed_password. This vulnerability is fixed in 1.8.0-beta.27.

Path Traversal Grav
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-66296 HIGH PATCH This Week

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users. A user with the create user permission can create a new account using the same username as an existing administrator account, set a new password/email, and then log in as that administrator. This effectively allows privilege escalation from limited user-manager permissions to full administrator access. This vulnerability is fixed in 1.8.0-beta.27.

Privilege Escalation Grav
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-26858 HIGH This Week

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.

Denial Of Service Buffer Overflow Diris M 70 Firmware
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-55222 HIGH This Week

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus RTU over TCP on port 503.

Authentication Bypass Denial Of Service Diris M 70 Firmware
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-55221 HIGH This Week

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus TCP over port 502.

Authentication Bypass Denial Of Service Diris M 70 Firmware
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-23417 HIGH This Week

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

Authentication Bypass Denial Of Service Diris M 70 Firmware
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2024-48882 HIGH This Week

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

Authentication Bypass Denial Of Service Diris M 70 Firmware
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-13829 HIGH PATCH This Week

A security vulnerability in Incorrect Authorization vulnerability in Data Illusion Zumbrunn NGSurvey (CVSS 8.6) that allows any logged-in user. High severity vulnerability requiring prompt remediation.

Authentication Bypass
NVD
CVSS 4.0
8.6
EPSS
0.1%
CVE-2025-34297 HIGH This Week

KissFFT versions prior to the fix commit 1b083165 contain an integer overflow in kiss_fft_alloc() in kiss_fft.c on platforms where size_t is 32-bit. The nfft parameter is not validated before being used in a size calculation (sizeof(kiss_fft_cpx) * (nfft - 1)), which can wrap to a small value when nfft is large. As a result, malloc() allocates an undersized buffer and the subsequent twiddle-factor initialization loop writes nfft elements, causing a heap buffer overflow. This vulnerability only affects 32-bit architectures.

Integer Overflow Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2025-63534 HIGH This Week

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and error parameters, which are then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-63533 HIGH This Week

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the rname, remail, rpassword, rphone, rcity parameters, which are then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2024-39148 HIGH This Week

The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is protected via local firewall.

RCE Code Injection Keros
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-57489 HIGH This Week

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary.

Authentication Bypass Superduper
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8351 HIGH PATCH This Week

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.

Heap Overflow Buffer Overflow Apple
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-41700 HIGH PATCH This Week

An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.

RCE Deserialization Codesys
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-10101 HIGH PATCH This Week

Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025.

Heap Overflow Denial Of Service Buffer Overflow Apple
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-64772 HIGH This Week

A security vulnerability in installer of INZONE Hub 1.0.10.3 to 1.0.17.0 (CVSS 7.8). High severity vulnerability requiring prompt remediation.

RCE
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-61229 HIGH This Week

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls.

Privilege Escalation Apple Superduper
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-61228 HIGH This Week

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism

RCE Superduper
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-59789 HIGH PATCH This Week

Uncontrolled recursion in the json2pb component in Apache bRPC (version < 1.15.0) on all platforms allows remote attackers to make the server crash via sending deep recursive json data. Root Cause: The bRPC json2pb component uses rapidjson to parse json data from the network. The rapidjson parser uses a recursive parsing method by default. If the input json has a large depth of recursive structure, the parser function may run into stack overflow. Affected Scenarios: Use bRPC server with protobuf message to serve http+json requests from untrusted network. Or directly use JsonToProtoMessage to convert json from untrusted input. How to Fix: (Choose one of the following options)  1. Upgrade bRPC to version 1.15.0, which fixes this issue. 2. Apply this patch: https://github.com/apache/brpc/pull/3099 Note: No matter which option you choose, you should know that the fix introduces a recursion depth limit with default value 100. It affects these functions:  ProtoMessageToJson, ProtoMessageToProtoJson, JsonToProtoMessage, and ProtoJsonToProtoMessage. If your requests contain json or protobuf messages that have a depth exceeding the limit, the request will be failed after applying the fix. You can modify the gflag json2pb_max_recursion_depth to change the limit.

Denial Of Service Apache Debian Brpc
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-61619 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-61618 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-61617 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-61610 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-61609 HIGH This Week

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-61608 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-61607 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-3012 HIGH This Week

In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-11133 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-11132 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-11131 HIGH This Week

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-41738 HIGH PATCH This Week

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.

Information Disclosure Memory Corruption Control For Pfc100 Sl Runtime Toolkit Control For Wago Touch Panels 600 Sl +12
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-53684 HIGH This Week

A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability.

CSRF Authentication Bypass Diris M 70 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-54851 HIGH This Week

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.An attacker can trigger this denial-of-service condition by sending a single Modbus TCP message to port 503 using the Write Single Register function code (6) to write the value 1 to register 4352. This action changes the Modbus address to 15. After this message is sent, the device will be in a denial-of-service state.

Authentication Bypass Denial Of Service Diris M 70 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy