Skip to main content
CVE-2025-66399 HIGH POC PATCH This Week

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters (including newlines) that are accepted, stored verbatim in the database, and later embedded into backend SNMP operations. In environments where downstream SNMP tooling or wrappers interpret newline-separated tokens as command boundaries, this can lead to unintended command execution with the privileges of the Cacti process. This vulnerability is fixed in 1.2.29.

Command Injection Ubuntu Debian Cacti Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-13000 HIGH POC This Week

The db-access WordPress plugin through 0.8.7 does not have authorization in an AJAX action, allowing any authenticated users, such as subscriber to perform SQLI attacks

SQLi WordPress Db Access PHP
NVD WPScan
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-65844 HIGH POC This Week

EverShop 2.0.1 allows a remote unauthenticated attacker to upload arbitrary files and create directories via the /api/images endpoint. The endpoint is accessible without authentication by default, and server-side validation of uploaded files is insufficient. This can be abused to upload arbitrary content (including non-image files) which could impersonate user/admin login panels (exfiltrating credentials) and to perform a denial-of-service attack by exhausting disk space.

File Upload Evershop
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-65877 HIGH POC This Week

Lvzhou CMS before commit c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 (2025-09-22) is vulnerable to SQL injection via the 'title' parameter in com.wanli.lvzhoucms.service.ContentService#findPage. The parameter is concatenated directly into a dynamic SQL query without sanitization or prepared statements, enabling attackers to read sensitive data from the database.

Information Disclosure SQLi Lvzhou Cms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-59702 HIGH POC This Week

A privilege escalation vulnerability (CVSS 7.2) that allows a physically proximate attacker with elevated privileges. Risk factors: public PoC available.

Information Disclosure Nshield Connect Xc High Firmware Nshield Connect Xc Base Firmware Nshield 5c Firmware Nshield Hsmi Firmware +1
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-59697 HIGH POC This Week

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06.

Privilege Escalation Nshield Connect Xc Base Firmware Nshield Connect Xc High Firmware Nshield 5c Firmware Nshield Hsmi Firmware +1
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-13827 HIGH PATCH This Week

Summary Arbitrary files can be uploaded via the GrapesJS Builder, as the types of files that can be uploaded are not restricted. ImpactIf the media folder is not restricted from running files this can lead to a remote code execution.

RCE File Upload
NVD GitHub
CVSS 4.0
8.8
EPSS
0.4%
CVE-2025-11787 HIGH This Week

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS()', 'CheckPing()' and 'TraceRoute()' functions.

Command Injection Sge Plc1000 Firmware Sge Plc50 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-12529 HIGH This Week

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() function in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to inject arbitrary file paths into the orders that are removed, when an administrator deletes them. This can lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability requires the Cost Calculator Builder Pro version to be installed along with the free version in order to be exploitable.

PHP WordPress RCE
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-13638 HIGH PATCH This Week

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

Google Denial Of Service Memory Corruption Use After Free Ubuntu +4
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-13633 HIGH PATCH This Week

Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Memory Corruption Use After Free Ubuntu +4
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-13720 HIGH PATCH This Week

Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Google Information Disclosure Ubuntu Debian Chrome +2
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-13630 HIGH PATCH This Week

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Google Information Disclosure Memory Corruption Ubuntu Debian +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-13631 HIGH PATCH This Week

Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)

Google Privilege Escalation Ubuntu Debian Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-13871 HIGH This Week

Cross-Site Request Forgery (CSRF) in the resource-management feature of ObjectPlanet Opinio 7.26 rev12562 allows to upload files on behalf of the connected users and then access such files without authentication.

CSRF Opinio
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-10971 HIGH This Week

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5.

Google Information Disclosure Android
NVD
CVSS 4.0
8.8
EPSS
0.0%
CVE-2025-12465 HIGH This Week

A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of input provided by a high-privileged user into aFilesDelete allows for Blind SQL Injection attacks. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

SQLi
NVD
CVSS 4.0
8.6
EPSS
0.0%
CVE-2025-34352 HIGH PATCH This Week

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on predictable files inside a user-writable %TEMP% subdirectory without validating that the directory is trusted or resetting its ACLs when it already exists. A local, low-privileged attacker can pre-create the directory with weak permissions and leverage mount-point or symbolic-link redirection to (a) coerce arbitrary file writes to protected locations, leading to denial of service (e.g., by overwriting sensitive system files), or (b) win a race to redirect DeleteFileW() to attacker-chosen targets, enabling arbitrary file or folder deletion and local privilege escalation to SYSTEM. This issue is fixed in JumpCloud Remote Assist 0.317.0 and affects Windows systems where Remote Assist is installed and managed through the Agent lifecycle.

Privilege Escalation Denial Of Service Microsoft Windows
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2025-64298 HIGH PATCH This Week

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.

Information Disclosure Microsoft Windows
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2024-45675 HIGH This Week

CVE-2024-45675 is a security vulnerability (CVSS 8.4) that allows a local user. High severity vulnerability requiring prompt remediation.

Information Disclosure IBM Informix Dynamic Server
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-62575 HIGH PATCH This Week

NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and other created accounts by default have the sysadmin role. This can lead to remote code execution through the use of certain built-in stored procedures.

RCE Microsoft
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2025-61940 HIGH PATCH This Week

CVE-2025-61940 is a security vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.

Information Disclosure Microsoft Windows
NVD
CVSS 3.1
8.3
EPSS
0.1%
CVE-2025-13516 HIGH This Week

The SureMail - SMTP and Email Logs Plugin for WordPress is vulnerable to Unrestricted Upload of File with Dangerous Type in versions up to and including 1.9.0. This is due to the plugin's save_file() function in inc/emails/handler/uploads.php which duplicates all email attachments to a web-accessible directory (wp-content/uploads/suremails/attachments/) without validating file extensions or content types. Files are saved with predictable names derived from MD5 hashes of their content. While the plugin attempts to protect this directory with an Apache .htaccess file to disable PHP execution, this protection is ineffective on nginx, IIS, and Lighttpd servers, or on misconfigured Apache installations. This makes it possible for unauthenticated attackers to achieve Remote Code Execution by uploading malicious PHP files through any public form that emails attachments, calculating the predictable filename, and directly accessing the file to execute arbitrary code granted they are exploiting a site running on an affected web server configuration.

WordPress File Upload Nginx Apache PHP +1
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-13639 HIGH PATCH This Week

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)

Google XSS Ubuntu Debian Chrome +2
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-66416 HIGH POC PATCH This Week

CVE-2025-66416 is a security vulnerability (CVSS 8.1) that allows dns rebinding protection. High severity vulnerability requiring prompt remediation. Vendor patch is available.

Authentication Bypass Python Mcp Python Sdk Red Hat
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-66414 HIGH PATCH This Week

A security vulnerability in MCP TypeScript SDK (CVSS 8.1) that allows dns rebinding protection. High severity vulnerability requiring prompt remediation. Vendor patch is available.

Authentication Bypass Mcp Typescript Sdk
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-64642 HIGH PATCH This Week

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries.

Information Disclosure
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-11781 HIGH This Week

Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a hardcoded static authentication key. An attacker with local access to the device can extract this key (e.g., by analysing the firmware image or memory dump) and create valid firmware update packages. This bypasses all intended access controls and grants full administrative privileges.

Authentication Bypass Sge Plc50 Firmware Sge Plc1000 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-66476 HIGH PATCH This Week

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.

Information Disclosure Microsoft Ubuntu Debian Vim +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20768 HIGH This Week

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805.

Privilege Escalation Information Disclosure Buffer Overflow Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20767 HIGH This Week

In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807.

Memory Corruption Privilege Escalation Buffer Overflow Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20766 HIGH This Week

CVE-2025-20766 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Privilege Escalation Buffer Overflow Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20764 HIGH This Week

In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029.

Memory Corruption Privilege Escalation Buffer Overflow Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20763 HIGH This Week

In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032.

Memory Corruption Privilege Escalation Buffer Overflow Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-66468 HIGH PATCH This Week

The Aimeos GrapesJS CMS extension provides page editor for creating content pages based on extensible components. Prior to 2021.10.8, 2022.10.8, 2023.10.8, 2024.10.8, and 2025.10.8, Javascript code can be injected by malicious editors for a stored XSS attack if the standard Content Security Policy is disabled. This vulnerability is fixed in 2021.10.8, 2022.10.8, 2023.10.8, 2024.10.8, and 2025.10.8.

XSS Grapesjs Cms
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-41015 HIGH PATCH This Week

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system. The vulnerability is exploitable through the 'pda:username' parameter with 'soapaction GetUserQuestionAndAnswer' in '/WS/PDAWebService.asmx'.

Information Disclosure Gim
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-41014 HIGH PATCH This Week

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system. The vulnerability is exploitable through the 'pda:username' parameter with 'soapaction GetLastDatePasswordChange' in '/WS/PDAWebService.asmx'.

Information Disclosure Gim
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-13721 HIGH PATCH This Week

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Google Information Disclosure Race Condition Ubuntu Debian +3
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-64460 HIGH PATCH This Week

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. Algorithmic complexity in `django.core.serializers.xml_serializer.getInnerText()` allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML input processed by the XML `Deserializer`. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Seokchan Yoon for reporting this issue.

Information Disclosure Python Ubuntu Debian Django +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-13724 HIGH This Week

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

SQLi WordPress PHP
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-11789 HIGH This Week

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi()' and then uses it as an index in the 'FilesDownload' array with '(&FilesDownload)[iVar2]'. If the parameter is too large, it will access memory beyond the limits.

Information Disclosure Buffer Overflow Sge Plc50 Firmware Sge Plc1000 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-13295 HIGH PATCH This Week

Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier.This issue affects BILGER: before 2.4.9.

Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-61729 HIGH PATCH This Week

Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.

Information Disclosure Ubuntu Debian Go Red Hat +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-64778 HIGH PATCH This Week

NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.

Authentication Bypass
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-58482 HIGH This Week

A security vulnerability in MPLocalService of MotionPhoto (CVSS 7.3) that allows local attackers. High severity vulnerability requiring prompt remediation.

Information Disclosure Motionphoto
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-58481 HIGH This Week

A security vulnerability in MPRemoteService of MotionPhoto (CVSS 7.3) that allows local attackers. High severity vulnerability requiring prompt remediation.

Information Disclosure Motionphoto
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-13387 HIGH This Week

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
7.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy