Skip to main content
CVE-2025-59705 MEDIUM POC This Month

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01.

Privilege Escalation Nshield 5c Firmware Nshield Connect Xc High Firmware Nshield Connect Xc Mid Firmware Nshield Hsmi Firmware +1
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-59699 MEDIUM POC This Month

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.

Authentication Bypass Nshield Connect Xc High Firmware Nshield Connect Xc Mid Firmware Nshield 5c Firmware Nshield Connect Xc Base Firmware +1
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-59698 MEDIUM POC This Month

CVE-2025-59698 is a security vulnerability (CVSS 6.8) that allows a physically proximate attacker. Risk factors: public PoC available.

Information Disclosure Nshield 5c Firmware Nshield Connect Xc Mid Firmware Nshield Connect Xc Base Firmware Nshield Connect Xc High Firmware +1
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-59694 MEDIUM POC This Month

CVE-2025-59694 is a security vulnerability (CVSS 6.8) that allows a physically proximate attacker. Risk factors: public PoC available.

Information Disclosure Nshield Hsmi Firmware Nshield Connect Xc Base Firmware Nshield Connect Xc Mid Firmware Nshield Connect Xc High Firmware +1
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-65657 MEDIUM POC This Month

FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE).

PHP RCE Command Injection File Upload Feehicms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-58113 MEDIUM POC This Month

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

Information Disclosure Buffer Overflow Pdf Xchange Editor
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-63872 MEDIUM POC This Month

DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which allows JavaScript execution through model-generated SVG content.

XSS Deepseek
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-65881 MEDIUM POC This Month

Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /classes/Login.php.

PHP XSS Zoo Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-65215 MEDIUM POC This Month

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /product_expiry/add-supplier.php via the Supplier Name field.

PHP XSS Web Based Pharmacy Product Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-65186 MEDIUM POC This Month

Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS). The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize <script> tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface.

XSS Grav
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-65187 MEDIUM POC PATCH This Month

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting Batches field. An authenticated user can inject malicious JavaScript into this field and it executes whenever the page is viewed.

XSS Ubuntu Debian Civicrm
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-64070 MEDIUM POC This Month

Sourcecodester Student Grades Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in the Add New Subject Description field.

XSS Student Grades Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-55129 MEDIUM POC This Month

HackerOne community member Kassem S.(kassem_s94) has reported that username handling in Revive Adserver was still vulnerable to impersonation attacks after the fix for CVE-2025-52672, via several alternate techniques. Homoglyphs based impersonation has been independently reported by other HackerOne users, such as itz_hari_ and khoof.

Information Disclosure Revive Adserver
NVD
CVSS 3.0
5.4
EPSS
0.0%
CVE-2025-59704 MEDIUM POC This Month

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password.

Authentication Bypass Nshield Connect Xc Base Firmware Nshield 5c Firmware Nshield Connect Xc High Firmware Nshield Connect Xc Mid Firmware +1
NVD GitHub
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-13001 MEDIUM POC This Month

The donation WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users, such as admin to perform SQL injection attacks

SQLi WordPress Donations PHP
NVD WPScan
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-59701 MEDIUM POC This Month

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).

Information Disclosure Nshield Hsmi Firmware Nshield Connect Xc High Firmware Nshield 5c Firmware Nshield Connect Xc Mid Firmware +1
NVD GitHub
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-20777 MEDIUM This Month

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752.

Memory Corruption Privilege Escalation Buffer Overflow Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20776 MEDIUM This Month

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759.

Privilege Escalation Information Disclosure Buffer Overflow Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20775 MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Use After Free +2
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20774 MEDIUM This Month

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796.

Heap Overflow Privilege Escalation Buffer Overflow Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20773 MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4797.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Use After Free +2
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20772 MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Use After Free +2
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20771 MEDIUM This Month

CVE-2025-20771 is a security vulnerability (CVSS 6.7). Remediation should follow standard vulnerability management procedures.

Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20770 MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Use After Free +2
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20769 MEDIUM This Month

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804.

Privilege Escalation Stack Overflow Buffer Overflow Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-66454 MEDIUM PATCH This Month

A security vulnerability in Arcade MCP (CVSS 6.5) that allows you. Remediation should follow standard vulnerability management procedures.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-20759 MEDIUM This Month

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673760; Issue ID: MSV-4650.

Information Disclosure Denial Of Service Buffer Overflow Nr16 Nr15
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-20756 MEDIUM This Month

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.

Denial Of Service Nr15
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-20757 MEDIUM This Month

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673751; Issue ID: MSV-4644.

Denial Of Service Nr15
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-20750 MEDIUM This Month

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661199; Issue ID: MSV-4296.

Denial Of Service Null Pointer Dereference Nr15
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-20791 MEDIUM This Month

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661189; Issue ID: MSV-4298.

Denial Of Service Nr15
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-20752 MEDIUM This Month

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01270690; Issue ID: MSV-4301.

Denial Of Service Nr16 Nr17r Nr15 Nr17
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-20751 MEDIUM This Month

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661195; Issue ID: MSV-4297.

Memory Corruption Denial Of Service Buffer Overflow Nr15
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-41086 MEDIUM This Month

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculate the checksum and generate a valid license to grant themselves full privileges without credentials or access to the source code, allowing them unrestricted access to GAMS's mathematical models and commercial solvers.

Authentication Bypass Gams
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-12483 MEDIUM This Month

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'query' parameter in all versions up to, and including, 3.11.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Version 3.11.13 raises the minimum user-level for exploitation to administrator. 3.11.14 fully patches the vulnerability.

SQLi WordPress PHP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-65380 MEDIUM This Month

PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.

PHP SQLi Billing System
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-65379 MEDIUM This Month

PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /admin/password-recovery.php endpoint. Specifically, the username and mobileno parameters accepts unvalidated user input, which is then concatenated directly into a backend SQL query.

PHP SQLi Billing System
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-13606 MEDIUM This Month

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.19. This is due to missing or incorrect nonce validation on the `parseData` function. This makes it possible for unauthenticated attackers to export sensitive information including user data, email addresses, password hashes, and WooCommerce data to an attacker-controlled file path on the server via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-13731 MEDIUM This Month

The Nexter Extension - Site Enhancements Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'nxt-year' shortcode in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13697 MEDIUM This Month

The BlockArt Blocks - Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘timestamp’ attribute in all versions up to, and including, 2.2.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-57850 MEDIUM This Month

A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

Privilege Escalation Red Hat
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13534 MEDIUM This Month

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.2. This is due to missing authorization checks on the eh_crm_edit_agent AJAX action. This makes it possible for authenticated attackers, with Contributor-level access and above, to escalate their WSDesk privileges from limited "Reply Tickets" permissions to full helpdesk administrator capabilities, gaining unauthorized access to ticket management, settings configuration, agent administration, and sensitive customer data.

Authentication Bypass Privilege Escalation WordPress Wsdesk PHP
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-21080 MEDIUM This Month

A security vulnerability in Dynamic Lockscreen (CVSS 6.2) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Android Samsung
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-13007 MEDIUM This Month

The WP Social Ninja - Embed Social Feeds, Customer Reviews, Chat Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping on externally-sourced content. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, granted they can post malicious content to a connected Google Business Profile or Facebook page.

Google WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-66459 MEDIUM PATCH This Month

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the capture fails. Then, the error field is populated with an error message that contains the bad URL they tried to capture, triggering the XSS. This vulnerability is fixed in 1.35.3.

XSS Lookyloo
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-66460 MEDIUM PATCH This Month

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, Lookyloo passed improperly escaped values to cells rendered in datatables using the orthogonal-data feature. It is definitely exploitable from the popup view, but it is most probably also exploitable in many other places. This vulnerability is fixed in 1.35.3.

XSS Lookyloo
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-66458 MEDIUM PATCH This Month

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a JSON document containing JS code in a script element. This vulnerability is fixed in 1.35.3.

XSS Lookyloo
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-40700 MEDIUM PATCH This Month

Reflected Cross-Site Scripting (XSS) in IDI Eikon's Governalia. The vulnerability allows an attacker to execute JavaScript code in the victim's browser when a malicious URL with the 'q' parameter in '/search' is sent to them. This vulnerability can be exploited to steal sensitive information such as session cookies or to perform actions on behalf of the victim.

XSS Governalia
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-65955 MEDIUM PATCH This Month

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-58483 MEDIUM This Month

A security vulnerability in Galaxy Store for Galaxy Watch (CVSS 5.9) that allows local attacker. Remediation should follow standard vulnerability management procedures.

Information Disclosure Galaxy Store Android Samsung
NVD
CVSS 3.1
5.9
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy