Skip to main content
CVE-2025-66572 MEDIUM POC This Month

Loaded Commerce 6.6 contains a client-side template injection vulnerability that allows unauthenticated attackers to execute code on the server via the search parameter.

Command Injection
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-61148 MEDIUM POC This Month

An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' parameter in the /student/get-receipt endpoint.

Authentication Bypass Edupluscampus
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-65900 MEDIUM POC This Month

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all platform users.

Authentication Bypass Information Disclosure Kalmia
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-66563 MEDIUM POC PATCH This Month

Monkeytype is a minimalistic and customizable typing test. In 25.49.0 and earlier, there is improper handling of user input which allows an attacker to execute malicious javascript on anyone viewing a malicious quote submission. quote.text and quote.source are user input, and they're inserted straight into the DOM. If they contain HTML tags, they will be rendered (after some escaping using quotes and textarea tags).

XSS Monkeytype
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-63499 MEDIUM POC PATCH This Month

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.

XSS Ubuntu Debian Sogo
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-63361 MEDIUM POC This Month

Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to render the Administrator password in plaintext.

Information Disclosure
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2025-66574 MEDIUM POC This Month

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges.

XSS Tranzaxis
NVD Exploit-DB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2023-53735 MEDIUM POC This Month

WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks.

XSS
NVD Exploit-DB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-65899 MEDIUM POC This Month

A security vulnerability in its authentication mechanism (CVSS 5.3) that allows unauthenticated attackers. Risk factors: public PoC available.

Information Disclosure Kalmia
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-65806 MEDIUM POC This Month

The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP (a ZIP containing another ZIP) where the inner archive contains an executable file (e.g. webshell.php). When the application extracts the uploaded archives, the executable may be extracted into a web-accessible directory. This can lead to remote code execution (RCE), data disclosure, account compromise, or further system compromise depending on the web server/process privileges. The issue arises from insufficient validation of archive contents and inadequate restrictions on extraction targets.

File Upload PHP RCE E Point Cms
NVD GitHub
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-63681 MEDIUM POC This Month

open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without verifying user ownership, enabling attackers (a normal user) to stop arbitrary LLM response tasks.

Authentication Bypass Open Webui
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-66237 MEDIUM This Month

DCIM dcTrack platforms utilize default and hard-coded credentials for access. An attacker could use these credentials to administer the database, escalate privileges on the platform or execute system commands on the host.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-59788 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in a reachable files_pdfviewer example directory in Nextcloud with versions before 22.2.10.33, 23.0.12.29, 24.0.12.28, 25.0.13.23, 26.0.13.20, 27.1.11.20, 28.0.14.11, 29.0.16.8, 30.0.17, 31.0.10, and 32.0.1...

XSS Nextcloud
NVD GitHub VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-2848 MEDIUM PATCH This Month

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions.

Synology Authentication Bypass Mail Server
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-1910 MEDIUM This Month

The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and including 12.11.2.

Microsoft Command Injection Windows
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2025-13513 MEDIUM This Month

The Clik stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-65516 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the link triggers script execution in the victim's browser. This issue has been fixed in Seafile Community Edition 13.0.12.

XSS Debian Seafile Server Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-41080 MEDIUM This Month

{repo_id}/file/'.

XSS RCE Debian Seafile Red Hat
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-41079 MEDIUM This Month

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with PUT parámetro 'name' in '/api/v2.1/user/'.

XSS RCE Debian Seafile Red Hat
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-11222 MEDIUM PATCH This Month

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.

Open Redirect Central Dogma
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-13939 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Gateway Wireless Controller module) allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

XSS Fireware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-13938 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

XSS Fireware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-13937 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

XSS Fireware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-13936 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

XSS Fireware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-12986 MEDIUM This Month

When a WF200/WGM160P device is configured to operate as an Access Point, it may be vulnerable to a denial of service triggered by a malformed packet. The device may recover automatically or require a hard reset.

Information Disclosure
NVD
CVSS 4.0
6.0
EPSS
0.0%
CVE-2025-8074 MEDIUM PATCH This Month

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors.

Synology Information Disclosure Beedrive
NVD
CVSS 3.1
5.6
EPSS
0.0%
CVE-2025-9127 MEDIUM This Month

A vulnerability exists in PX Enterprise whereby sensitive information may be logged under specific conditions.

Information Disclosure Portworx
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-40251 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy The function devl_rate_nodes_destroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific `rate_leaf_parent_set` or `rate_node_parent_set` ops and decrementing the parent's refcount, without actually setting the `devlink_rate->parent` pointer to NULL. This leaves a dangling pointer in the `devlink_rate` struct, which cause refcount error in netdevsim[1] and mlx5[2]. In addition, this is inconsistent with the behavior of `devlink_nl_rate_parent_node_set`, where the parent pointer is correctly cleared. This patch fixes the issue by explicitly setting `devlink_rate->parent` to NULL after notifying the driver, thus fulfilling the function's documented behavior for all rate objects. [1] repro steps: echo 1 > /sys/bus/netdevsim/new_device devlink dev eswitch set netdevsim/netdevsim1 mode switchdev echo 1 > /sys/bus/netdevsim/devices/netdevsim1/sriov_numvfs devlink port function rate add netdevsim/netdevsim1/test_node devlink port function rate set netdevsim/netdevsim1/128 parent test_node echo 1 > /sys/bus/netdevsim/del_device dmesg: refcount_t: decrement hit 0; leaking memory. WARNING: CPU: 8 PID: 1530 at lib/refcount.c:31 refcount_warn_saturate+0x42/0xe0 CPU: 8 UID: 0 PID: 1530 Comm: bash Not tainted 6.18.0-rc4+ #1 NONE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:refcount_warn_saturate+0x42/0xe0 Call Trace: <TASK> devl_rate_leaf_destroy+0x8d/0x90 __nsim_dev_port_del+0x6c/0x70 [netdevsim] nsim_dev_reload_destroy+0x11c/0x140 [netdevsim] nsim_drv_remove+0x2b/0xb0 [netdevsim] device_release_driver_internal+0x194/0x1f0 bus_remove_device+0xc6/0x130 device_del+0x159/0x3c0 device_unregister+0x1a/0x60 del_device_store+0x111/0x170 [netdevsim] kernfs_fop_write_iter+0x12e/0x1e0 vfs_write+0x215/0x3d0 ksys_write+0x5f/0xd0 do_syscall_64+0x55/0x10f0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 [2] devlink dev eswitch set pci/0000:08:00.0 mode switchdev devlink port add pci/0000:08:00.0 flavour pcisf pfnum 0 sfnum 1000 devlink port function rate add pci/0000:08:00.0/group1 devlink port function rate set pci/0000:08:00.0/32768 parent group1 modprobe -r mlx5_ib mlx5_fwctl mlx5_core dmesg: refcount_t: decrement hit 0; leaking memory. WARNING: CPU: 7 PID: 16151 at lib/refcount.c:31 refcount_warn_saturate+0x42/0xe0 CPU: 7 UID: 0 PID: 16151 Comm: bash Not tainted 6.17.0-rc7_for_upstream_min_debug_2025_10_02_12_44 #1 NONE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 RIP: 0010:refcount_warn_saturate+0x42/0xe0 Call Trace: <TASK> devl_rate_leaf_destroy+0x8d/0x90 mlx5_esw_offloads_devlink_port_unregister+0x33/0x60 [mlx5_core] mlx5_esw_offloads_unload_rep+0x3f/0x50 [mlx5_core] mlx5_eswitch_unload_sf_vport+0x40/0x90 [mlx5_core] mlx5_sf_esw_event+0xc4/0x120 [mlx5_core] notifier_call_chain+0x33/0xa0 blocking_notifier_call_chain+0x3b/0x50 mlx5_eswitch_disable_locked+0x50/0x110 [mlx5_core] mlx5_eswitch_disable+0x63/0x90 [mlx5_core] mlx5_unload+0x1d/0x170 [mlx5_core] mlx5_uninit_one+0xa2/0x130 [mlx5_core] remove_one+0x78/0xd0 [mlx5_core] pci_device_remove+0x39/0xa0 device_release_driver_internal+0x194/0x1f0 unbind_store+0x99/0xa0 kernfs_fop_write_iter+0x12e/0x1e0 vfs_write+0x215/0x3d0 ksys_write+0x5f/0xd0 do_syscall_64+0x53/0x1f0 entry_SYSCALL_64_after_hwframe+0x4b/0x53

Null Pointer Dereference Linux Denial Of Service
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-13940 MEDIUM This Month

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the Fireware Web UI will correctly show a failed system integrity check message in the event of a failure.This issue affects Fireware OS: from 12.8.1 through 12.11.4, from 2025.1 through 2025.1.2.

Authentication Bypass Fireware
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-14010 MEDIUM PATCH This Month

A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

Information Disclosure
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-29843 MEDIUM PATCH This Month

A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files.

Path Traversal Router Manager
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-11379 MEDIUM This Month

The WebP Express plugin for WordPress is vulnerable to information exposure via config files in all versions up to, and including, 0.25.9. This is due to the plugin not properly randomizing the name of the config file to prevent direct access on NGINX. This makes it possible for unauthenticated attackers to extract configuration data.

Nginx WordPress Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-12994 MEDIUM This Month

A security vulnerability in Medtronic CareLink Network (CVSS 5.3) that allows an unauthenticated remote attacker. Remediation should follow standard vulnerability management procedures.

Information Disclosure Carelink Network
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13488 MEDIUM This Month

Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context.

XSS
NVD
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-12826 MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in all (CVSS 4.8). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD GitHub
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-66373 MEDIUM This Month

Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked body that includes a chunk size different from the actual size of the following chunk data, under certain circumstances, Akamai Ghost erroneously forwards the invalid request and subsequent superfluous bytes to the origin server. An attacker could hide a smuggled request in these superfluous bytes. Whether this is exploitable depends on the origin server's behavior and how it processes the invalid request it receives from Akamai Ghost.

Information Disclosure Akamaighost Akamai
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-6946 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox: from 12.0 through 12.11.2.

XSS Fireware
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2024-5401 MEDIUM PATCH This Month

Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager (DSM) before 7.1.1-42962-8 and 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote authenticated users to obtain privileges without consent via unspecified vectors.

Synology Information Disclosure Diskstation Manager Diskstation Manager Unified Controller
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-29845 MEDIUM PATCH This Month

A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files.

Path Traversal Router Manager
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-29844 MEDIUM PATCH This Month

A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata and path information.

Path Traversal Router Manager
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12782 MEDIUM PATCH This Month

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable() function. This makes it possible for authenticated attackers, with contributor level access and above, to disable the Beaver Builder layout on arbitrary posts and pages, causing content integrity issues and layout disruption on those pages.

Authentication Bypass WordPress Beaver Builder PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12996 MEDIUM This Month

Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025.

Information Disclosure Carelink Network
NVD
CVSS 3.1
4.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy