Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. [CVSS 8.4 HIGH]
Authenticated instructors in Tutor LMS plugin for WordPress versions up to 3.9.5 can modify or delete courses owned by other users due to missing authorization checks in bulk action functions. An attacker with instructor-level access can manipulate course IDs in bulk requests to compromise arbitrary courses without proper permission validation. No patch is currently available.
Moodle contains a vulnerability that allows attackers to authenticate through the Learning Tools Interoperability (LTI) Provider (CVSS 8.1).
Archer Ax53 Firmware versions up to 1.0 contains a vulnerability that allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) a (CVSS 8.1).
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]
Arbitrary code execution in Roland Cloud Manager installer versions 3.1.19 and earlier results from insecure DLL loading, enabling local attackers to execute malicious code with application-level privileges. An attacker with local access and user interaction can exploit this vulnerability to compromise systems running the affected installer. No patch is currently available to remediate this vulnerability.
Local code injection in NVIDIA Megatron-LM allows authenticated users to achieve arbitrary code execution and privilege escalation through malicious input to vulnerable scripts. An attacker with local access can craft specially designed data to trigger unsafe code evaluation, enabling complete system compromise including data theft and modification. No patch is currently available for this vulnerability affecting all supported platforms.
Endpoint Privilege Manager versions up to 25.10.0 is affected by improper privilege management (CVSS 7.8).
Brocade Fabric OS contains a command injection vulnerability that allows authenticated local users with shell access to read sensitive files and command history due to insecure storage practices. An attacker with local privileges can exploit this to access confidential information stored on the system. No patch is currently available.
Fabric Operating System versions up to 9.2.1 contains a vulnerability that allows attackers to elevating the privileges of the local authenticated user to “root” using the exp (CVSS 7.8).
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Seres Software syWEB allows Reflected XSS.This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. [CVSS 7.6 HIGH]
Kod8 Software Technologies Trade Ltd. Co. Kod8 Individual and SME Website is affected by cross-site scripting (xss) (CVSS 7.6).
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ofisimo Web-Based Software Technologies Association Web Package Flora allows XSS Through HTTP Headers.This issue affects Association Web Package Flora: from v3.0 through 03022026. [CVSS 7.6 HIGH]
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Reflected XSS.This issue affects SKSPro: through 07012026. [CVSS 7.6 HIGH]
ThemeMove Unicamp through version 2.7.1 contains a local file inclusion vulnerability in PHP that allows authenticated attackers to read arbitrary files on the server through improper filename validation in include/require statements. An attacker with valid credentials can leverage this flaw to access sensitive files and potentially execute arbitrary code. No patch is currently available for this vulnerability.
Django's HTML truncation functions (chars(), words(), and related template filters) are vulnerable to denial-of-service attacks when processing specially crafted inputs with excessive unmatched HTML end tags. Affected versions include Django 6.0 before 6.0.2, 5.2 before 5.2.11, 4.2 before 4.2.28, and potentially unsupported series 5.0.x, 4.1.x, and 3.2.x. Remote attackers can exploit this to cause service disruptions without requiring authentication or user interaction.
chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an HTTP redirect via header(Location:login.php) when a user is not authenticated but fails to call exit() afterward. [CVSS 7.5 HIGH]
An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. `ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Pearweb versions up to 1.33.0 contains a vulnerability that allows attackers to guess verification tokens and potentially verify election account requests witho (CVSS 7.5).
Rustfs versions up to 1.0.0 is affected by insertion of sensitive information into log file (CVSS 7.5).
SQL injection in PEAR's apidoc queue insertion allows unauthenticated remote attackers to manipulate database queries by controlling filename values, enabling unauthorized data modification. PEAR versions before 1.33.0 are affected, and no patch is currently available for affected deployments.
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680. [CVSS 7.5 HIGH]
RustFS is a distributed object storage system built in Rust. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions. [CVSS 7.5 HIGH]
Fastify versions before 5.7.2 allow attackers to bypass request body validation by injecting a tab character into the Content-Type header, enabling malicious payloads to reach application logic without validation checks. This remote attack requires no authentication and affects Node.js applications using vulnerable Fastify versions. A patch is available in version 5.7.2 and later.
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing.This issue affects SKSPro: through 07012026. [CVSS 7.5 HIGH]
A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. [CVSS 7.5 HIGH]
Claude Code versions prior to 1.0.111 fail to properly validate trusted domains for WebFetch requests, allowing attackers to register lookalike domains (e.g., modelcontextprotocol.io.example.com) that bypass validation checks. This enables unauthorized automated requests to attacker-controlled servers without user interaction, potentially resulting in sensitive data exfiltration from the user's environment. The vulnerability affects Claude Code's agentic coding functionality and requires upgrading to version 1.0.111 or later to remediate.
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. [CVSS 7.3 HIGH]
A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. [CVSS 7.3 HIGH]
Fabric Operating System contains a vulnerability that allows attackers to an authenticated, remote attacker with administrative credentials to execute ar (CVSS 7.2).
Stored XSS in LatePoint WordPress plugin versions up to 5.2.5 allows unauthenticated attackers to inject malicious scripts into customer profile fields that execute when administrators review activity history. The vulnerability stems from inadequate input sanitization and output escaping, potentially enabling credential theft or administrative account compromise. No patch is currently available.
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668. [CVSS 7.2 HIGH]
Fabric Operating System versions up to 9.2.1 is affected by execution with unnecessary privileges (CVSS 7.2).
Unauthenticated attackers can upload malicious SVG files through the Form Maker by 10Web WordPress plugin (versions up to 1.15.35) due to insufficient file type validation, enabling stored cross-site scripting attacks against administrators and site visitors. The plugin's default allowlist includes SVG files and relies on weak substring-based extension checking, allowing JavaScript execution when the uploaded files are viewed. No patch is currently available.
Stored XSS in WordPress Form Maker plugin (versions up to 1.15.35) allows unauthenticated attackers to inject malicious scripts through hidden form field values that execute when administrators view the submissions list. The vulnerability stems from improper output escaping after HTML entity decoding of user-supplied input. Website administrators using this plugin are at risk of account compromise and unauthorized actions performed within their WordPress dashboard.