Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows.
Open Eclass Platform versions up to 1.7.3 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
Victor Cms versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise. [CVSS 8.8 HIGH]
import module contains a vulnerability that allows attackers to delete arbitrary files by manipulating the delete_import parameter (CVSS 8.8).
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 8.7 HIGH]
Authorization bypass in EspoCRM 5.8.5 lets an authenticated low-privilege user reuse or manipulate Basic-Authorization and Espo-Authorization tokens to authenticate as a different user, including administrators, and inherit their privileges. The flaw stems from the login path never binding an auth token to its owning user, so a token valid for one account is accepted for another when passwords collide, also defeating two-factor authentication. Publicly available exploit code exists (Exploit-DB 48376); EPSS is low at 0.35%, and the issue is not listed in CISA KEV.
School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. [CVSS 7.5 HIGH]
Victor CMS version 1.0 contains a SQL injection vulnerability in the 'post' parameter on post.php that allows remote attackers to manipulate database queries. [CVSS 8.2 HIGH]
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. [CVSS 8.2 HIGH]
60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. [CVSS 8.2 HIGH]
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'es_messagesid' parameter that allows attackers to manipulate database queries through GET requests. [CVSS 8.2 HIGH]
OXID eShop versions 6.x prior to 6.3.4 contains a SQL injection vulnerability in the 'sorting' parameter that allows attackers to insert malicious database content. [CVSS 8.2 HIGH]
Ziroom ZHOME A0101 devices running version 1.0.1.0 use hardcoded default credentials in the Dropbear SSH service, enabling unauthenticated remote attackers to gain unauthorized access with high impact to confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and the vendor has not provided a patch or response. While exploitation requires specific conditions, security professionals should prioritize assessment and credential rotation for affected systems.
WCAssistantService contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).
Syncbreeze versions up to 12.4.18 contains a vulnerability that allows attackers to execute arbitrary code with elevated system privileges (CVSS 7.8).
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. [CVSS 7.8 HIGH]
VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. [CVSS 7.8 HIGH]
its service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).
Anydesk versions up to 5.4.0 contains a vulnerability that allows attackers to potentially inject malicious executables (CVSS 7.8).
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 7.8 HIGH]
Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]
Pc Helpsoft Driver Updater versions up to 9.1.57803.1174 is affected by improper access control (CVSS 7.8).
Arbitrary code execution in iccDEV versions prior to 2.3.1.2 via stack-based buffer overflow in the icFixXml() function when parsing malformed ICC color profiles with crafted NamedColor2 tags. Local attackers with user interaction can exploit this vulnerability to execute arbitrary code with high impact on confidentiality, integrity, and availability. Public exploit code exists and a patch is available in version 2.3.1.2 and later.
Open Eclass Platform versions up to 4.2 is affected by authorization bypass through user-controlled key (CVSS 7.5).
Netis E1+ version 1.2.32533 contains a hardcoded root account vulnerability that allows unauthenticated attackers to access the device with predefined credentials. Attackers can leverage the embedded root account with a crackable password to gain full administrative access to the network device. [CVSS 7.5 HIGH]
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcore_get.cgi endpoint. [CVSS 7.5 HIGH]
VirtualTablet Server 3.0.2 contains a denial of service vulnerability that allows attackers to crash the service by sending oversized string payloads through the Thrift protocol. [CVSS 7.5 HIGH]
Ew-7438Rpn Mini Firmware versions up to 1.13 is affected by insufficiently protected credentials (CVSS 7.5).
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 7.3 HIGH]
School Erp Pro versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 7.2).
Victor CMS 1.0 contains a stored cross-site scripting vulnerability in the 'comment_author' POST parameter that allows attackers to inject malicious scripts. Attackers can submit crafted JavaScript payloads through the comment submission form to execute arbitrary code in victim browsers. [CVSS 7.2 HIGH]
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. [CVSS 7.1 HIGH]
Iccdev versions prior to 2.3.1.2 are vulnerable to denial of service when processing malformed ICC color profiles with invalid image encoding type values, causing application crashes due to type confusion. The vulnerability is remotely triggerable and public exploit code is available. A patch is available in version 2.3.1.2 and later.
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product_detail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information. [CVSS 7.1 HIGH]
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. [CVSS 7.1 HIGH]
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. [CVSS 7.1 HIGH]
OS DataHub Maps (WordPress plugin) is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file. [CVSS 8.8 HIGH]
magepeopleteam WpEvently mage-eventpress is affected by deserialization of untrusted data (CVSS 8.8).
Ingress-nginx controllers are vulnerable to arbitrary code execution through malicious path specifications in Ingress rules, allowing authenticated attackers to inject nginx configuration and execute commands with controller privileges. The vulnerability also enables disclosure of cluster-wide Secrets accessible to the controller. No patch is currently available, and exploitation requires low complexity with only low privileges needed.
Chrome versions up to 144.0.7559.132 is affected by access of resource using incompatible type (type confusion) (CVSS 8.8).
Claude Code versions before 2.0.72 allow authenticated attackers to execute arbitrary commands by exploiting a command parsing defect that bypasses the execution confirmation prompt via malicious find command syntax. An attacker with the ability to inject untrusted content into a Claude Code context can trigger unintended command execution with high impact to confidentiality, integrity, and availability. No patch is currently available for affected deployments.
Arbitrary code execution in ingress-nginx controllers via malicious `nginx.ingress.kubernetes.io/auth-method` Ingress annotations allows authenticated attackers to execute commands within the controller context and access cluster-wide Secrets. This vulnerability affects Nginx and Kubernetes deployments where the ingress controller has default cluster-wide Secret access permissions. No patch is currently available.
Heap buffer overflow in Chrome's libvpx video codec allows remote attackers to achieve arbitrary code execution through a malicious webpage, requiring only user interaction to trigger exploitation. The vulnerability affects Chrome versions prior to 144.0.7559.132 and currently lacks a patch. With a CVSS score of 8.8, this high-severity flaw poses significant risk to users who visit compromised or attacker-controlled websites.
Authenticated command injection in WRC-X1500GS-B and WRC-X1500GSA-B routers enables logged-in users to execute arbitrary OS commands through specially crafted requests. An attacker with valid credentials can gain complete system control over the affected devices. No patch is currently available to remediate this vulnerability.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026. [CVSS 8.6 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Blind SQL injection in KiviCare clinic management system versions 3.6.16 and earlier allows authenticated attackers to execute arbitrary SQL queries over the network with no user interaction required. An attacker with valid credentials can exploit this vulnerability to extract sensitive data from the underlying database, though code execution is not possible. No patch is currently available for this HIGH severity vulnerability affecting the Iqonic Design product.