Lucene search
K

262 matches found

CVE
CVE
added 2025/10/06 8:2 a.m.18 views

CVE-2025-11327

The CVE-2025-11327 entry concerns Tenda AC18 (version 15.03.05.19(6318)). A stack-based buffer overflow is triggered via /goform/SetUpnpCfg by manipulating the upnpEn argument. Public exploit information exists and suggests remote exploitation is possible. Connected sources corroborate a vulnerab...

9CVSS7.1AI score0.01147EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/10/05 11:16 a.m.5 views

CVE-2025-11289

A vulnerability was determined in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. The impacted element is the function Save of the file src/main/java/com/zhiliao/common/template/TemplateFileServiceImpl.java of the component Template Management Page. This manipulation causes cro...

5.4CVSS4.3AI score0.0026EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/05 6:32 a.m.10 views

CVE-2025-11286 samanhappy MCPHub MCPRouter Service serverController.ts server-side request forgery

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of the argument baseUrl causes server-side request forgery. The attack may be initiated remotely. Th...

5.8CVSS0.00287EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-34246

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0044EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24986

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00371EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29834

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00308EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-28727

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00399EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28837

Malicious code in bioql PyPI...

9CVSS8.8AI score0.0087EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29123

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00309EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30794

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00518EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28240

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00373EPSS
Exploits0References4
OSV
OSV
added 2025/09/29 4:15 a.m.12 views

CVE-2025-11139

A vulnerability was determined in Bjskzy Zhiyou ERP up to 11.0. Affected is the function uploadStudioFile of the component com.artery.form.services.FormStudioUpdater. This manipulation of the argument filepath causes path traversal. Remote exploitation of the attack is possible. The exploit has...

9.8CVSS5.5AI score0.00676EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.11 views

PT-2025-39806

Name of the Vulnerable Software and Affected Versions mirweiye wenkucms versions up to 3.4 Description A flaw exists that allows for remote operating system command injection. This occurs due to manipulation of the createPathOne function within the app/common/common.php file. The exploit has been...

6.5CVSS6.1AI score0.04201EPSS
Exploits1References10
Cvelist
Cvelist
added 2025/09/27 7:2 p.m.13 views

CVE-2025-11075 Campcodes Online Learning Management System de_activate.php sql injection

A vulnerability has been found in Campcodes Online Learning Management System 1.0. This affects an unknown function of the file /admin/deactivate.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS0.00441EPSS
Exploits1References5
NVD
NVD
added 2025/09/26 10:15 p.m.8 views

CVE-2025-11048

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /consulta-dispensas. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed publicly...

8.8CVSS0.00348EPSS
Exploits1References5
OSV
OSV
added 2025/09/26 8:15 p.m.4 views

CVE-2025-11041

A vulnerability has been found in itsourcecode Open Source Job Portal 1.0. Affected by this issue is some unknown functionality of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit h...

8.8CVSS5.7AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/24 7:34 p.m.5 views

CVE-2025-10812

A vulnerability has been found in code-projects Hostel Management System 1.0. This impacts an unknown function of the file /justines/admin/modamenities/index.php?view=view. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

9.8CVSS7.3AI score0.00441EPSS
Exploits1References1
NVD
NVD
added 2025/09/23 2:15 a.m.4 views

CVE-2025-10828

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly an...

8.8CVSS0.00351EPSS
Exploits1References5
NVD
NVD
added 2025/09/22 9:15 p.m.5 views

CVE-2025-10814

A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly...

8.8CVSS0.06115EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/22 8:32 p.m.5 views

CVE-2025-10814 D-Link DIR-823X goahead command injection

A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly...

6.5CVSS6.8AI score0.06115EPSS
Exploits1References5
Rows per page
Query Builder