CVE-2025-4713 Campcodes Sales and Inventory System print.php sql injection

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/print.php. The manipulation of the argument sid leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-20667

In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-23254

NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data tampering...

PT-2025-18704 · Tenda · Tenda Rx2 Pro

Name of the Vulnerable Software and Affected Versions: Tenda RX2 Pro version 16.03.30.14 Description: The issue is related to inadequate access controls in the web management portal, allowing an unauthenticated remote attacker to enable ate, a remote system management binary, by sending a...

PT-2025-17288

Name of the Vulnerable Software and Affected Versions ASUS AiCloud affected versions not specified Description A critical authentication control issue exists in ASUS AiCloud, potentially allowing attackers to bypass authentication and execute unauthorized functions on affected devices remotely. T...

CVE-2025-1122

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...

OpenPanel 0.3.4 - Incorrect Access Control

Exploit Title: OpenPanel 0.3.4 - Incorrect Access Control Date: Nov 25, 2024 Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2024-53582 GET /files/../...

CVE-2025-29989

Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...

CVE-2025-27690

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account...

PT-2025-16113 · Debian +1 · Debian +1

Name of the Vulnerable Software and Affected Versions: Taegis Endpoint Agent Linux versions prior to 1.3.10 Description: A code injection issue in the Debian package component allows local users to execute arbitrary code as root. This issue does not affect Redhat-based systems that use RPM...

CVE-2025-26330

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account...

CVE-2025-29989

Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...

CVE-2025-3121

A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used...

CVE-2025-2994

A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14408. This affects an unknown part of the file /goform/qossetting of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The...

CVE-2025-27692

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service, Information disclosure, and Remote execution...

PT-2025-13774 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A critical issue has been identified, affecting the torch.nn.utils.rnn.pad packed sequence function, which can lead to memory corruption. This issue requires local access to exploit. Recommendations: For...

CVE-2025-2914

CVE-2025-2914 affects HDF5 up to 1.14.6. The vulnerability is in H5FS__sinfo_Srialize_Sct_cb in src/H5FScache.c, where manipulating the sect argument can cause a heap-based buffer overflow. Local access is required, and an exploit has been disclosed. In some advisories, a patched package version ...

CVE-2025-27716

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in the file/folder listing process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product's files may be obtained and/or altered...

PT-2025-13422 · Dell · Dell Unity

Name of the Vulnerable Software and Affected Versions: Dell Unity versions 5.4 and prior Description: The issue is related to an Improper Neutralization of Special Elements used in an OS Command, also known as 'OS Command Injection'. This could allow an unauthenticated attacker with remote access...

CVE-2025-30581 WordPress Top Bar plugin <= 3.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in PluginOps Top Bar ultimate-bar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top Bar: from n/a through = 3.3...