Lucene search
K

120932 matches found

Cvelist
Cvelist
added 2025/10/22 3:14 p.m.11 views

CVE-2025-23299

NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code...

6.7CVSS0.00163EPSS
Exploits0References3
CVE
CVE
added 2025/10/22 3:14 p.m.10 views

CVE-2025-23299

The CVE-2025-23299 entry affects NVIDIA Bluefield and ConnectX products with a vulnerability in the management interface that could let a high-privilege attacker execute arbitrary code locally. The issue is documented across multiple sources, and NVIDIA’s security bulletin lists concrete remediat...

6.7CVSS7.1AI score0.00163EPSS
Exploits0References3
CVE
CVE
added 2025/10/22 2:59 p.m.25 views

CVE-2025-62526

OpenWrt ubusd (component of OpenWrt OS) is affected in versions prior to 24.10.4 by a heap buffer overflow in the event registration parsing code. Exploitation can modify the heap and potentially execute arbitrary code in the ubus daemon process, with actions occurring before ACL checks and enabl...

7.9CVSS7.7AI score0.00245EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2025/10/22 2:32 p.m.8 views

CVE-2025-49926

CVE-2025-49926 concerns the WordPress Kalium theme (Kalium) up to version 3.25. Risk arises from an improper generation of code, i.e., a code injection vulnerability that can lead to arbitrary code execution. Affected component: Laborator Kalium kalium (WordPress theme/plugin variant) with versio...

7.2CVSS6.6AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.10 views

CVE-2025-49926 WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...

7.2CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.2 views

CVE-2025-49926 WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...

7.2CVSS6.6AI score0.00248EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.3 views

PT-2025-43231

Name of the Vulnerable Software and Affected Versions Boldermail versions through 2.4.0 Description A flaw exists in Boldermail that allows for Object Injection due to deserialization of untrusted data. This issue impacts Boldermail and could potentially allow an attacker to execute arbitrary cod...

8.8CVSS7.3AI score0.00486EPSS
Exploits0References4
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/22 12:0 a.m.8 views

Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability

Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability allowing an attacker to execute arbitrary code by sending specially crafted packets...

9.8CVSS7.8AI score0.02689EPSS
In wildExploits0
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.3 views

WordPress plugin Captivate Sync 安全漏洞

WordPress Captivate Sync plugin is a WordPress plugin developed by Captivate, which belongs to RebelBaseMedia's products and is mainly used to simplify the Podcast management process. WordPress Captivate Sync plugin suffers from a deserialization vulnerability that stems from unsafe deserializati...

9.8CVSS7.4AI score0.00529EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.3 views

Hikvision CSMP iSecure Center 安全漏洞

Hikvision CSMP iSecure Center is an integrated security management platform from Hikvision China. A security vulnerability exists in Hikvision CSMP iSecure Center version 2024-08-01 and earlier, which stems from unverified execution of the $ command in JSON data, which could lead to the execution...

8.3CVSS7.1AI score0.17508EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

WordPress plugin JobSearch 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

9.8CVSS7.5AI score0.00529EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.10 views

AMTT Hotel Broadband Operation System 安全漏洞

AMTT Hotel Broadband Operation System is a hotel broadband operation system from China-based AmTech Century AMTT. A security vulnerability exists in the AMTT Hotel Broadband Operation System, which originates from an unauthenticated command injection in the /manager/radius/serverping.php endpoint...

10CVSS7.6AI score0.07163EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/10/22 12:0 a.m.5 views

FreeBSD : Mozilla -- Memory safety bugs (7b9a8247-ab7b-11f0-b961-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7b9a8247-ab7b-11f0-b961-b42e991fc52e advisory. [email protected] reports: Some of these bugs showed evidence of memory corruption and we presume th...

8.8CVSS8.4AI score0.00306EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

Tenda AC6 安全漏洞

The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which is caused by the speeddir parameter in the SetSpeedWan function failing to properly validate the length of the input data, and can be exploited by an...

7.5CVSS8.2AI score0.00375EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

Tenda AC6 安全漏洞

The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which is caused by the SetClientState function failing to properly validate the length of the input data, and can be exploited by an attacker to execute...

7.5CVSS8.1AI score0.00372EPSS
Exploits1References2
Veracode
Veracode
added 2025/10/21 7:46 p.m.7 views

Privilege Escalation

PyInstaller is vulnerable to Privilege Escalation. The vulnerability is due to the bootstrap process appending a special entry to sys.path and attempting to load an optional bytecode-decryption module while that entry is present, which allows an attacker who can create files/directories next to t...

7CVSS7.8AI score0.00114EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/10/21 7:17 p.m.4 views

JLSEC-2025-186 libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a...

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitindexadd can cause heap corruption that could be leveraged for arbitrary code execution. There...

8.6CVSS7.9AI score0.01546EPSS
Exploits0References9
Snyk
Snyk
added 2025/10/21 3:41 p.m.5 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the DMS::InternalDecode function. An attacker can hijack the program's control flow by overwriting a return address to point to a libc function ret2libc and execute arbitrary code or cause a crash by providing special...

8.8CVSS6.3AI score0.02182EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2025/10/21 4:25 a.m.11 views

CVE-2025-11948

Document Management System developed by Excellent Infotek has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

9.8CVSS8.5AI score0.00922EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.3 views

Delta Electronics ASDA-Soft Stack Buffer Overflow Vulnerability

Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking. An attacker could exploit the vulnerability to execute arbitrary code on the system or...

7.8CVSS8.2AI score0.00185EPSS
Exploits0References1
Rows per page
Query Builder