Lucene search
K

66 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/11 12:0 a.m.6 views

EulerOS 2.0 SP11 : libtiff (EulerOS-SA-2025-2202)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file...

7.8CVSS4.1AI score0.00271EPSS
Exploits2References3
NVD
NVD
added 2025/07/28 5:16 a.m.12 views

CVE-2025-8256

A vulnerability classified as critical has been found in code-projects Online Ordering System 1.0. Affected is an unknown function of the file /admin/product.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has bee...

9.8CVSS0.00396EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/28 1:20 a.m.13 views

CVE-2025-8174

A vulnerability was found in code-projects Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/candidatesadd.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be launched remotely. The exploit...

6.5CVSS7.2AI score0.00349EPSS
Exploits1References1
CVE
CVE
added 2025/07/26 3:32 a.m.78 views

CVE-2025-8176

CVE-2025-8176 affects LibTIFF up to 4.7.0, with a use-after-free in the get_histogram implementation (tools/tiffmedian.c). Exploitation is local, and public exploits have been disclosed. A patch is available: fe10872e53efba9cc36c66ac4ab3b41a839d5172; apply the official patch/update to mitigate. R...

7.8CVSS5.3AI score0.00238EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2025/07/25 9:32 p.m.12 views

CVE-2025-8171 code-projects Document Management System insert.php unrestricted upload

A vulnerability, which was classified as critical, has been found in code-projects Document Management System 1.0. This issue affects some unknown processing of the file /insert.php. The manipulation of the argument uploadedfile leads to unrestricted upload. The attack may be initiated remotely...

6.5CVSS0.00333EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/07/25 3:2 p.m.8 views

CVE-2025-8160 Tenda AC20 httpd SetSysTimeCfg buffer overflow

A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The...

9CVSS0.01245EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/07/25 4:32 a.m.3 views

CVE-2025-8131 Tenda AC20 SetStaticRouteCfg stack-based overflow

A vulnerability was found in Tenda AC20 16.03.08.05. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely...

9CVSS7.3AI score0.00976EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/20 9:2 a.m.14 views

CVE-2025-7879 Metasoft 美特软件 MetaCRM mobileupload.jsp unrestricted upload

A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file mobileupload.jsp. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The...

6.5CVSS0.00501EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2025/07/16 12:0 a.m.7 views

KLA85941 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebRTC can be exploited remotely to cause denial of...

8.8CVSS8.9AI score0.09185EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/13 4:2 p.m.4 views

CVE-2025-7532 Tenda FH1202 webExcptypemanFilter fromwebExcptypemanFilter stack-based overflow

A vulnerability has been found in Tenda FH1202 1.2.0.14408 and classified as critical. This vulnerability affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated...

9CVSS8.9AI score0.00978EPSS
Exploits1References5
NVD
NVD
added 2025/06/30 4:15 p.m.5 views

CVE-2025-6914

A vulnerability classified as critical was found in PHPGurukul Student Record System 3.2. Affected by this vulnerability is an unknown functionality of the file /edit-student.php. The manipulation of the argument fmarks2 leads to sql injection. The attack can be launched remotely. The exploit has...

8.8CVSS0.00318EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/06/30 1:2 p.m.6 views

CVE-2025-6908 PHPGurukul Old Age Home Management System edit-services.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/edit-services.php. The manipulation of the argument sertitle leads to sql injection. It is possible to launch the attack remotely. The...

6.5CVSS6.8AI score0.00341EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/26 1:0 p.m.8 views

CVE-2025-6693 RT-Thread device.c sys_device_write memory corruption

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sysdeviceopen/sysdeviceread/sysdevicecontrol/sysdeviceinit/sysdeviceclose/sysdevicewrite of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It i...

8.5CVSS0.00248EPSS
Exploits1References9
CVE
CVE
added 2025/06/19 4:31 p.m.30 views

CVE-2025-6270

The CVE-2025-6270 entry concerns HDF5 up to 1.14.6, affecting the function H5FS__sect_find_node in H5FSsection.c. The vulnerability is a heap-based buffer overflow disclosed as exploitable on the local host, with PoC shown in public references. Connected documents confirm affected software and ro...

5.3CVSS5.3AI score0.00204EPSS
Exploits1References5Affected Software1
Kaspersky
Kaspersky
added 2025/06/19 12:0 a.m.5 views

KLA85302 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Integer overflow vulnerability in V8 can be exploited to cause denial of service. 2. Use...

8.8CVSS10AI score0.08794EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2025/06/19 12:0 a.m.6 views

KLA85303 OSI vulnerability in Microsoft Dynamics

Information disclosure vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2025-49715 Related products Microsoft-Dynamics-365 CVE list CVE-2025-49715 critical Solution Install necessary updates from...

7.5CVSS6.2AI score0.00685EPSS
Exploits0References3
CVE
CVE
added 2025/06/09 8:31 a.m.58 views

CVE-2025-5869

CVE-2025-5869 affects RT-Thread 5.1.0. The vulnerability is in the function sys_recvfrom (rt-thread/components/lwp/lwp_syscall.c) where manipulation of the from argument leads to memory corruption. Several sources corroborate the impact as memory corruption with a critical severity, including mul...

9.8CVSS7.9AI score0.00744EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/05/30 4:31 p.m.17 views

CVE-2025-5356 FreeFloat FTP Server BYE Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component BYE Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

7.5CVSS0.00588EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2025/05/29 12:0 a.m.501 views

WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing

Exploit Title: WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing Google Dork: inurl:/wp-content/plugins/digits/ Date: 2025-04-30 Exploit Author: Saleh Tarawneh Vendor Homepage: https://digits.unitedover.com/ Version: 8.4.6.1 CVE : CVE-2025-4094 """ The Digits plugin for...

9.8CVSS7AI score0.16444EPSS
Exploits4
NVD
NVD
added 2025/05/25 12:15 a.m.18 views

CVE-2025-5137

A vulnerability was found in DedeCMS 5.7.117. It has been classified as critical. Affected is an unknown function of the file dede/sysverifies.php?action=getfiles of the component Incomplete Fix CVE-2018-9175. The manipulation of the argument refiles leads to code injection. It is possible to...

7.2CVSS0.00462EPSS
Exploits1References5
Rows per page
Query Builder