{
"Source": "CVE FEED",
"Title": "CVE-2025-52438 - Adobe Flash Remote Code Execution",
"Content": "CVE ID : CVE-2025-52438
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-52438 - Adobe Flash Remote Code Execution",
"Content": "CVE ID : CVE-2025-52438
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-43422 - Apache HTTP Server Cross-Site Scripting",
"Content": "CVE ID : CVE-2024-43422
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-43422 - Apache HTTP Server Cross-Site Scripting",
"Content": "CVE ID : CVE-2024-43422
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-45065 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2024-45065
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-45065 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2024-45065
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-45069 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2024-45069
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-45069 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2024-45069
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-45380 - Here is a title for a vulnerability: Apache Struts Deserialization Vulnerability",
"Content": "CVE ID : CVE-2024-45380
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-45380 - Here is a title for a vulnerability: Apache Struts Deserialization Vulnerability",
"Content": "CVE ID : CVE-2024-45380
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-49823 - Anaconda Constructor Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-49823
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : (conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix) using an eval statement, which executes unsanitized user input as shell code. Although the script runs with user privileges (not root), an attacker could exploit this by injecting arbitrary commands through a malicious path during installation. Exploitation requires explicit user action. This issue has been patched in version 3.11.3.
Severity: 0.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-49823 - Anaconda Constructor Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-49823
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : (conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix) using an eval statement, which executes unsanitized user input as shell code. Although the script runs with user privileges (not root), an attacker could exploit this by injecting arbitrary commands through a malicious path during installation. Exploitation requires explicit user action. This issue has been patched in version 3.11.3.
Severity: 0.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-21856 - Apache Struts Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2024-21856
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-21856 - Apache Struts Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2024-21856
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6162 - TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6162
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6162 - TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6162
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6163 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6163
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6163 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6163
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6160 - SourceCodester Client Database Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6160
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /user_customer_create_order.php. The manipulation of the argument user_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6160 - SourceCodester Client Database Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6160
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /user_customer_create_order.php. The manipulation of the argument user_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6161 - SourceCodester Simple Food Ordering System Unrestricted File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-6161
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6161 - SourceCodester Simple Food Ordering System Unrestricted File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-6161
Published : June 17, 2025, 5:15 a.m. | 22 minutes ago
Description : A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6159 - Code-Projects Hostel Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6159
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability classified as critical was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /allocate_room.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6159 - Code-Projects Hostel Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6159
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability classified as critical was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /allocate_room.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6158 - D-Link DIR-665 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6158
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6158 - D-Link DIR-665 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6158
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-3494 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-3494
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-3494 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-3494
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-3493 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-3493
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-3493 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-3493
Published : June 17, 2025, 4:15 a.m. | 1 hour, 22 minutes ago
Description : Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6167 - Themanojdesai Python-A2A Path Traversal Vulnerability",
"Content": "CVE ID : CVE-2025-6167
Published : June 17, 2025, 7:15 a.m. | 23 minutes ago
Description : A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function create_workflow of the file python_a2a/agent_flow/server/api.py. The manipulation leads to path traversal. Upgrading to version 0.5.6 is able to address this issue. It is recommended to upgrade the affected component.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6167 - Themanojdesai Python-A2A Path Traversal Vulnerability",
"Content": "CVE ID : CVE-2025-6167
Published : June 17, 2025, 7:15 a.m. | 23 minutes ago
Description : A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function create_workflow of the file python_a2a/agent_flow/server/api.py. The manipulation leads to path traversal. Upgrading to version 0.5.6 is able to address this issue. It is recommended to upgrade the affected component.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6173 - Webkul QloApps SQL Injection",
"Content": "CVE ID : CVE-2025-6173
Published : June 17, 2025, 7:15 a.m. | 23 minutes ago
Description : A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_products_list.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this flaw but considers it a low-level issue due to admin privilege pre-requisites. Still, a fix is planned for a future release.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6173 - Webkul QloApps SQL Injection",
"Content": "CVE ID : CVE-2025-6173
Published : June 17, 2025, 7:15 a.m. | 23 minutes ago
Description : A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_products_list.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this flaw but considers it a low-level issue due to admin privilege pre-requisites. Still, a fix is planned for a future release.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6164 - TOTOLINK A3002R HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6164
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6164 - TOTOLINK A3002R HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6164
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6165 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6165
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6165 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6165
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6166 - Frdel Agent-Zero Path Traversal Vulnerability",
"Content": "CVE ID : CVE-2025-6166
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function image_get of the file /python/api/image_get.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The identifier of the patch is 5db74202d632306a883ccce7339c5bdba0d16c5a. It is recommended to upgrade the affected component.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6166 - Frdel Agent-Zero Path Traversal Vulnerability",
"Content": "CVE ID : CVE-2025-6166
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function image_get of the file /python/api/image_get.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The identifier of the patch is 5db74202d632306a883ccce7339c5bdba0d16c5a. It is recommended to upgrade the affected component.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5209 - Ivory Search WordPress XSS Vulnerability",
"Content": "CVE ID : CVE-2025-5209
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : The Ivory Search WordPress plugin before 5.5.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5209 - Ivory Search WordPress XSS Vulnerability",
"Content": "CVE ID : CVE-2025-5209
Published : June 17, 2025, 6:15 a.m. | 1 hour, 23 minutes ago
Description : The Ivory Search WordPress plugin before 5.5.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹