CVE-2025-4047 - WordPress Broken Link Checker Unauthorized Data Access Vulnerability
CVE ID : CVE-2025-4047
Published : June 3, 2025, 3:15 a.m. | 2 hours, 19 minutes ago
Description : The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view the plugin's status.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4047
Published : June 3, 2025, 3:15 a.m. | 2 hours, 19 minutes ago
Description : The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view the plugin's status.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-4224 - WordPress wpForo Advanced Attachments Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-4224
Published : June 3, 2025, 3:15 a.m. | 2 hours, 19 minutes ago
Description : The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4224
Published : June 3, 2025, 3:15 a.m. | 2 hours, 19 minutes ago
Description : The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-4797 - "Golo - City Travel Guide WordPress Theme Privilege Escalation via Account Takeover"
CVE ID : CVE-2025-4797
Published : June 3, 2025, 5:15 a.m. | 19 minutes ago
Description : The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user's identity prior to setting an authorization cookie. This makes it possible for unauthenticated attackers to log in as any user, including administrators, provided they know the user's email address.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4797
Published : June 3, 2025, 5:15 a.m. | 19 minutes ago
Description : The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user's identity prior to setting an authorization cookie. This makes it possible for unauthenticated attackers to log in as any user, including administrators, provided they know the user's email address.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53013 - Google Android Audio Call Registration Buffer Overflow
CVE ID : CVE-2024-53013
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption may occur while processing voice call registration with user.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53013
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption may occur while processing voice call registration with user.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53015 - Apache VFS Filesystem Buffer Overflow
CVE ID : CVE-2024-53015
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while processing IOCTL command to handle buffers associated with a session.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53015
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while processing IOCTL command to handle buffers associated with a session.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53016 - Canon Camera Off-Path Memory Corruption Vulnerability
CVE ID : CVE-2024-53016
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while processing I2C settings in Camera driver.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53016
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while processing I2C settings in Camera driver.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53017 - Citrix ADC Integer Overflow Vulnerability
CVE ID : CVE-2024-53017
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while handling test pattern generator IOCTL command.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53017
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while handling test pattern generator IOCTL command.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53018 - Cisco IOS Memory Corruption Vulnerability
CVE ID : CVE-2024-53018
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption may occur while processing the OIS packet parser.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53018
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption may occur while processing the OIS packet parser.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53019 - Cisco RTP Information Disclosure Vulnerability
CVE ID : CVE-2024-53019
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53019
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53020 - Apache Tomcat RTP Information Disclosure Vulnerability
CVE ID : CVE-2024-53020
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53020
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53021 - F5 Big-IP Information Disclosure Vulnerability
CVE ID : CVE-2024-53021
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure may occur while processing goodbye RTCP packet from network.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53021
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure may occur while processing goodbye RTCP packet from network.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53026 - Nokia IMS RTCP Packet Information Disclosure Vulnerability
CVE ID : CVE-2024-53026
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53026
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21463 - Cisco Wireless EHT IE Beacon Frame Processing Denial of Service
CVE ID : CVE-2025-21463
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Transient DOS while processing the EHT operation IE in the received beacon frame.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21463
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Transient DOS while processing the EHT operation IE in the received beacon frame.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21480 - NVIDIA GPU Micronode Command Execution Memory Corruption
CVE ID : CVE-2025-21480
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21480
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21485 - Apache Kafka FastRPC Memory Corruption Vulnerability
CVE ID : CVE-2025-21485
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21485
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21486 - Apache HTTP Server Heap Overflow
CVE ID : CVE-2025-21486
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21486
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27029 - Cisco Router Denial of Service
CVE ID : CVE-2025-27029
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27029
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27031 - Cisco Router IOCTL Memory Corruption
CVE ID : CVE-2025-27031
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27031
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27038 - Google Chrome Adreno GPU Driver Buffer Overflow
CVE ID : CVE-2025-27038
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27038
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31710 - Cisco Engineermode Command Injection Vulnerability
CVE ID : CVE-2025-31710
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31710
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31711 - Apache CPLog Null Pointer Dereference Denial of Service
CVE ID : CVE-2025-31711
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : In cplog service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with no additional execution privileges needed.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31711
Published : June 3, 2025, 6:15 a.m. | 2 hours, 47 minutes ago
Description : In cplog service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with no additional execution privileges needed.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...