๐จ CVE-2025-14313
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
WPScan
Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via taxo_ajax
See details on Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via taxo_ajax CVE 2025-14313. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2025-15222
A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
GitHub
GitHub - Yohane-Mashiro/satoken-deserialization: satokenๅๅบๅๅ้ฎ้ข
satokenๅๅบๅๅ้ฎ้ข. Contribute to Yohane-Mashiro/satoken-deserialization development by creating an account on GitHub.
๐จ CVE-2025-15229
A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
Tenda CH22 V1.0.0.1 Router Denial of Service in fromDhcpListClient function ยท Issue #7 ยท master-abc/cve
Overview Firmware download website: https://www.tenda.com.cn/material/show/1367 Affected Version VERSION(S) CH22 v1.0.0.1 Submitter USTC_BUG_Hunter Vulnerability details A Denial of Service (DoS) v...
๐จ CVE-2025-15230
A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
๐@cveNotify
A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
๐@cveNotify
GitHub
CVEs/Tenda/setVlanPolicy.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15231
A vulnerability was determined in Tenda M3 1.0.0.13(4903). This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
A vulnerability was determined in Tenda M3 1.0.0.13(4903). This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
GitHub
CVEs/Tenda/setRemoteVlanInfo.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2023-36377
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.
๐@cveNotify
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.
๐@cveNotify
GitHub
Comparing 2.2...2.3 ยท mtrojnar/osslsigncode
OpenSSL-based Authenticode signing for PE, CAB, CAT, MSI, APPX, and script file - Comparing 2.2...2.3 ยท mtrojnar/osslsigncode
๐จ CVE-2025-15232
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
๐@cveNotify
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
๐@cveNotify
GitHub
CVEs/Tenda/setAdPushInfo.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15233
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
๐@cveNotify
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
๐@cveNotify
GitHub
CVEs/Tenda/setAdInfoDetail.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15355
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
๐@cveNotify
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
๐@cveNotify
๐จ CVE-2025-15103
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
๐@cveNotify
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
๐@cveNotify
๐จ CVE-2025-15234
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
GitHub
CVEs/Tenda/setRemoteInternetLanInfo.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15241
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
๐@cveNotify
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
๐@cveNotify
GitHub
GitHub - Stolichnayer/cloudpanel-open-redirect: CloudPanel CE โค v2.5.1 contains an Open Redirect vulnerability in the /admin/usersโฆ
CloudPanel CE โค v2.5.1 contains an Open Redirect vulnerability in the /admin/users endpoint due to improper validation of the Referer header. - Stolichnayer/cloudpanel-open-redirect
๐จ CVE-2025-15242
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit is now public and may be used.
๐@cveNotify
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit is now public and may be used.
๐@cveNotify
Byebyedoggy
1229 PHPEMS Coupon Recharge Race Condition Poc
Vulnerability Information\rItem Details Vulnerability Name PHPEMS Coupon Recharge Race Condition Vulnerability Affected Versions PHPEMS 11.0 and earlier Type Logic Flaw Severity Medium Reproduction Environment\rTest Site: Local deployment Source Code Setup:โฆ
๐จ CVE-2025-15243
A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.
๐@cveNotify
A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.
๐@cveNotify
๐จ CVE-2025-15244
A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been disclosed to the public and may be used.
๐@cveNotify
Byebyedoggy
1229 PHPEMS Points Race Condition POC
Vulnerability Information\rItem Details Vulnerability Name PHPEMS Points Concurrent Usage Race Condition Vulnerability Affected Versions PHPEMS 11.0 and earlier Type Logic Flaw Severity Medium Reproduction Environment\rTest Site: Local deployment Source Codeโฆ
๐จ CVE-2025-15245
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
tzh00203 on Notion
D-Link DCS850L v1.02.09 Path Traversal Vulnerability in Firmware Update | Notion
Vulnerability Title: Path Traversal and Command Injection Vulnerabilities in Firmware Upload Service of D-Link DCS-850L v1.02.09
๐ฅ1
๐จ CVE-2022-50784
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone
If cloning the SKB fails, don't try to use it, but rather return
as if we should pass it.
Coverity CID: 1503456
๐@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone
If cloning the SKB fails, don't try to use it, but rather return
as if we should pass it.
Coverity CID: 1503456
๐@cveNotify
๐จ CVE-2022-50785
In the Linux kernel, the following vulnerability has been resolved:
fsi: occ: Prevent use after free
Use get_device and put_device in the open and close functions to
make sure the device doesn't get freed while a file descriptor is
open.
Also, lock around the freeing of the device buffer and check the
buffer before using it in the submit function.
๐@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
fsi: occ: Prevent use after free
Use get_device and put_device in the open and close functions to
make sure the device doesn't get freed while a file descriptor is
open.
Also, lock around the freeing of the device buffer and check the
buffer before using it in the submit function.
๐@cveNotify