Vulnerabilities

CVE Alert: CVE-2025-1548

February 22, 2025

Vulnerability Summary: CVE-2025-1548 A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability...

CVE Alert: CVE-2025-26013

February 22, 2025

Vulnerability Summary: CVE-2025-26013 An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read.py component....

CVE Alert: CVE-2024-45673

February 22, 2025

Vulnerability Summary: CVE-2024-45673 IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1...

CVE Alert: CVE-2025-25505

February 22, 2025

Vulnerability Summary: CVE-2025-25505 Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function. Affected Endpoints: No affected endpoints...

CVE Alert: CVE-2025-25507

February 22, 2025

Vulnerability Summary: CVE-2025-25507 There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the parameter cmdinput will...

CVE Alert: CVE-2025-1403

February 22, 2025

Vulnerability Summary: CVE-2025-1403 Qiskit SDK 0.45.0 through 1.2.4 could allow a remote attacker to cause a denial of service using...

CVE Alert: CVE-2025-1546

February 22, 2025

Vulnerability Summary: CVE-2025-1546 A vulnerability has been found in BDCOM Behavior Management and Auditing System up to 20250210 and classified...

CVE Alert: CVE-2025-25510

February 22, 2025

Vulnerability Summary: CVE-2025-25510 Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_parentControl_list_Info function. Affected Endpoints: No affected endpoints...

CVE Alert: CVE-2025-25605

February 22, 2025

Vulnerability Summary: CVE-2025-25605 Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua. Affected Endpoints: No...

CVE Alert: CVE-2025-25772

February 22, 2025

Vulnerability Summary: CVE-2025-25772 A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to...

CVE Alert: CVE-2025-25877

February 22, 2025

Vulnerability Summary: CVE-2025-25877 A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of...

CVE Alert: CVE-2020-19248

February 22, 2025

Vulnerability Summary: CVE-2020-19248 SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's...

CVE Alert: CVE-2025-25878

February 22, 2025

Vulnerability Summary: CVE-2025-25878 A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of...

CVE Alert: CVE-2025-27108

February 22, 2025

Vulnerability Summary: CVE-2025-27108 dom-expressions is a Fine-Grained Runtime for Performant DOM Rendering. In affected versions the use of javascript's `.replace()`...

CVE Alert: CVE-2025-1555

February 22, 2025

Vulnerability Summary: CVE-2025-1555 A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects...

CVE Alert: CVE-2025-25282

February 22, 2025

Vulnerability Summary: CVE-2025-25282 RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can...

CVE Alert: CVE-2025-27109

February 22, 2025

Vulnerability Summary: CVE-2025-27109 solid-js is a declarative, efficient, and flexible JavaScript library for building user interfaces. In affected versions Inserts/JSX...

CVE Alert: CVE-2025-25604

February 22, 2025

Vulnerability Summary: CVE-2025-25604 Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua. Affected Endpoints: No...

CVE Alert: CVE-2024-13849

February 21, 2025

Vulnerability Summary: CVE-2024-13849 The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up...

CVE Alert: CVE-2025-0866

February 21, 2025

Vulnerability Summary: CVE-2025-0866 The Legoeso PDF Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘checkedVals’ parameter...

CVE Alert: CVE-2024-13802

February 21, 2025

Vulnerability Summary: CVE-2024-13802 The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintown_events' shortcode...

CVE Alert: CVE-2024-6432

February 21, 2025

Vulnerability Summary: CVE-2024-6432 The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...

CVE Alert: CVE-2024-13855

February 21, 2025

Vulnerability Summary: CVE-2024-13855 The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all...

CVE Alert: CVE-2025-1483

February 21, 2025

Vulnerability Summary: CVE-2025-1483 The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to unauthorized modification of data...

Vulnerabilities

CVE Alert: CVE-2025-1548

CVE Alert: CVE-2025-26013

CVE Alert: CVE-2024-45673

CVE Alert: CVE-2025-25505

CVE Alert: CVE-2025-25507

CVE Alert: CVE-2025-1403

CVE Alert: CVE-2025-1546

CVE Alert: CVE-2025-25510

CVE Alert: CVE-2025-25605

CVE Alert: CVE-2025-25772

CVE Alert: CVE-2025-25877

CVE Alert: CVE-2020-19248

CVE Alert: CVE-2025-25878

CVE Alert: CVE-2025-27108

CVE Alert: CVE-2025-1555

CVE Alert: CVE-2025-25282

CVE Alert: CVE-2025-27109

CVE Alert: CVE-2025-25604

CVE Alert: CVE-2024-13849

CVE Alert: CVE-2025-0866

CVE Alert: CVE-2024-13802

CVE Alert: CVE-2024-6432

CVE Alert: CVE-2024-13855

CVE Alert: CVE-2025-1483

[APOS] – Ransomware Victim: InternetWay

[APOS] – Ransomware Victim: Netcom-World

CVE Alert: CVE-2024-51963

CVE Alert: CVE-2024-51966

CVE Alert: CVE-2024-51956

You may have missed