CVE ID : CVE-2025-3321
Published : June 6, 2025, 8:15 a.m. | 1 hour, 55 minutes ago
Description : A predefined administrative account is not documented and cannot
be deactivated. This account cannot be misused from the network, only by local
users on the server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5736
Published : June 6, 2025, 8:15 a.m. | 2 hours, 29 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5737
Published : June 6, 2025, 9:15 a.m. | 1 hour, 29 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5738
Published : June 6, 2025, 9:15 a.m. | 1 hour, 29 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3365
Published : June 6, 2025, 9:15 a.m. | 55 minutes ago
Description : A missing protection against path traversal allows to access
any file on the server.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3322
Published : June 6, 2025, 9:15 a.m. | 55 minutes ago
Description : An improper neutralization of inputs used in expression
language allows remote code execution with the highest privileges on the
server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5739
Published : June 6, 2025, 9:15 a.m. | 55 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
I rerun some benchmarks, this time comparing an overclocked Raspberry Pi 5 to an Intel N100 Mini PC. The post…
mkws is a simple static site generator using sh as a templating language. The post mkws is a simple static…
HardenedBSD is a security-enhanced fork of FreeBSD. It implements many exploit mitigation and security technologies on top of FreeBSD. The…
This article identifies flexible and useful diary tools for the Linux desktop. Free and open source software only. The post…
Fastfetch è uno strumento di informazione di sistema molto apprezzato dagli utenti GNU/Linux per la sua capacità di visualizzare un…
Berserk is a strong open source chess engine. It’s an unusual chess engine with a unique style of play. The…
CVE ID : CVE-2025-48906
Published : June 6, 2025, 7:15 a.m. | 33 minutes ago
Description : Authentication bypass vulnerability in the DSoftBus module
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48907
Published : June 6, 2025, 7:15 a.m. | 33 minutes ago
Description : Deserialization vulnerability in the IPC module
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48908
Published : June 6, 2025, 7:15 a.m. | 33 minutes ago
Description : Ability Auto Startup service vulnerability in the foundation process
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48909
Published : June 6, 2025, 7:15 a.m. | 33 minutes ago
Description : Bypass vulnerability in the device management channel
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48910
Published : June 6, 2025, 7:15 a.m. | 33 minutes ago
Description : Buffer overflow vulnerability in the DFile module
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48911
Published : June 6, 2025, 7:15 a.m. | 33 minutes ago
Description : Vulnerability of improper permission assignment in the note sharing module
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4964
Published : June 6, 2025, 7:15 a.m. | 33 minutes ago
Description : The WP Online Users Stats plugin for WordPress is vulnerable to time-based SQL Injection via the ‘table_name’ parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…