CVE ID : CVE-2025-27087
Published : April 22, 2025, 10:15 p.m. | 35 minutes ago
Description : A vulnerability in the kernel of the Cray Operating System (COS) could allow an attacker to perform a local Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-37088
Published : April 22, 2025, 10:15 p.m. | 35 minutes ago
Description : A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Depending on race conditions and configuration, this vulnerability may lead to local/cluster unauthorized access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Hackers Attacking Network Edge Devices to Compromise SMB Organizations
Small and medium-sized businesses (SMBs) are increasingly falling victim to cyberattacks that specifically target network edge devices, according to recent findings.
These critical devices—including f …
Read more
Published Date:
Apr 22, 2025 (6 hours, 3 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-40711
TP-Link Router Vulnerabilities Let Attackers Inject Malicious SQL Commands
Multiple vulnerabilities have been identified in popular TP-Link routers that expose users to severe security risks due to SQL injection flaws in their web management interfaces.
These vulnerabilities …
Read more
Published Date:
Apr 22, 2025 (5 hours, 30 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-29653
CVE-2025-29650
CVE-2025-29649
CVE-2025-29648
Microsoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerability
Microsoft recently patched CVE-2025–21204, a vuln which allows users to abuse symlinks to elevate privileges using the Windows servicing stack and the c:inetpub folder. There’s a good write up here:T …
Read more
Published Date:
Apr 22, 2025 (5 hours, 2 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2025-3278
Published : April 19, 2025, 3:15 a.m. | 3 days, 14 hours ago
Description : The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.4. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying ‘user_register_role’ field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1093
Published : April 19, 2025, 4:15 a.m. | 3 days, 13 hours ago
Description : The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generate_image function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1950
Published : April 22, 2025, 3:16 p.m. | 2 hours, 29 minutes ago
Description : IBM Hardware Management Console – Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1951
Published : April 22, 2025, 3:16 p.m. | 2 hours, 29 minutes ago
Description : IBM Hardware Management Console – Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-23176
Published : April 22, 2025, 3:16 p.m. | 2 hours, 29 minutes ago
Description : CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34028
Published : April 22, 2025, 5:16 p.m. | 28 minutes ago
Description : A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded by the target server, result in Remote Code Execution.
This issue affects Command Center Innovation Release: 11.38.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-44753
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter on the profile.php page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-44755
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /sacco/ajax.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-28026
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-28027
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-28029
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-28036
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-28035
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-28038
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-28039
Published : April 22, 2025, 6:15 p.m. | 31 minutes ago
Description : TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…