2025-08-04
2025-08-04 19:15Z
CRIT

CVE-2025-52239 — Zkea Zkeacms: An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52239

An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file. CVSSv3.1 9.8 (CRITICAL) · EPSS 38th percentile

CWECWE 434VNDZkeaTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-08-04
2025-08-04 18:15Z
CRIT

CVE-2025-51390 — Totolink N600r_firmware: N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-51390

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function. CVSSv3.1 9.8 (CRITICAL) · EPSS 80th percentile

CWECWE 78VNDTotolinkTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2025-08-04
2025-08-04 17:15Z
MED

CVE-2025-8518 — Vvveb Vvveb: The manipulation leads to code injection.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-8518

A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommend CVSSv3.1 4.7 (MEDIUM) · EPSS 95th percentile

CWECWE 94CWECWE 74VNDVvvebTYPVulnerability
4.7
CVSS v3.1
79
Edit Score
2025-08-04
2025-08-04 15:58Z
CRIT

Oops Safari, I think You Spilled Something!

Exodus Intel·blog.exodusintel.comCVE-2024-44308

Exodus Intelligence disclosed CVE-2024-44308, a use-of-uninitialized-variable vulnerability in WebKit's DFG compiler affecting Safari on macOS and iOS. The bug exists in TypedArray index storage code and was patched by Apple in November 2024; when alive, it enabled renderer RCE when chained with PAC and APRR bypasses on Apple Silicon. This writeup provides detailed technical analysis of the DFG IR, root-cause debugging, and exploitation methodology for achieving arbitrary read/write through stack layout control.

SRFOsTACTA0005TACTA0002SRFBrowserVNDAppleVNDWebkitTYPWriteupTYPExploit
78
Edit Score
2025-08-04
2025-08-04 15:15Z
HIGH

CVE-2025-44643 — Certain: An attacker with network access could exploit this to gain unauthorized control over the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-44643

Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could exploit this to gain unauthorized control over the routing daemon, potentially altering network routes or intercepting traffic. CVSSv3.1 8.6 (HIGH) · EPSS 16th percentile

CWECWE 798CWECWE 276VNDCertainTYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2025-08-04
2025-08-04 07:15Z
HIGH

CVE-2025-20701 — Airoha: This could lead to remote escalation of privilege with no additional execution privileges needed.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-20701

In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. CVSSv3.1 8.8 (HIGH) · EPSS 87th percentile

CWECWE 863VNDAirohaTYPVulnerability
8.8
CVSS v3.1
95
Edit Score
2025-08-02
2025-08-02 08:15Z
HIGH

CVE-2025-6754 — SEO: The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6754

The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks in both the seo_metrics_handle_connect_button_click() AJAX handler and the seo_metrics_handle_custom_endpoint() function in all versions up to, and including, 1.0.15. Because the AJAX action only verifies a nonce, without checking the caller’s capabilities, a subscriber-level user can retrieve the token and then access the custom endpoint to obtain full administrator CVSSv3.1 8.8 (HIGH)

CWECWE 862VNDSeoTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-08-01
2025-08-01 21:15Z
HIGH

CVE-2013-10050 — Dlink Dir-300_firmware: An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2013-10050

An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is CVSSv3.1 8.8 (HIGH) · EPSS 99th percentile

CWECWE 78VNDDlinkTYPVulnerability
8.8
CVSS v3.1
100
Edit Score
2025-08-01
2025-08-01 17:15Z
CRIT

CVE-2025-45150 — X-d_lab Langchain-chatglm-webui: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-45150

Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying a crafted request. CVSSv3.1 9.8 (CRITICAL) · EPSS 43th percentile

CWECWE 732VNDLangchainVNDX D LabTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-07-31
2025-07-31 20:15Z
HIGH

CVE-2025-50572 — Archer: 6.11.00204.10014 allows attackers to execute arbitrary code via crafted system inputs that would

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-50572

Archer 6.11.00204.10014 allows attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened the file with compatible applications. NOTE: the Supplier does not accept this as a valid vulnerability report against their product. CVSSv3.1 8.8 (HIGH) · EPSS 35th percentile

CWECWE 1236VNDArcherTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-07-31
2025-07-31 16:15Z
HIGH

CVE-2025-50850 — Cs-cart Cs-cart: An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-50850

An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA verification and rate limiting. This allows an attacker to systematically attempt various combinations of usernames and passwords (brute-force attack) to gain unauthorized access to vendor accounts. The absence of any blocking mechanism makes the login endpoint susceptible to automated attacks. CVSSv3.1 8.6 (HIGH) · EPSS 14th percentile

CWECWE 284CWECWE 804VNDCs CartTYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2025-07-31
2025-07-31 15:15Z
HIGH

CVE-2025-50849 — Cart: CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR).

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-50849

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile functionality allows enabling or disabling stickers through a parameter (company_id) sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate the request to target other users' accounts and toggle the sticker setting by modifying the company_id or other object identifiers. CVSSv3.1 8.0 (HIGH) · EPSS 16th percentile

CWECWE 639VNDCartTYPVulnerability
8.0
CVSS v3.1
90
Edit Score
2025-07-30
2025-07-30 18:24Z
HIGH

NullGate — Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.

GitHub · EDR bypass / evasion·github.comGITHUB POC

NullGate is a C++ library that abstracts indirect syscall invocation using FreshyCalls with dynamic syscall number retrieval, coupled with a novel Windows Defender memory-scan evasion technique. The evasion method allocates memory with PAGE_NOACCESS, creates suspended threads, writes shellcode post-suspension, then resumes execution—avoiding detection during the critical memory-scan window. The library includes compile-time string obfuscation via FNV1 hashing and XOR encryption with per-build randomized keys.

SRFOsTACTA0005TACTA0002VNDMicrosoftTYPTechniqueTYPToolSTGDefense EvasionSTGExecution
76
Edit Score
2025-07-30
2025-07-30 17:15Z
HIGH

CVE-2025-45620 — Averusa Ptc310uv2_firmware: An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-45620

An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information via a crafted request CVSSv3.1 8.1 (HIGH) · EPSS 55th percentile

CWECWE 200VNDAverVNDAverusaTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-07-30
2025-07-30 00:15Z
HIGH

CVE-2025-31277 — Apple Safari: Processing maliciously crafted web content may lead to memory corruption.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-31277

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption. CVSSv3.1 8.8 (HIGH)

CWECWE 120CWECWE 119VNDAppleTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-07-29
2025-07-29 05:15Z
CRIT

CVE-2025-8264 — Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-8264

Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field in basic authentication. This allows the attacker to access and potentially modify or delete sensitive data from a linked third-party database. **Note:** This vulnerability affects Z-Push installations that utilize the IMAP backend and have the IMAP_FROM_SQL_QUE CVSSv3.1 9.0 (CRITICAL) · EPSS 30th percentile

CWECWE 89TYPVulnerability
9.0
CVSS v3.1
95
Edit Score
2025-07-29
2025-07-29 00:00Z
HIGH

Gunra Ransomware Group Unveils Efficient Linux Variant

Trend Micro Research·trendmicro.comin the wild

Trend Micro disclosed technical analysis of Gunra ransomware's new Linux variant, first observed in April 2025. The variant features configurable multi-threaded encryption (up to 100 threads), partial file encryption, and hybrid RSA/ChaCha20 encryption with optional separate keystore storage. The group has claimed 14 victims across multiple sectors and geographies since emergence.

SRFOsTACTA0005TACTA0002VNDTrend MicroTYPResearchTYPThreat IntelSTGExecutionSTGImpact
72
Edit Score
2025-07-28
2025-07-28 20:17Z
HIGH

CVE-2025-29534 — An authenticated remote code execution vulnerability in PowerStick Wave Dual-Band Wifi Extender V1.0 allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-29534

An authenticated remote code execution vulnerability in PowerStick Wave Dual-Band Wifi Extender V1.0 allows an attacker with valid credentials to execute arbitrary commands with root privileges. The issue stems from insufficient sanitization of user-supplied input in the /cgi-bin/cgi_vista.cgi executable, which is passed to a system-level function call. CVSSv3.1 8.8 (HIGH) · EPSS 46th percentile

CWECWE 78TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-07-28
2025-07-28 12:15Z
HIGH

CVE-2025-5997 — Incorrect: Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-5997

Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse. This issue affects PhishPro: before 7.5.4.2. CVSSv3.1 8.8 (HIGH) · EPSS 49th percentile

CWECWE 648TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-07-28
2025-07-28 11:15Z
CRIT

CVE-2025-6918 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6918

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ncvav Virtual PBX Software allows SQL Injection. This issue affects Virtual PBX Software: before 09.07.2025. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile

CWECWE 89TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-07-28
2025-07-28 05:16Z
HIGH

CVE-2025-8267 — Felipperegazio Ssrf_check: Versions of the package ssrfcheck before 1.2.0 are vulnerable to Server-Side Request Forgery (SSRF)

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-8267

Versions of the package ssrfcheck before 1.2.0 are vulnerable to Server-Side Request Forgery (SSRF) due to an incomplete denylist of IP address ranges. Specifically, the package fails to classify the reserved IP address space 224.0.0.0/4 (Multicast) as invalid. This oversight allows attackers to craft requests targeting these multicast addresses. CVSSv3.1 8.2 (HIGH) · EPSS 30th percentile

CWECWE 918VNDFelipperegazioTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-07-25
2025-07-25 07:15Z
HIGH

CVE-2025-5835 — Themeum Droip: The Droip plugin for WordPress is vulnerable to unauthorized modification and access of data

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-5835

The Droip plugin for WordPress is vulnerable to unauthorized modification and access of data due to a missing capability check on the droip_post_apis() function in all versions up to, and including, 2.2.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform many actions as the AJAX hooks to several functions. Some potential impacts include arbitrary post deletion, arbitrary post creation, post duplication, settings update, us CVSSv3.1 8.8 (HIGH)

CWECWE 862VNDThemeumVNDDroipTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-07-25
2025-07-25 07:15Z
HIGH

CVE-2025-5831 — Themeum Droip: The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-5831

The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the make_google_font_offline() function in all versions up to, and excluding, 2.5.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)

CWECWE 434VNDThemeumVNDDroipTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-07-24
2025-07-24 15:15Z
HIGH

CVE-2025-51087 — Tenda Ac8_firmware: The manipulation of the argument time leads to stack-based buffer overflow.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-51087

Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. CVSSv3.1 8.6 (HIGH) · EPSS 94th percentile

CWECWE 121VNDTendaTYPVulnerability
8.6
CVSS v3.1
96
Edit Score
2025-07-24
2025-07-24 14:15Z
CRIT

CVE-2025-4784 — Moderec Tourtella: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-4784

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moderec Tourtella allows SQL Injection. This issue affects Tourtella: before 26.05.2025. CVSSv3.1 9.8 (CRITICAL) · EPSS 56th percentile

CWECWE 89VNDModerecTYPVulnerability
9.8
CVSS v3.1
99
Edit Score