Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-3820

Description: A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine Schwachstelle wurde in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) gefunden. Sie wurde als kritisch eingestuft. Es geht hierbei um die Funktion cgiSysUplinkCheckSet der Datei /bin/httpd. Durch die Manipulation des Arguments hostIp1/hostIp2 mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (8.7)

Source: CVE
April 19th, 2025 (about 22 hours ago)

CVE-2025-43917

Description: In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as root.

CVSS: HIGH (8.2)

Source: CVE
April 19th, 2025 (about 24 hours ago)

CVE-2025-3803

Description: A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine Schwachstelle wurde in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion cgiSysScheduleRebootSet der Datei /bin/httpd. Dank der Manipulation des Arguments rebootDate mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (8.7)

Source: CVE
April 19th, 2025 (1 day ago)

CVE-2025-3802

Description: A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. In Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft die Funktion cgiPingSet der Datei /bin/httpd. Durch Beeinflussen des Arguments pingIP mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (8.7)

Source: CVE
April 19th, 2025 (1 day ago)

CVE-2024-4741

🚨 Marked as known exploited on April 19th, 2025 (1 day ago).
Description: Nessus Plugin ID 234630 with High Severity Synopsis The remote Azure Linux host is missing one or more security updates. Description The version of edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSL_free_buffers May cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, only applications that directly call the SSL_free_buffers function are affected by this issue. Applications that do not call this function are not vulnerable. Our investigations indicate that this function is rarely used by applications. The SSL_free_buffers function is used to free the internal OpenSSL buffer used when processing an incoming record from the network. The call is only expected to succeed if the buffer is not currently in use. However, two scenarios have been identified where the buffer is freed even when still in use. The first scenario occurs where a record header has been received from the network and processed by OpenSSL, but the full record body has not yet arrived. In this case calling SSL_free_buffers will succeed even though a record has only been...

CVSS: HIGH (7.5)

Source: Tenable Plugins
April 19th, 2025 (1 day ago)

CVE-2025-3404

Description: The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the savePackage function in all versions up to, and including, 3.3.12. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

CVSS: HIGH (8.8)

Source: CVE
April 19th, 2025 (1 day ago)

CVE-2025-3809

Description: The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVSS: HIGH (7.2)

Source: CVE
April 19th, 2025 (1 day ago)

CVE-2025-2111

Description: The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'custom_plugin_set_option' function. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. The 'WPBRIGADE_SDK__DEV_MODE' constant must be set to 'true' to exploit the vulnerability.

CVSS: HIGH (7.5)

Source: CVE
April 19th, 2025 (1 day ago)

CVE-2025-3103

Description: The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon plugin for WordPress is vulnerable to arbitrary file read due to insufficient file path validation in the 'history.php' file in all versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to read arbitrary files on the affected site's server, which may contain sensitive information including database credentials. The vulnerability was partially patched in version 2.4.

CVSS: HIGH (7.5)

Source: CVE
April 19th, 2025 (1 day ago)

CVE-2025-2010

Description: The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwp_upload_resume' parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVSS: HIGH (7.5)

Source: CVE
April 19th, 2025 (1 day ago)