Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-11857
Realtek Bluetooth HCI Adaptor - Privilege Escalation
Description: Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with regular privileges can create a symbolic link with the same name as a specific file, causing the product to delete arbitrary files pointed to by the link. Subsequently, attackers can leverage arbitrary file deletion to privilege escalation.

CVSS: HIGH (7.8)

EPSS Score: 0.02%

SSVC Exploitation: none

Source: CVE
June 2nd, 2025 (6 days ago)

CVE-2025-20678
In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has...
Description: In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.

CVSS: HIGH (7.5)

EPSS Score: 0.15%

Source: CVE
June 2nd, 2025 (6 days ago)

CVE-2025-5409
Mist Community Edition API Token views.py create_token access control
Description: A vulnerability was found in Mist Community Edition up to 4.7.1. It has been classified as critical. This affects the function create_token of the file src/mist/api/auth/views.py of the component API Token Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The identifier of the patch is db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component. Es wurde eine Schwachstelle in Mist Community Edition bis 4.7.1 ausgemacht. Sie wurde als kritisch eingestuft. Betroffen hiervon ist die Funktion create_token der Datei src/mist/api/auth/views.py der Komponente API Token Handler. Durch Beeinflussen mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 4.7.2 vermag dieses Problem zu lösen. Der Patch wird als db10ecb62ac832c1ed4924556d167efb9bc07fad bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

CVSS: HIGH (7.3)

EPSS Score: 0.06%

Source: CVE
June 1st, 2025 (6 days ago)

CVE-2025-5402
chaitak-gorai Blogbook GET Parameter edit_post.php sql injection
Description: A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/edit_post.php of the component GET Parameter Handler. The manipulation of the argument edit_post_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. Eine kritische Schwachstelle wurde in chaitak-gorai Blogbook bis 92f5cf90f8a7e6566b576fe0952e14e1c6736513 ausgemacht. Dies betrifft einen unbekannten Teil der Datei /admin/includes/edit_post.php der Komponente GET Parameter Handler. Durch die Manipulation des Arguments edit_post_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden.

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE
June 1st, 2025 (7 days ago)

CVE-2025-5401
chaitak-gorai Blogbook GET Parameter post.php sql injection
Description: A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /post.php of the component GET Parameter Handler. The manipulation of the argument p_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way. In chaitak-gorai Blogbook bis 92f5cf90f8a7e6566b576fe0952e14e1c6736513 wurde eine kritische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalität der Datei /post.php der Komponente GET Parameter Handler. Mit der Manipulation des Arguments p_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Dieses Produkt setzt Rolling Releases ein. Aus diesem Grund sind Details zu betroffenen oder zu aktualisierende Versionen nicht verfügbar.

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE
June 1st, 2025 (7 days ago)

CVE-2025-5400
chaitak-gorai Blogbook GET Parameter user.php sql injection
Description: A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been classified as critical. Affected is an unknown function of the file /user.php of the component GET Parameter Handler. The manipulation of the argument u_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine kritische Schwachstelle in chaitak-gorai Blogbook bis 92f5cf90f8a7e6566b576fe0952e14e1c6736513 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /user.php der Komponente GET Parameter Handler. Dank Manipulation des Arguments u_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden.

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE
June 1st, 2025 (7 days ago)

CVE-2025-5376
SourceCodester Health Center Patient Record Management System patient.php sql injection
Description: A vulnerability was found in SourceCodester Health Center Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /patient.php. The manipulation of the argument itr_no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In SourceCodester Health Center Patient Record Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /patient.php. Durch das Manipulieren des Arguments itr_no mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE
May 31st, 2025 (8 days ago)

CVE-2025-4857
Newsletters <= 4.9.9.9 - Authenticated (Administrator+) Local File Inclusion
Description: The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.9.9.9 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

CVSS: HIGH (7.2)

EPSS Score: 0.12%

Source: CVE
May 31st, 2025 (8 days ago)

CVE-2025-4672
Offsprout Page Builder 2.2.1 - 2.15.2 - Authenticated (Contributor+) Privilege Escalation via permission_callback Function
Description: The Offsprout Page Builder plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization placed on the permission_callback() function in versions 2.2.1 to 2.15.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to read, create, update or delete any user meta, including flipping their own wp_capabilities to administrator and fully escalate their privileges.

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
May 31st, 2025 (8 days ago)

CVE-2025-4103
WP-GeoMeta 0.3.4 - 0.3.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via wp_ajax_wpgm_start_geojson_import Function
Description: The WP-GeoMeta plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wp_ajax_wpgm_start_geojson_import() function in versions 0.3.4 to 0.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
May 31st, 2025 (8 days ago)