Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-4964 |
Description: The WP Online Users Stats plugin for WordPress is vulnerable to time-based SQL Injection via the ‘table_name’ parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVSS: MEDIUM (4.9) EPSS Score: 0.02%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48911 |
Description: Vulnerability of improper permission assignment in the note sharing module
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS: HIGH (8.2) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48910 |
Description: Buffer overflow vulnerability in the DFile module
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48909 |
Description: Bypass vulnerability in the device management channel
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS: HIGH (7.1) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48908 |
Description: Ability Auto Startup service vulnerability in the foundation process
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS: MEDIUM (6.7) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48907 |
Description: Deserialization vulnerability in the IPC module
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS: MEDIUM (6.2) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48906 |
Description: Authentication bypass vulnerability in the DSoftBus module
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS: HIGH (8.8) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48905 |
Description: Wasm exception capture vulnerability in the arkweb v8 module
Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.
CVSS: HIGH (8.1) EPSS Score: 0.02%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48904 |
Description: Vulnerability that cards can call unauthorized APIs in the FRS process
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS: MEDIUM (4.4) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|
|
CVE-2025-48903 |
Description: Permission bypass vulnerability in the media library module
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS: HIGH (7.8) EPSS Score: 0.01%
June 6th, 2025 (2 days ago)
|