Aggregator

CVE-2025-4462 | TOTOLINK N150RT 3.4.0-B20190525 /boafrm/formWsc localPin buffer overflow

VulDB Recent Entries
4 months 1 week ago
A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument localPin leads to buffer overflow. The identification of this vulnerability is CVE-2025-4462. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-4459 | code-projects Patient Record Management System 1.0 fecalysis_form.php itr_no sql injection

VulDB Recent Entries
4 months 1 week ago
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file fecalysis_form.php. The manipulation of the argument itr_no leads to sql injection. This vulnerability is handled as CVE-2025-4459. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-4458 | code-projects Patient Record Management System 1.0 /edit_upatient.php ID sql injection

VulDB Recent Entries
4 months 1 week ago
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_upatient.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2025-4458. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-8100 | Arista CloudVision up to 2024.3.0 Time-bound Device Onboarding Token privileges management

VulDB Recent Entries
4 months 1 week ago
A vulnerability was found in Arista CloudVision up to 2024.3.0. It has been classified as critical. Affected is an unknown function of the component Time-bound Device Onboarding Token. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2024-8100. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-2253 | imithemes Listing Plugin up to 3.3 on WordPress imic_reset_password_init password recovery

VulDB Recent Entries
4 months 1 week ago
A vulnerability was found in imithemes Listing Plugin up to 3.3 on WordPress and classified as problematic. This issue affects the function imic_reset_password_init. The manipulation leads to weak password recovery. The identification of this vulnerability is CVE-2025-2253. The attack may be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-3605 | Frontend Login and Registration Blocks Plugin up to 1.0.7 on WordPress Setting flr_blocks_user_settings_handle_ajax_callback Remote Code Execution

VulDB Recent Entries
4 months 1 week ago
A vulnerability has been found in Frontend Login and Registration Blocks Plugin up to 1.0.7 on WordPress and classified as critical. This vulnerability affects the function flr_blocks_user_settings_handle_ajax_callback of the component Setting Handler. The manipulation leads to Remote Code Execution. This vulnerability was named CVE-2025-3605. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-0505 | Arista CloudVision Portal up to 2024.2.1/2024.3.0 Zero Touch Provisioning privileges management

VulDB Recent Entries
4 months 1 week ago
A vulnerability, which was classified as critical, has been found in Arista CloudVision Portal up to 2024.2.1/2024.3.0. Affected by this issue is some unknown functionality of the component Zero Touch Provisioning. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2025-0505. The attack may be launched remotely. There is no exploit available.
vuldb.com

Managed ad