Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-05-05 CVE-2025-4286 A vulnerability was found in Intelbras InControl up to 2.21.59.
network
low complexity
CWE-256
2.7
2.7
2025-05-05 CVE-2025-4287 A vulnerability was found in PyTorch 2.6.0+cu124.
local
low complexity
CWE-404
3.3
3.3
2025-05-05 CVE-2025-46335 Cross-site Scripting vulnerability in Opensecurity Mobile Security Framework
Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile.
network
low complexity
opensecurity CWE-79
5.4
5.4
2025-05-05 CVE-2025-4279 The External image replace plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'external_image_replace_get_posts::replace_post' function in all versions up to, and including, 1.0.8.
network
low complexity
CWE-434
8.8
8.8
2025-05-05 CVE-2025-4283 Injection vulnerability in Oretnom23 Stock Management System 1.0
A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical.
network
low complexity
oretnom23 CWE-74
critical
 9.8
9.8
2025-05-05 CVE-2025-4282 Missing Authorization vulnerability in Oretnom23 Stock Management System 1.0
A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as problematic.
network
low complexity
oretnom23 CWE-862
8.8
8.8
2025-05-05 CVE-2024-11615 The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.0 via the 'zetra_deleteLanguageFile' and 'zetra_deleteFontsFile' functions.
network
low complexity
CWE-22
5.3
5.3
2025-05-05 CVE-2024-57229 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57230 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57231 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8