Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2025-05-18 CVE-2025-4849 Injection vulnerability in Totolink N300Rh Firmware 6.1C.1390B20191101
A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101.
network
low complexity
totolink CWE-74
critical
 9.8
9.8
2025-05-18 CVE-2025-4847 Classic Buffer Overflow vulnerability in Freefloat FTP Server 1.0
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical.
network
low complexity
freefloat CWE-120
critical
 9.8
9.8
2025-05-18 CVE-2025-4845 Classic Buffer Overflow vulnerability in Freefloat FTP Server 1.0
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.
network
low complexity
freefloat CWE-120
critical
 9.8
9.8
2025-05-18 CVE-2025-4843 Stack-based Buffer Overflow vulnerability in Dlink Dcs-932L Firmware 2.18.01
A vulnerability was found in D-Link DCS-932L 2.18.01.
network
low complexity
dlink CWE-121
critical
 9.8
9.8
2025-05-18 CVE-2025-4844 Classic Buffer Overflow vulnerability in Freefloat FTP Server 1.0
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0.
network
low complexity
freefloat CWE-120
critical
 9.8
9.8
2025-05-17 CVE-2025-4841 Stack-based Buffer Overflow vulnerability in Dlink Dcs-932L Firmware 2.18.01
A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical.
network
low complexity
dlink CWE-121
critical
 9.8
9.8
2025-05-17 CVE-2025-4842 Stack-based Buffer Overflow vulnerability in Dlink Dcs-932L Firmware 2.18.01
A vulnerability was found in D-Link DCS-932L 2.18.01.
network
low complexity
dlink CWE-121
critical
 9.8
9.8
2025-05-17 CVE-2025-4837 SQL Injection vulnerability in Projectworlds Student Project Allocation System 1.0
A vulnerability classified as critical has been found in projectworlds Student Project Allocation System 1.0.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2025-05-17 CVE-2025-4836 SQL Injection vulnerability in Projectworlds Life Insurance Management System 1.0
A vulnerability was found in Projectworlds Life Insurance Management System 1.0.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2025-05-17 CVE-2025-4389 The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the crawlomatic_generate_featured_image() function in all versions up to, and including, 2.6.8.1.
network
low complexity
CWE-434
critical
 9.8
9.8