| 2025-03-03 | CVE-2025-1852 | Classic Buffer Overflow vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316
A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. | 9.8 |
| 2025-03-03 | CVE-2025-1853 | Stack-based Buffer Overflow vulnerability in Tenda AC8 Firmware 16.03.34.06
A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. | 9.8 |
| 2025-03-03 | CVE-2025-1850 | Unspecified vulnerability in Codezips College Management System 1.0
A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. network low complexity codezips critical | 9.8 |
| 2025-03-03 | CVE-2025-27590 | Unspecified vulnerability in Oxidized web Project Oxidized web
In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web. | 9.8 |
| 2025-03-02 | CVE-2025-1814 | Stack-based Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.16
A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. | 9.8 |
| 2025-03-01 | CVE-2025-1564 | The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. network low complexity CWE-288 critical | 9.8 |
| 2025-03-01 | CVE-2025-1638 | The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. network low complexity CWE-288 critical | 9.8 |
| 2025-03-01 | CVE-2025-1671 | The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. network low complexity CWE-288 critical | 9.8 |
| 2025-03-01 | CVE-2024-12824 | The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.2. network low complexity CWE-620 critical | 9.8 |
| 2025-02-28 | CVE-2025-0159 | IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1) could allow a remote attacker to bypass RPCAdapter endpoint authentication by sending a specifically crafted HTTP request. network low complexity CWE-288 critical | 9.1 |