Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-08 | CVE-2025-45797 | Out-of-bounds Write vulnerability in Totolink A950Rg Firmware 4.1.2Cu.5204B20210112 TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. | 9.8 |
| 2025-05-08 | CVE-2025-45798 | Command Injection vulnerability in Totolink A950Rg Firmware 4.1.2Cu.5204B20210112 A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. | 9.8 |
| 2025-05-08 | CVE-2025-26845 | Code Injection vulnerability in Znuny An Eval Injection issue was discovered in Znuny through 7.1.3. | 9.8 |
| 2025-05-08 | CVE-2025-45841 | Out-of-bounds Write vulnerability in Totolink Nr1800X Firmware 9.1.0U.6681B20230703 TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function. | 9.8 |
| 2025-05-07 | CVE-2025-47548 | Server-Side Request Forgery (SSRF) vulnerability in Wbcomdesigns Activity Link Preview for Buddypress Server-Side Request Forgery (SSRF) vulnerability in Varun Dubey Wbcom Designs - Activity Link Preview For BuddyPress allows Server Side Request Forgery. | 9.8 |
| 2025-05-07 | CVE-2025-47635 | Server-Side Request Forgery (SSRF) vulnerability in Webinarpress Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress allows Server Side Request Forgery. | 9.8 |
| 2025-05-07 | CVE-2025-47688 | Missing Authorization vulnerability in Advancedfilemanager Advanced File Manager Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. | 9.8 |
| 2025-05-07 | CVE-2025-4104 | The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. | 9.8 |
| 2025-05-07 | CVE-2025-32401 | Heap-based Buffer Overflow vulnerability in Rt-Labs P-Net An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | 9.8 |
| 2025-05-07 | CVE-2025-32403 | Out-of-bounds Write vulnerability in Rt-Labs P-Net An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | 9.8 |