SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
It's 2025... so why are obviously malicious advertising URLs still going strong?
Published: 2025-04-21
Last Updated: 2025-04-21 08:48:44 UTC
by Jan Kopriva (Version: 1)
While the old adage stating that 'the human factor is the weakest link in the cyber security chain' will undoubtedly stay relevant in the near (and possibly far) future, the truth is that the tech industry could Ð and should Ð help alleviate the problem significantly more than it does today.
One clear example of this was provided by a phishing e-mail that was delivered to our mailbox here at the Internet Storm Center this morning.
For anyone aware of modern phishing techniques, the fact that the message was fraudulent would have been obvious at first glance, as you may see from the following pictureÉ In fact, it even used a 'standard' layout that has been commonly used in phishing campaigns for some time now ...
Read the full entry: https://isc.sans.edu/diary/Its+2025+so+why+are+obviously+malicious+advertising+URLs+still+going+strong/31880/
RedTail, Remnux and Malware Management [Guest Diary]
Published: 2025-04-16
Last Updated: 2025-04-17 01:05:49 UTC
by Guy Bruneau (Version: 1)
[This is a Guest Diary by Jacob Claycamp, an ISC intern as part of the SANS.edu BACS program]
Introduction
When I first saw malware being uploaded to my honeypot, I was lacking the requisite experience to reverse engineer it, and to understand what was happening with the code. Even though I could use any text editor to examine the associated scripts that were being uploaded with RedTail malware, I couldn't see what was happening with the RedTail malware itself. So, I decided to create a how-to on setting up a malware analysis program.
The malware analysis platform I chose to use, is Remnux which is a linux distribution, packaged with a variety of analysis tools originally created by Lenny Zeltser, a SANS instructor. My original intent for the Remnux environment was to set it up inside a docker, so it was completely isolated from my computer. This way if I accidentally detonated a malware sample, I could easily just wipe away the docker. I can also wipe away the docker, after I've finished analyzing a sample, and start with a fresh install each time I begin a new investigation.
For this how-to, I'll also make use of kasm workspaces which is a docker container streaming platform, and I'll deploy it inside of a free tier of AWS EC2 instance, this approach will make it easy to access your workspace, from a web browser ...
Read the full entry: https://isc.sans.edu/diary/RedTail+Remnux+and+Malware+Management+Guest+Diary/31868/
Honeypot Iptables Maintenance and DShield-SIEM Logging (2025.04.23)
https://isc.sans.edu/diary/Honeypot+Iptables+Maintenance+and+DShieldSIEM+Logging/31876/
xorsearch.py: "Ad Hoc YARA Rules" (2025.04.22)
https://isc.sans.edu/diary/xorsearchpy+Ad+Hoc+YARA+Rules/31856/
Wireshark 4.4.6 Released (2025.04.20)
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
Product: Apple macOS
CVSS Score: 7.5
** KEV since 2025-04-17 **
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-31200
NVD References:
-
https://support.apple.com/en-us/122282
-
https://support.apple.com/en-us/122400
-
https://support.apple.com/en-us/122401
-
Product: Apple macOS
CVSS Score: 6.8
** KEV since 2025-04-17 **
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-31201
NVD References:
-
https://support.apple.com/en-us/122282
-
https://support.apple.com/en-us/122400
-
https://support.apple.com/en-us/122401
-
Product: Meshtastic
CVSS Score: 9.4
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-24797
NVD References:
https://github.com/meshtastic/firmware/security/advisories/GHSA-33hw-xhfh-944r
Product: TOTOLINK A810R
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28137
NVD References:
-
https://github.com/Zerone0x00/CVE/blob/main/TOTOLINK/CVE-2025-28137.md
-
https://sudsy-eyeliner-a59.notion.site/RCE1-1ab72b8cd95f80d09eded269810f3756?pvs=4
-
https://sudsy-eyeliner-a59.notion.site/RCE1-1ab72b8cd95f80d09eded269810f3756
Product: TOTOLINK N600R
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-22900
NVD References:
https://github.com/xyqer1/TOTOLINK-N600R-setWanConfig-StackOverflow
Product: TOTOLINK X18
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29209
NVD References:
-
https://github.com/LZY0522/CVE/blob/main/X18-sub_41105c.md
-
Product: TOTOLINK EX1200T
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28038
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28039
NVD References:
https://locrian-lightning-dc7.notion.site/RCE1-1ad8e5e2b1a28030a1c8febac89935a0
Product: libsoup soup_message_headersCVSS Score: 9.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32911NVD References: -https://access.redhat.com/security/cve/CVE-2025-32911-https://bugzilla.redhat.com/show_bug.cgi?id=2359355CVE-2021-27289 - The Ksix Zigbee smart home kit is vulnerable to replay attacks due to improper implementation of the Zigbee anti-replay mechanism, allowing attackers to send spoofed commands without authentication.Product: Ksix Zigbee smart home kitCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2021-27289NVD References:https://github.com/TheMalwareGuardian/CVE-2021-27289CVE-2025-28100 - dingfanzuCMS v.1.0 is vulnerable to SQL Injection via the "operateOrder.php" id parameter, allowing attackers to execute arbitrary code.Product: Geeeeeeeek DingfanzuCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-28100NVD References:https://github.com/gh3-dk/vul/blob/main/sql%20injection/dingfanzu/dingfanzu-CMS%20operateOrder.php%20id%20SQL-inject.mdCVE-2025-25456 - Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via mac2.Product: Tenda AC10CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-25456NVD References:https://gist.github.com/xyqer1/ab1e6a2bd369aaada0666639c843aff0CVE-2025-28399 - Erick xmall v.1.1 and before is vulnerable to remote privilege escalation through the updateAddress method of the Address Controller class.Product: Erick xmallCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-28399NVD References:https://github.com/20210607/cve_public/blob/main/CVE-2025-28399.mdCVE-2025-2567 - ATG monitoring systems are at risk of being modified or disabled by attackers, impacting fuel monitoring and supply chain operations and potentially causing safety hazards in fuel storage and transportation.Product: Veeder-Root Automatic Tank Gauge (ATG) CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-2567NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-05CVE-2025-30206 - Dpanel is a Docker visualization panel system with a hardcoded JWT secret, allowing attackers to generate valid tokens and compromise the host machine.Product: Dpanel Docker visualization panel systemCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-30206NVD References:https://github.com/donknap/dpanel/security/advisories/GHSA-j752-cjcj-w847CVE-2025-32445 - Argo Events allows a user to gain privileged access to the host system and cluster by customizing EventSource and Sensor CRs, even without direct administrative privileges, making it fixed in v1.9.6.Product: Argo EventsCVSS Score: 9.9NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32445NVD References: -https://github.com/argoproj/argo-events/commit/18412293a699f559848b00e6e459c9ce2de0d3e2-https://github.com/argoproj/argo-events/security/advisories/GHSA-hmp7-x699-cvhqCVE-2025-30727 - The Oracle Scripting product in Oracle E-Business Suite (component: iSurvey Module) versions 12.2.3-12.2.14 is vulnerable to an easily exploitable attack allowing an unauthenticated attacker to potentially take over Oracle Scripting.Product: Oracle E-Business SuiteCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-30727NVD References:https://www.oracle.com/security-alerts/cpuapr2025.htmlCVE-2025-24297 - Due to lack of server-side input validation, attackers can inject malicious JavaScript code into users personal spaces of the web portal.Product: Growatt Cloud Portal versions 3.6.0 and priorCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-24297NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04CVE-2025-30510 - An attacker can upload an arbitrary file instead of a plant image.Product: Growatt Cloud Portal versions 3.6.0 and priorCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-30510NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04CVE-2025-30215 - NATS-Server versions prior to 2.10.27 and 2.11.1 allow unauthorized users with JS management permissions to perform administrative actions on any JS asset in any account, potentially leading to data destruction.Product: NATS-ServerCVSS Score: 9.6NVD: -https://nvd.nist.gov/vuln/detail/CVE-2025-30215-https://advisories.nats.io/CVE/secnote-2025-01.txt-https://github.com/nats-io/nats-server/security/advisories/GHSA-fhg8-qxh5-7q3w-http://www.openwall.com/lists/oss-security/2025/04/08/5CVE-2025-3495 - Delta Electronics COMMGR v1 and v2 is vulnerable to session ID brute force attacks, allowing an attacker to load and execute arbitrary code.Product: Delta Electronics COMMGR v1 and v2CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-3495NVD References: -https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00005_COMMGR%20-%20Insufficient%20Randomization%20Authentication%20Bypass_v1.pdf-https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-07CVE-2024-22036 - Rancher is vulnerable to privilege escalation and escape from Docker containers leading t…
Product: Ksix Zigbee smart home kit
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2021-27289
NVD References:
Product: Tenda AC10
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-25456
NVD References:
https://gist.github.com/xyqer1/ab1e6a2bd369aaada0666639c843aff0
Product: Erick xmall
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28399
NVD References:
https://github.com/20210607/cve_public/blob/main/CVE-2025-28399.md
Product: Veeder-Root Automatic Tank Gauge (ATG)
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-2567
NVD References:
https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-05
Product: Dpanel Docker visualization panel system
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-30206
NVD References:
https://github.com/donknap/dpanel/security/advisories/GHSA-j752-cjcj-w847
Product: Argo Events
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32445
NVD References:
-
https://github.com/argoproj/argo-events/commit/18412293a699f559848b00e6e459c9ce2de0d3e2
-
https://github.com/argoproj/argo-events/security/advisories/GHSA-hmp7-x699-cvhq
Product: Oracle E-Business Suite
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-30727
NVD References:
Product: Growatt Cloud Portal versions 3.6.0 and prior
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-24297
NVD References:
https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04
Product: Growatt Cloud Portal versions 3.6.0 and prior
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-30510
NVD References:
https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04
Product: NATS-ServerCVSS Score: 9.6NVD: -https://nvd.nist.gov/vuln/detail/CVE-2025-30215-https://advisories.nats.io/CVE/secnote-2025-01.txt-https://github.com/nats-io/nats-server/security/advisories/GHSA-fhg8-qxh5-7q3w-http://www.openwall.com/lists/oss-security/2025/04/08/5CVE-2025-3495 - Delta Electronics COMMGR v1 and v2 is vulnerable to session ID brute force attacks, allowing an attacker to load and execute arbitrary code.Product: Delta Electronics COMMGR v1 and v2CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-3495NVD References: -https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00005_COMMGR%20-%20Insufficient%20Randomization%20Authentication%20Bypass_v1.pdf-https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-07CVE-2024-22036 - Rancher is vulnerable to privilege escalation and escape from Docker containers leading to root access within the Rancher container itself.Product: RancherCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-22036NVD References: -https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036-https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwcCVE-2024-40071 - Multiple vulnerabilities in Sourcecodester Online ID Generator System 1.0.Product: Oretnom23 Online ID Generator SystemCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-40071NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-40072NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-40073NVD References: -https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug2-File-upload-img.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug2-File-upload-img.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug3-SQL-Injection-id1.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug3-SQL-Injection-id1.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug4-SQL-Injection-template.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug4-SQL-Injection-template.mdCVE-2025-29708 & CVE-2025-29709 - SourceCodester Company Website CMS 1.0 contains a file upload vulnerabilities via the "Create Services" file /dashboard/Services.Product: SourceCodester Company Website CMSCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29708NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29709NVD References: -https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29708.md-https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS1.md-https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29709.md-https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS2.mdCVE-2025-27495, CVE-2025-27539, CVE-2025-27540 - Multiple SQL injection vulnerabilities in TeleControl Server BasicProduct: Siemens TeleControl Server BasicCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-27495NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-27539NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-27540NVD References:https://cert-portal.siemens.com/productcert/html/ssa-443402.htmlCVE-2025-29651, CVE-2025-29652, CVE-2025-29653 - SQL injection vulnerabilities in TP-Link M7650, TP-Link M7000, and TP-Link M7450 4G LTE Mobile Wi-Fi Router FirmwareProduct: TP-Link M7650, TP-Link M7000, TP-Link M7450CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29651NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29652NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29653NVD References: -https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29651-https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29652-https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29653CVE-2024-55371 & CVE-2024-55372 - Wallos version 2.38.2 and below is vulnerable to file upload attacks.Product: WallosCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-55371NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-55372NVD References:https://www.datafarm.co.th/blog/CVE-2024-55371-and-CVE-2024-55372-Malicious-File-Upload-to-RCE-in-Wallos-ApplicationCVE-2025-32433 - Erlang/OTP versions prior to OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20 are vulnerable to unauthenticated remote code execution in the SSH server.Product: Erlang OTPCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32433NVD References: -http://www.openwall.com/lists/oss-security/2025/04/16/2-http://www.openwall.com/lists/oss-security/2025/04/18/1-http://www.openwall.com/lists/oss-security/2025/04/18/2-http://www.openwall.com/lists/oss-security/2025/04/18/6-http://www.openwall.com/lists/oss-security/2025/04/19/1 CVE-2025-0756 - Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.2 may allow attackers to gain access to sensitive data or system resources.Product: Hitachi Vantara Pentaho Data Integration & AnalyticsCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/d…
Product: Delta Electronics COMMGR v1 and v2
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3495
NVD References:
-
-
https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-07
Product: RancherCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-22036NVD References: -https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036-https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwcCVE-2024-40071 - Multiple vulnerabilities in Sourcecodester Online ID Generator System 1.0.Product: Oretnom23 Online ID Generator SystemCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-40071NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-40072NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-40073NVD References: -https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug2-File-upload-img.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug2-File-upload-img.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug3-SQL-Injection-id1.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug3-SQL-Injection-id1.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug4-SQL-Injection-template.md-https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug4-SQL-Injection-template.mdCVE-2025-29708 & CVE-2025-29709 - SourceCodester Company Website CMS 1.0 contains a file upload vulnerabilities via the "Create Services" file /dashboard/Services.Product: SourceCodester Company Website CMSCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29708NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29709NVD References: -https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29708.md-https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS1.md-https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29709.md-https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS2.mdCVE-2025-27495, CVE-2025-27539, CVE-2025-27540 - Multiple SQL injection vulnerabilities in TeleControl Server BasicProduct: Siemens TeleControl Server BasicCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-27495NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-27539NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-27540NVD References:https://cert-portal.siemens.com/productcert/html/ssa-443402.htmlCVE-2025-29651, CVE-2025-29652, CVE-2025-29653 - SQL injection vulnerabilities in TP-Link M7650, TP-Link M7000, and TP-Link M7450 4G LTE Mobile Wi-Fi Router FirmwareProduct: TP-Link M7650, TP-Link M7000, TP-Link M7450CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29651NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29652NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29653NVD References: -https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29651-https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29652-https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29653CVE-2024-55371 & CVE-2024-55372 - Wallos version 2.38.2 and below is vulnerable to file upload attacks.Product: WallosCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-55371NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-55372NVD References:https://www.datafarm.co.th/blog/CVE-2024-55371-and-CVE-2024-55372-Malicious-File-Upload-to-RCE-in-Wallos-ApplicationCVE-2025-32433 - Erlang/OTP versions prior to OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20 are vulnerable to unauthenticated remote code execution in the SSH server.Product: Erlang OTPCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32433NVD References: -http://www.openwall.com/lists/oss-security/2025/04/16/2-http://www.openwall.com/lists/oss-security/2025/04/18/1-http://www.openwall.com/lists/oss-security/2025/04/18/2-http://www.openwall.com/lists/oss-security/2025/04/18/6-http://www.openwall.com/lists/oss-security/2025/04/19/1 CVE-2025-0756 - Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.2 may allow attackers to gain access to sensitive data or system resources.Product: Hitachi Vantara Pentaho Data Integration & AnalyticsCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-0756NVD References:https://https://support.pentaho.com/hc/en-us/articles/35771876077709--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Improper-Control-of-Resource-Identifiers-Resource-Injection-Versions-before-10-2-0-2-including-9-3-x-Impacted-CVE-2025-0756CVE-2025-29040 through CVE-2025-29043 - D-Link DIR 832x 240802 is vulnerable to remote code execution via the target_addr key value and function 0x41737c.Product: D-Link DIR 832x 240802CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29040NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29041NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29042NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29043NVD References: -https://www.dlink.com/en/security-bulletin/-https://github.com/xyqer1/Dlink-dir-823x-diag_ping-target_addr-CommandInjection-https://github.com/xyqer1/Dlink-dir-823x-diag_nslookup-target_addr-CommandInjection-htt…
Product: Oretnom23 Online ID Generator System
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-40071
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-40072
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-40073
NVD References:
-
-
-
-
-
-
Product: SourceCodester Company Website CMS
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29708
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29709
NVD References:
-
https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29708.md
-
https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS1.md
-
https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29709.md
-
https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS2.md
Product: Siemens TeleControl Server Basic
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27495
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27539
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27540
NVD References:
https://cert-portal.siemens.com/productcert/html/ssa-443402.html
Product: TP-Link M7650, TP-Link M7000, TP-Link M7450CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29651NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29652NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29653NVD References: -https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29651-https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29652-https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29653CVE-2024-55371 & CVE-2024-55372 - Wallos version 2.38.2 and below is vulnerable to file upload attacks.Product: WallosCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-55371NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-55372NVD References:https://www.datafarm.co.th/blog/CVE-2024-55371-and-CVE-2024-55372-Malicious-File-Upload-to-RCE-in-Wallos-ApplicationCVE-2025-32433 - Erlang/OTP versions prior to OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20 are vulnerable to unauthenticated remote code execution in the SSH server.Product: Erlang OTPCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32433NVD References: -http://www.openwall.com/lists/oss-security/2025/04/16/2-http://www.openwall.com/lists/oss-security/2025/04/18/1-http://www.openwall.com/lists/oss-security/2025/04/18/2-http://www.openwall.com/lists/oss-security/2025/04/18/6-http://www.openwall.com/lists/oss-security/2025/04/19/1 CVE-2025-0756 - Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.2 may allow attackers to gain access to sensitive data or system resources.Product: Hitachi Vantara Pentaho Data Integration & AnalyticsCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-0756NVD References:https://https://support.pentaho.com/hc/en-us/articles/35771876077709--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Improper-Control-of-Resource-Identifiers-Resource-Injection-Versions-before-10-2-0-2-including-9-3-x-Impacted-CVE-2025-0756CVE-2025-29040 through CVE-2025-29043 - D-Link DIR 832x 240802 is vulnerable to remote code execution via the target_addr key value and function 0x41737c.Product: D-Link DIR 832x 240802CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29040NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29041NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29042NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29043NVD References: -https://www.dlink.com/en/security-bulletin/-https://github.com/xyqer1/Dlink-dir-823x-diag_ping-target_addr-CommandInjection-https://github.com/xyqer1/Dlink-dir-823x-diag_nslookup-target_addr-CommandInjection-https://github.com/xyqer1/Dlink-dir-823x-set_prohibiting-macaddr-CommandInjection-https://github.com/xyqer1/Dlink-dir-823x-diag_traceroute-target_addr-CommandInjection-https://gist.github.com/xyqer1/b3bebe4967a3093951273738f0be45ce-https://gist.github.com/xyqer1/101b7308bdf8618d8be30bd1d09ddd38-https://gist.github.com/xyqer1/d5a5b18743b7a2fcbc0f93001d8e2ad9-https://gist.github.com/xyqer1/841e78a3c4029808dac8c439595a1358-https://www.dlink.com/en/security-bulletin/CVE-2025-29044 - Netgear R61 router V1.0.1.28 is vulnerable to buffer overflow, enabling a remote attacker to execute arbitrary code via the QUERY_STRING key value.Product: Netgear R6100CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29044NVD References: -https://gist.github.com/xyqer1/09fe6488a6655776c8c5d33e630a0f2a-https://github.com/xyqer1/Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow?tab=readme-ov-file-https://gist.github.com/xyqer1/09fe6488a6655776c8c5d33e630a0f2a-https://github.com/xyqer1/Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow?tab=readme-ov-fileCVE-2025-29045 - Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key valueProduct: ALFA Wifi CampproCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29045NVD References: -https://gist.github.com/xyqer1/16f6b44ef062374bc32c12952c7b81f8-https://github.com/xyqer1/ALFA-WiFi-CampPro-APSecurity-newap_text_0CVE-2025-29046 - ALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 is vulnerable to a buffer overflow allowing remote attackers to execute arbitrary code through the GAPSMinute3 key value.Product: ALFA WiFi CampPro routerCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29046NVD References: -https://gist.github.com/xyqer1/7f9970240aec0af412caee79271a5be5-https://github.com/xyqer1/ALFA-WiFi-CampPro-GreenAP-GAPSMinute3CVE-2025-29047 - ALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 is vulnerable to a remote attacker exploiting the hiddenIndex in the function StorageEditUser to execute arbitrary code.Product: ALFA WiFi CampPro routerCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29047NVD References: -https://gist.github.com/xyqer1/74adbc0249eeacf762fb4d33cf93a0f5-https://github.com/xyqer1/ALFA-WiFi-CampPro-StorageEditUser-hiddenIndexCVE-2024-56518 - Hazelcast Management Center through 6.0 is vulnerable to remote code execution by uploading a malicious …
Product: Wallos
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-55371
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-55372
NVD References:
CVE-2024-55371-and-
Product: Erlang OTP
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32433
NVD References:
-
http://www.openwall.com/lists/oss-security/2025/04/16/2
-
http://www.openwall.com/lists/oss-security/2025/04/18/1
-
http://www.openwall.com/lists/oss-security/2025/04/18/2
-
http://www.openwall.com/lists/oss-security/2025/04/18/6
-
Product: Hitachi Vantara Pentaho Data Integration & Analytics
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-0756
NVD References:
Product: D-Link DIR 832x 240802
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29040
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29041
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29042
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29043
NVD References:
-
https://www.dlink.com/en/security-bulletin/
-
https://github.com/xyqer1/Dlink-dir-823x-diag_ping-target_addr-CommandInjection
-
https://github.com/xyqer1/Dlink-dir-823x-diag_nslookup-target_addr-CommandInjection
-
https://github.com/xyqer1/Dlink-dir-823x-set_prohibiting-macaddr-CommandInjection
-
https://github.com/xyqer1/Dlink-dir-823x-diag_traceroute-target_addr-CommandInjection
-
https://gist.github.com/xyqer1/b3bebe4967a3093951273738f0be45ce
-
https://gist.github.com/xyqer1/101b7308bdf8618d8be30bd1d09ddd38
-
https://gist.github.com/xyqer1/d5a5b18743b7a2fcbc0f93001d8e2ad9
-
https://gist.github.com/xyqer1/841e78a3c4029808dac8c439595a1358
-
Product: Netgear R6100
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29044
NVD References:
-
https://gist.github.com/xyqer1/09fe6488a6655776c8c5d33e630a0f2a
-
https://github.com/xyqer1/Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow?tab=readme-ov-file
-
https://gist.github.com/xyqer1/09fe6488a6655776c8c5d33e630a0f2a
-
https://github.com/xyqer1/Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow?tab=readme-ov-file
Product: ALFA Wifi Camppro
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29045
NVD References:
-
https://gist.github.com/xyqer1/16f6b44ef062374bc32c12952c7b81f8
-
https://github.com/xyqer1/ALFA-WiFi-CampPro-APSecurity-newap_text_0
Product: ALFA WiFi CampPro router
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29046
NVD References:
-
https://gist.github.com/xyqer1/7f9970240aec0af412caee79271a5be5
-
https://github.com/xyqer1/ALFA-WiFi-CampPro-GreenAP-GAPSMinute3
Product: ALFA WiFi CampPro router
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29047
NVD References:
-
https://gist.github.com/xyqer1/74adbc0249eeacf762fb4d33cf93a0f5
-
https://github.com/xyqer1/ALFA-WiFi-CampPro-StorageEditUser-hiddenIndex
Product: Hazelcast Management Center
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-56518
NVD References:
-
https://docs.hazelcast.com/management-center/6.0-snapshot/getting-started/install
-
https://gist.github.com/azraelxuemo/c3d42739aa3306a41111ef603dc65b4c
Product: LandChat core application
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29662
NVD References:
Product: Dietiqa App
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28009
NVD References:
Product: Yokogawa Electric Corporation GX10 / GX20 / GP10 / GP20 Paperless Recorders
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-1863
NVD References:
https://web-material3.yokogawa.com/1/36974/files/YSAR-25-0001-E.pdf
Product: Croogo v.3.0.2
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-29643
NVD References:
Product: Orban OPTIMOD 5950 Firmware
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28229
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28229
Product: JMTek LLC JMBroadcast JMB0150 Firmware v1.0
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28230
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28230
Product: JMBroadcast JMB0150 Firmware
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28232
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28232
Product: Itel Electronics IP Stream
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28231
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28231
Product: BW Broadcast TX600
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28233
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28233
Product: Nautel VX Series transmitters
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28236
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28236
Product: Elber REBLE310 Firmware
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28238
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28238
Product: DAEnetIP4 METO v1.25
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28242
NVD References:
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28242
Product: Crawl4AI
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28197
NVD References:
https://gist.github.com/AndrewDzzz/f49e79b09ce0643ee1fc2a829e8875e0
Product: Seclore v3.27.5.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-53591
NVD References:
Product: MCMS ueditorCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29287NVD References: -http://cms.com-https://gist.github.com/erdan111/38dcb5150b523436fe01249b2542f02f#file-cve-2025-29287-https://gitee.com/mingSoft/MCMS/issues/IBOOTXCVE-2025-29659 - Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.Product: Yi IOT XY-3820CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29659NVD References: -https://github.com/Yasha-ops/RCE-YiIOT-https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29659 CVE-2025-29660 - The Yi IOT XY-3820 v6.0.24.10 is vulnerable to remote code execution due to a lack of input validation in its TCP service on port 6789.Product: Yi IOT XY-3820CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29660NVD References: -https://github.com/Yasha-ops/RCE-YiIOT-https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29660CVE-2025-32958 - AdeptLanguage is vulnerable to a token extraction attack due to the upload of the mac-standalone artifact with the run's GITHUB_TOKEN, allowing attackers to potentially push malicious code or rewrite release commits in the AdeptLanguage/Adept repository.Product: AdeptLanguageCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32958NVD References: -https://github.com/AdeptLanguage/Adept/commit/a1a41b72cdf1bebfc0cf6d7b3a8350e6406b2220-https://github.com/AdeptLanguage/Adept/security/advisories/GHSA-8c7v-vccv-cx4qCVE-2024-58250 - The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.Product: ppp pppdCVSS Score: 9.3NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-58250NVD References: -https://github.com/ppp-project/ppp/commit/0a66ad22e54c72690ec2a29a019767c55c5281fc-https://github.com/ppp-project/ppp/compare/v2.5.1...v2.5.2-https://ppp.samba.orgCVE-2025-1950 - IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands due to improper library validation.Product: IBM Hardware Management Console - Power SystemsCVSS Score: 9.3NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-1950NVD References:https://www.ibm.com/support/pages/node/7231507CVE-2025-34028 - Commvault Command Center Innovation Release 11.38 allows an unauthenticated actor to upload malicious ZIP files, leading to Remote Code Execution.Product: Commvault Command Center Innovation ReleaseCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-34028NVD References:https://documentation.commvault.com/securityadvisories/CV_2025_04_1.htmlCVE-2025-3278 - The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to 1.0.4, allowing unauthenticated attackers to gain elevated privileges by setting their own role during registration.Product: UrbanGo Membership plugin for WordPressActive Installations: Update to version 1.1, or a newer patched versionCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-3278NVD References: -https://themeforest.net/item/urbango-directory-and-listing-wordpress-theme/22712624-https://www.wordfence.com/threat-intel/vulnerabilities/id/913ffe0c-c8f8-4cda-be9a-96c056d4c4a8?source=cveCVE-2025-1093 - The AIHub theme for WordPress is vulnerable to arbitrary file uploads, allowing unauthenticated attackers to potentially execute remote code.Product: WordPress AIHub themeActive Installations: Update to version 1.3.8, or a newer patched versionCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-1093NVD References: -https://themeforest.net/item/ai-hub-startup-technology-wordpress-theme/47473638-https://www.wordfence.com/threat-intel/vulnerabilities/id/09adfe7e-f154-4143-827f-957ded3ffc8f?source=cveCVE-2021-4455 - The Wordpress Plugin Smart Product Review plugin is vulnerable to arbitrary file uploads up to version 1.0.4, allowing unauthenticated attackers to potentially execute remote code.Product: Wordpress Smart Product Review pluginActive Installations: Update to version 1.0.5, or a newer patched versionCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2021-4455NVD References:https://www.wordfence.com/threat-intel/vulnerabilities/id/1de9183c-95b9-4500-85e2-08dcee956360?source=cveCVE-2025-30985 - Deserialization of Untrusted Data vulnerability in GNUCommerce allows Object Injection. This issue affects GNUCommerce: from n/a through 1.5.4.Product: GNUCommerceActive Installations: This plugin has been closed as of February 4, 2025 and is not available for download. Reason: Security Issue.CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-30985NVD References:https://patchstack.com/database/wordpress/plugin/gnucommerce/vulnerability/wordpress-gnucommerce-plugin-1-5-4-php-object-injection-vulnerability?_s_id=cveCVE-2025-26927 - EPC AI Hub allows malicious upload of web shells to a web server.Product: EPC AI HubActive Installations: unknownCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-269…
Product: Yi IOT XY-3820
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-29659
NVD References:
-
https://github.com/Yasha-ops/RCE-YiIOT
-
https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29659
Product: Yi IOT XY-3820CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-29660NVD References: -https://github.com/Yasha-ops/RCE-YiIOT-https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29660CVE-2025-32958 - AdeptLanguage is vulnerable to a token extraction attack due to the upload of the mac-standalone artifact with the run's GITHUB_TOKEN, allowing attackers to potentially push malicious code or rewrite release commits in the AdeptLanguage/Adept repository.Product: AdeptLanguageCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32958NVD References: -https://github.com/AdeptLanguage/Adept/commit/a1a41b72cdf1bebfc0cf6d7b3a8350e6406b2220-https://github.com/AdeptLanguage/Adept/security/advisories/GHSA-8c7v-vccv-cx4qCVE-2024-58250 - The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.Product: ppp pppdCVSS Score: 9.3NVD:https://nvd.nist.gov/vuln/detail/CVE-2024-58250NVD References: -https://github.com/ppp-project/ppp/commit/0a66ad22e54c72690ec2a29a019767c55c5281fc-https://github.com/ppp-project/ppp/compare/v2.5.1...v2.5.2-https://ppp.samba.orgCVE-2025-1950 - IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands due to improper library validation.Product: IBM Hardware Management Console - Power SystemsCVSS Score: 9.3NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-1950NVD References:https://www.ibm.com/support/pages/node/7231507CVE-2025-34028 - Commvault Command Center Innovation Release 11.38 allows an unauthenticated actor to upload malicious ZIP files, leading to Remote Code Execution.Product: Commvault Command Center Innovation ReleaseCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-34028NVD References:https://documentation.commvault.com/securityadvisories/CV_2025_04_1.htmlCVE-2025-3278 - The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to 1.0.4, allowing unauthenticated attackers to gain elevated privileges by setting their own role during registration.Product: UrbanGo Membership plugin for WordPressActive Installations: Update to version 1.1, or a newer patched versionCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-3278NVD References: -https://themeforest.net/item/urbango-directory-and-listing-wordpress-theme/22712624-https://www.wordfence.com/threat-intel/vulnerabilities/id/913ffe0c-c8f8-4cda-be9a-96c056d4c4a8?source=cveCVE-2025-1093 - The AIHub theme for WordPress is vulnerable to arbitrary file uploads, allowing unauthenticated attackers to potentially execute remote code.Product: WordPress AIHub themeActive Installations: Update to version 1.3.8, or a newer patched versionCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-1093NVD References: -https://themeforest.net/item/ai-hub-startup-technology-wordpress-theme/47473638-https://www.wordfence.com/threat-intel/vulnerabilities/id/09adfe7e-f154-4143-827f-957ded3ffc8f?source=cveCVE-2021-4455 - The Wordpress Plugin Smart Product Review plugin is vulnerable to arbitrary file uploads up to version 1.0.4, allowing unauthenticated attackers to potentially execute remote code.Product: Wordpress Smart Product Review pluginActive Installations: Update to version 1.0.5, or a newer patched versionCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2021-4455NVD References:https://www.wordfence.com/threat-intel/vulnerabilities/id/1de9183c-95b9-4500-85e2-08dcee956360?source=cveCVE-2025-30985 - Deserialization of Untrusted Data vulnerability in GNUCommerce allows Object Injection. This issue affects GNUCommerce: from n/a through 1.5.4.Product: GNUCommerceActive Installations: This plugin has been closed as of February 4, 2025 and is not available for download. Reason: Security Issue.CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-30985NVD References:https://patchstack.com/database/wordpress/plugin/gnucommerce/vulnerability/wordpress-gnucommerce-plugin-1-5-4-php-object-injection-vulnerability?_s_id=cveCVE-2025-26927 - EPC AI Hub allows malicious upload of web shells to a web server.Product: EPC AI HubActive Installations: unknownCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-26927NVD References:https://patchstack.com/database/wordpress/theme/aihub/vulnerability/wordpress-ai-hub-plugin-1-3-3-arbitrary-file-upload-vulnerability?_s_id=cveCVE-2025-30967 - WPJobBoard is susceptible to a CSRF vulnerability that allows attackers to upload a web shell to a web server, impacting versions from n/a through n/a.Product: WPJobBoardActive Installations: 1,000+CVSS Score: 9.6NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-30967NVD References:https://patchstack.com/database/wordpress/plugin/wpjobboard/vulnerability/wordpress-wpjobboard-plugin-5-11-1-csrf-to-remote-code-execution-rce-vulnerability?_s_id=cveCVE-2025-39557 - Kadence WooCommerce Email Designer allows for unrestricted upload of dangerous file types, enabling potential web server takeover…
Product: ppp pppd
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-58250
NVD References:
-
https://github.com/ppp-project/ppp/commit/0a66ad22e54c72690ec2a29a019767c55c5281fc
-
https://github.com/ppp-project/ppp/compare/v2.5.1...v2.5.2
-
Product: IBM Hardware Management Console - Power Systems
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-1950
NVD References:
Product: Commvault Command Center Innovation Release
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-34028
NVD References:
https://documentation.commvault.com/securityadvisories/CV_2025_04_1.html
Product: UrbanGo Membership plugin for WordPress
Active Installations: Update to version 1.1, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3278
NVD References:
-
https://themeforest.net/item/urbango-directory-and-listing-wordpress-theme/22712624
-
Product: WordPress AIHub theme
Active Installations: Update to version 1.3.8, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-1093
NVD References:
-
https://themeforest.net/item/ai-hub-startup-technology-wordpress-theme/47473638
-
Product: Wordpress Smart Product Review plugin
Active Installations: Update to version 1.0.5, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2021-4455
NVD References:
Product: GNUCommerce
Active Installations: This plugin has been closed as of February 4, 2025 and is not available for download. Reason: Security Issue.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-30985
NVD References:
Product: EPC AI Hub
Active Installations: unknown
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-26927
NVD References:
Product: WPJobBoard
Active Installations: 1,000+
CVSS Score: 9.6
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-30967
NVD References:
Product: Ben Ritner Kadence WooCommerce Email Designer
Active Installations: 100,000+
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39557
NVD References:
Product: WPFactory Custom CSS, JS & PHP
Active Installations: 400+
CVSS Score: 9.6
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39601
NVD References:
Product: Caio CWD Ð Stealth Links
Active Installations: This plugin has been closed as of February 7, 2025 and is not available for download. Reason: Security Issue.
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-22655
NVD References:
Product: rockgod100 Theme File Duplicator
Active Installations: This plugin has been closed as of February 18, 2025 and is not available for download. Reason: Security Issue.
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27282
NVD References:
Product: saoshyant1994 Saoshyant Slider
Active Installations: unknown
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27286
NVD References:
Product: Climax Themes Kata Plus
Active Installations: 600+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32572
NVD References:
Product: Termel PDF 2 Post
Active Installations: 100+
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32583
NVD References:
Product: JoomSky JS Job Manager
Active Installations: 800+
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32626
NVD References:
Product: JoomSky JS Job Manager
Active Installations: 800+
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32660
NVD References:
Product: matthewrubin Local Magic
Active Installations: 100+
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32636
NVD References:
Product: Projectopia
Active Installations: 300+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32648
NVD References:
Product: solacewp Solace Extra
Active Installations: 3,000+
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32652
NVD References:
Product: wpWax HelpGent
Active Installations: 100+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32658
NVD References:
Product: RomanCode MapSVG Lite
Active Installations: 700+
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32682
NVD References:
Product: aidraw I Draw
Active Installations: This plugin has been closed as of April 16, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39436
NVD References:
Product: Shahjahan Jewel FluentCommunity
Active Installations: 4,000+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39550
NVD References:
Product: Mahmudul Hasan Arif FluentBoards
Active Installations: 4,000+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39551
NVD References:
Product: Stylemix Cost Calculator Builder
Active Installations: 30,000+
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39587
NVD References:
Product: bdthemes Ultimate Store Kit Elementor Addons
Active Installations: 1,000+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39588
NVD References:
Product: Quentn.com GmbH Quentn WP
Active Installations: 500+
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39595
NVD References:
Product: Quentn.com GmbH Quentn WP
Active Installations: 500+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39596
NVD References:
Product: Pantherius Modal Survey
Active Installations: unknown
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-39471
NVD References:
Scaling Security in the Age of AI: Lessons from Vanta, Wiz, & Modo Labs Join Vanta, Wiz, and Modo Labs on May 8th for a live fireside chat to explore AI's impact on scaling security programsÐwhat to watch out for, how to adapt, where to adopt AI, and what to focus on next. This interactive discussion will include insights into top-of-mind issues, actionable steps to strengthen your program, and more. Register here.
Surface exposures, prioritize threats, and take action - before attackers do. See how to fortify your security posture with a self-guided tour of the Sevco Exposure Assessment Platform.
Webcast | Be a DLP Hero: How to Quickly Deliver Value from Your DLP Program and Set It Up for Future Success | June 4, 1:00 ETJoin us for this practical, insight-packed webcast and learn how to confidently launch or strengthen your DLP program for immediate value and long-term success. Save your seat today.
Webcast | Collaborative Mobile App Security Development and Analysis | May 20, 1:00 ETMobile app security is more critical-and more complex-than ever. With growing pressure to release quickly, mobile security teams often face tough trade-offs: limited access to devices, remote team coordination challenges, and slow, unreliable emulators that fail to mirror real-world behavior. Join SANS Certified Instructor Jeroen Beckers as he shares how to overcome these challenges and modernize your mobile security testing.