6.9

CVSS4.0

CVE-2025-12143 - Stack Memory Corruption Vulnerability

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.

๐Ÿ“… Published: Nov. 28, 2025, 11:59 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.1

CVSS4.0

CVE-2025-13771 - Uniong๏ฝœWebITR - Arbitrary File Read

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

๐Ÿ“… Published: Nov. 28, 2025, 7:49 a.m. ๐Ÿ”„ Last Modified: Dec. 1, 2025, 3:18 p.m.

7.1

CVSS4.0

CVE-2025-13770 - Uniong๏ฝœWebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

๐Ÿ“… Published: Nov. 28, 2025, 7:40 a.m. ๐Ÿ”„ Last Modified: Dec. 1, 2025, 3:18 p.m.

7.1

CVSS4.0

CVE-2025-13769 - Uniong๏ฝœWebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

๐Ÿ“… Published: Nov. 28, 2025, 7:35 a.m. ๐Ÿ”„ Last Modified: Dec. 1, 2025, 3:18 p.m.

7.7

CVSS4.0

CVE-2025-13768 - Uniong๏ฝœWebITR - Authorization Bypass

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.

๐Ÿ“… Published: Nov. 28, 2025, 7:31 a.m. ๐Ÿ”„ Last Modified: Dec. 1, 2025, 3:18 p.m.

4.3

CVSS3.1

CVE-2025-13737 - Nextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social Login

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink the โ€ฆ

๐Ÿ“… Published: Nov. 28, 2025, 3:27 a.m. ๐Ÿ”„ Last Modified: April 21, 2026, 6 p.m.

4.9

CVSS3.1

CVE-2025-64312 -

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

๐Ÿ“… Published: Nov. 28, 2025, 3:09 a.m. ๐Ÿ”„ Last Modified: Dec. 2, 2025, 2:37 a.m.

5.8

CVSS3.1

CVE-2025-58311 -

UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

๐Ÿ“… Published: Nov. 28, 2025, 3:08 a.m. ๐Ÿ”„ Last Modified: Dec. 2, 2025, 2:37 a.m.

7.3

CVSS3.1

CVE-2025-58308 -

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

๐Ÿ“… Published: Nov. 28, 2025, 3:04 a.m. ๐Ÿ”„ Last Modified: Dec. 2, 2025, 2:36 a.m.

6.2

CVSS3.1

CVE-2025-58305 -

Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

๐Ÿ“… Published: Nov. 28, 2025, 2:59 a.m. ๐Ÿ”„ Last Modified: Dec. 2, 2025, 2:36 a.m.
Total resulsts: 349182
Page 2882 of 34,919
ยซ previous page ยป next page
Filters