0.0
CVE-2025-34083 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36849.
0.0
CVE-2025-34084 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36848.
10
CVE-2025-34077 - WordPress Pie Register Plugin β€ 3.7.1.4 Authentication Bypass RCE
An authentication bypass vulnerability exists in the WordPress Pie Register plugin β€ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameteβ¦
0.0
CVE-2025-34085 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36847.
5.1
CVE-2025-7208 - 9fans plan9port x509.c edump heap-based overflow
A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. Tβ¦
4.8
CVE-2025-7207 - mruby nregs codegen.c scope_new heap-based overflow
A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locallyβ¦
7.8
CVE-2025-38250 - Bluetooth: hci_core: Fix use-after-free in vhci_flush()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-after-free in vhci_flush() without repro. [0] From the splat, a thread close()d a vhci file descriptor while its device was being used by iotcl() on anoβ¦
6.5
CVE-2025-44526 -
Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.
4.7
CVE-2025-38242 - mm: userfaultfd: fix race of userfaultfd_move and swap cache
In the Linux kernel, the following vulnerability has been resolved: mm: userfaultfd: fix race of userfaultfd_move and swap cache This commit fixes two kinds of races, they may have different results: Barry reported a BUG_ON in commit c50f8e6053b0, we may see the same BUG_ON if the filemap lookupβ¦
6.5
CVE-2021-27961 -
evesys 7.1 (2152) through 8.0 (2202) allows Reflected XSS via the indexeva.php action parameter.