7.8
CVE-2025-22883 - ISPSoft File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Delta Electronics ISPSoft version 3.20 is vulnerable to anΒ Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file.
7.8
CVE-2025-22882 - ISPSoft File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file.
4.9
CVE-2025-3471 - SureForms < 1.4.4 - Contributor+ Settings Update
The SureForms WordPress plugin before 1.4.4 does not have proper authorisation check when updating its settings via the REST API, which could allow Contributor and above roles to perform such action
6.5
CVE-2025-3953 - WP Statistics β The Most Popular Privacy-Friendly Analytics Plugin <= 14.13.3 - Missing Authorizatiβ¦
The WP Statistics β The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'optionUpdater' function in all versions up to, and including, 14.13.3. This makes it possible for authenticated atβ¦
0.0
CVE-2025-4107 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
10
CVE-2025-32444 - vLLM Vulnerable to Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerableβ¦
6.5
CVE-2025-46560 - vLLM phi4mm: Quadratic Time Complexity in Input Token Processingβ leads to denial of service
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.8.0 and prior to 0.8.5 are affected by a critical performance vulnerability in the input preprocessing logic of the multimodal tokenizer. The code dynamically replaces placeholder tokens (β¦
9.8
CVE-2025-45019 -
A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the cprice POST request parameter.
7.3
CVE-2025-44194 -
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_household.
5.3
CVE-2025-45021 -
A SQL Injection vulnerability was identified in the admin/edit-directory.php file of the PHPGurukul Directory Management System v2.0. Attackers can exploit this vulnerability via the email parameter in a POST request to execute arbitrary SQL commands.