5.9
CVE-2022-31807 -
A vulnerability has been identified in Building X - Security Manager Edge Controller (ACC-AP) (All versions). Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, β¦
6.9
CVE-2018-25110 - Regular Expression Denial of Service (ReDoS) in markedjs/marked
Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown inpβ¦
5.3
CVE-2025-5114 - easysoft zentaopms Editor index.php edit deserialization
A vulnerability has been found in easysoft zentaopms 21.5_20250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath leadβ¦
6.9
CVE-2025-5112 - FreeFloat FTP Server MGET Command buffer overflow
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MGET Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and mβ¦
6.9
CVE-2025-5111 - FreeFloat FTP Server TYPE Command buffer overflow
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component TYPE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed tβ¦
5.5
CVE-2025-3580 - grafana: Improper access control in the /api/org/users/ API endpoint
An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator β¦
6.9
CVE-2025-5110 - FreeFloat FTP Server VERBOSE Command buffer overflow
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component VERBOSE Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the puβ¦
6.9
CVE-2025-5109 - FreeFloat FTP Server STATUS Command buffer overflow
A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may bβ¦
9.8
CVE-2025-31049 - WordPress Dash <= 1.3 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3.
7.7
CVE-2025-31053 - WordPress KBx Pro Ultimate plugin < 8.0.5 - Arbitrary File Deletion Vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in quantumcloud KBx Pro Ultimate knowledgebase-helpdesk-pro allows Path Traversal.This issue affects KBx Pro Ultimate: from n/a through < 8.0.5.