6.1
CVE-2025-4434 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
9.8
CVE-2025-3811 - WPBookit <= 1.0.2 - Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Emโฆ
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email through the edit_newdata_customer_callback() functโฆ
9.8
CVE-2025-3810 - WPBookit <= 1.0.2 - Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Acโฆ
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() functโฆ
8.7
CVE-2025-4452 - D-Link DIR-619L formSetWizard2 buffer overflow
A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this issue is the function formSetWizard2. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure. This โฆ
8.7
CVE-2025-4451 - D-Link DIR-619L formSetWAN_Wizard52 buffer overflow
A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this vulnerability is the function formSetWAN_Wizard52. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about thisโฆ
8.7
CVE-2025-4450 - D-Link DIR-619L formSetEasy_Wizard buffer overflow
A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Affected is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosureโฆ
8.7
CVE-2025-4449 - D-Link DIR-619L formEasySetupWizard3 buffer overflow
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. This issue affects the function formEasySetupWizard3. The manipulation of the argument wan_connected leads to buffer overflow. The attack may be initiated remotely. The vendor was contacted early about thiโฆ
8.7
CVE-2025-4448 - D-Link DIR-619L formEasySetupWizard buffer overflow
A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. Thโฆ
8.6
CVE-2025-4446 - H3C GR-5400AX aspForm Edit_List_SSID buffer overflow
A vulnerability has been found in H3C GR-5400AX up to 100R008 and classified as critical. This vulnerability affects the function Edit_List_SSID of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack needs to be approached within the local network.
5.3
CVE-2025-4445 - D-Link DIR-605L wake_on_lan command injection
A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerabiโฆ