9.3
CVE-2025-4558 - WormHole Tech GPM - Unverified Password Change
The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's password and use the modified password to log into the system.
8.8
CVE-2025-4557 - ZONG YU Parking Management System - Missing Authentication
The specific APIs of Parking Management System from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific APIs and operate system functions. These functions include opening gates and restarting the system.
9.3
CVE-2025-4556 - ZONG YU Okcat Parking Management Platform - Arbitrary File Upload
The web management interface of Okcat Parking Management Platform from ZONG YU has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
0.0
CVE-2025-4562 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
9.3
CVE-2025-4555 - ZONG YU Okcat Parking Management Platform - Missing Authentication
The web management interface of Okcat Parking Management Platform from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access system functions. These functions include opening gates, viewing license plates and parking records, and restartingβ¦
6.9
CVE-2025-4554 - PHPGurukul Apartment Visitors Management System bwdates-passreports-details.php sql injection
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-passreports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate β¦
6.9
CVE-2025-4553 - PHPGurukul Apartment Visitors Management System bwdates-reports-details.php sql injection
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may bβ¦
6.1
CVE-2025-22247 - Insecure file handling vulnerability
VMware Tools contains an insecure file handling vulnerability.Β A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.
5.4
CVE-2025-44175 -
Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
6.5
CVE-2024-55466 -
An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.