6.8
CVE-2025-27840 -
Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).
4.9
CVE-2023-52969 - mariadb: MariaDB Server Crash Due to Empty Backtrace Log
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.
4.9
CVE-2023-52971 - mariadb: MariaDB Server Crash
MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.
4.9
CVE-2023-52970 - mariadb: MariaDB Server Crash via Item_direct_view_ref
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
4.9
CVE-2023-52968 - mariadb: Crash in MariaDB Due to Improper Handling of Derived Tables
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.
8.7
CVE-2025-2097 - TOTOLINK EX1800T cstecgi.cgi setRptWizardCfg stack-based overflow
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow. The attack may be initiateβ¦
5.3
CVE-2025-2096 - TOTOLINK EX1800T cstecgi.cgi setRebootScheCfg os command injection
A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mode/week/minute/recHour leads to os command injection. The attack can be initiateβ¦
5.3
CVE-2025-2095 - TOTOLINK EX1800T cstecgi.cgi setDmzCfg os command injection
A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to initiate the attack remotely. The exploit has β¦
5.3
CVE-2025-2094 - TOTOLINK EX1800T cstecgi.cgi setWiFiExtenderConfig os command injection
A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliKey/key leads to os command injection. The attack may be launchedβ¦
2.3
CVE-2025-2093 - PHPGurukul Online Library Management System change-password.php password recovery
A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-password.php. The manipulation of the argument email/phone number leads to weak password recovery. The atβ¦