0.0

CVE-2025-9697 - Ajax WooSearch <= 1.0.0 - Unauthenticated SQL Injection

The Ajax WooSearch WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

๐Ÿ“… Published: Oct. 2, 2025, 6 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 6 a.m.

0.0

CVE-2025-9587 - CTL Behance Importer Lite <= 1.0 - Unauthenticated SQL Injection

The CTL Behance Importer Lite WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

๐Ÿ“… Published: Oct. 2, 2025, 6 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 6 a.m.

7.1

CVSS4.0

CVE-2025-61690 -

KV STUDIO versions 12.23 and prior contain a buffer underflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

๐Ÿ“… Published: Oct. 2, 2025, 5:51 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:51 a.m.

7.1

CVSS4.0

CVE-2025-61692 -

VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

๐Ÿ“… Published: Oct. 2, 2025, 5:51 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:51 a.m.

7.1

CVSS4.0

CVE-2025-61691 -

VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

๐Ÿ“… Published: Oct. 2, 2025, 5:51 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:51 a.m.

7.1

CVSS4.0

CVE-2025-58777 -

VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

๐Ÿ“… Published: Oct. 2, 2025, 5:50 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:50 a.m.

8.4

CVSS4.0

CVE-2025-58776 -

KV Studio versions 12.23 and prior contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

๐Ÿ“… Published: Oct. 2, 2025, 5:50 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:50 a.m.

8.4

CVSS4.0

CVE-2025-58775 -

KV STUDIO and VT5-WX15/WX12 contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

๐Ÿ“… Published: Oct. 2, 2025, 5:50 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:50 a.m.

8.7

CVSS4.0

CVE-2025-11020 - Remote Code Execution in MarkAny SafePC Enterprise

An attacker can obtain server information using Path Traversal vulnerability to conduct SQL Injection, which possibly exploits Unrestricted Upload of File with Dangerous Type vulnerability in MarkAny SafePC Enterprise on Windows, Linux.This issue affects SafePC Enterprise: V7.0.* (V7.0.YYYY.MM.DD) โ€ฆ

๐Ÿ“… Published: Oct. 2, 2025, 5:15 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:15 a.m.

9.4

CVSS4.0

CVE-2025-11221 - Remote Code Execution in GTONE ChangeFlow

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Unrestricted Upload of File with Dangerous Type vulnerability in GTONE ChangeFlow allows Path Traversal, Accessing Functionality Not Properly Constrained by ACLs.This issue affects ChangeFlow: from All versions through โ€ฆ

๐Ÿ“… Published: Oct. 2, 2025, 5:15 a.m. ๐Ÿ”„ Last Modified: Oct. 2, 2025, 5:15 a.m.
Total resulsts: 312428
Page 1 of 31,243
ยป next page
Filters