ReportizFlow
Filtered by vendor
Subscriptions
Total
289610 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-3442 | 2025-04-11 | N/A | ||
| This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device. | ||||
| CVE-2025-2636 | 2025-04-11 | 9.8 Critical | ||
| The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | ||||
| CVE-2025-1386 | 2025-04-11 | N/A | ||
| When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream. | ||||
| CVE-2025-32816 | 2025-04-11 | 3.1 Low | ||
| CodeLit CourseLit before 0.57.5 allows Parameter Tampering via a payment plan associated with the wrong entity. | ||||
| CVE-2025-26330 | 2025-04-11 | 7 High | ||
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account. | ||||
| CVE-2025-27690 | 2025-04-11 | 9.8 Critical | ||
| Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account. | ||||
| CVE-2025-32775 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32774 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32773 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32772 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32771 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32770 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32769 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32768 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32767 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32765 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32764 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32763 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32762 | 2025-04-11 | N/A | ||
| Not used | ||||
| CVE-2025-32761 | 2025-04-11 | N/A | ||
| Not used | ||||