VULNMAP - Security Vulnerabilities

CVE List - 2025 / June

Showing 801 - 840 of 840 CVEs for June 2025 (Page 9 of 9)

CVE ID Date Title
CVE-2025-5784 2025-06-06 PHPGurukul Employee Record Management System myexp.php sql injection
CVE-2025-5785 2025-06-06 TOTOLINK X15 HTTP POST Request formWirelessTbl buffer overflow
CVE-2025-5786 2025-06-06 TOTOLINK X15 HTTP POST Request formDMZ buffer overflow
CVE-2025-5787 2025-06-06 TOTOLINK X15 HTTP POST Request formWsc buffer overflow
CVE-2025-5788 2025-06-06 TOTOLINK X15 HTTP POST Request formReflashClientTbl buffer overflow
CVE-2025-5789 2025-06-06 TOTOLINK X15 HTTP POST Request formPortFw buffer overflow
CVE-2025-5790 2025-06-06 TOTOLINK X15 HTTP POST Request formIpQoS buffer overflow
CVE-2025-47950 2025-06-06 CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
CVE-2025-49011 2025-06-06 SpiceDB checks involving relations with caveats can result in no permission when permission is expected
CVE-2025-5792 2025-06-06 TOTOLINK EX1200T HTTP POST Request formWlanRedirect buffer overflow
CVE-2025-5793 2025-06-06 TOTOLINK EX1200T HTTP POST Request formPortFw buffer overflow
CVE-2025-5794 2025-06-06 Tenda AC5 setPptpUserList formSetPPTPUserList buffer overflow
CVE-2025-5795 2025-06-06 Tenda AC5 AdvSetLanip fromadvsetlanip buffer overflow
CVE-2025-5473 2025-06-06 GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability
CVE-2025-5474 2025-06-06 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability
CVE-2025-5480 2025-06-06 Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
CVE-2025-5481 2025-06-06 Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2025-3485 2025-06-06 Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability
CVE-2025-2766 2025-06-06 70mai A510 Use of Default Password Authentication Bypass Vulnerability
CVE-2025-5796 2025-06-06 code-projects Laundry System edit_type.php cross site scripting
CVE-2025-5797 2025-06-06 code-projects Laundry System insert_type.php cross site scripting
CVE-2025-5798 2025-06-06 Tenda AC8 SetSysTimeCfg fromSetSysTime stack-based overflow
CVE-2025-5799 2025-06-06 Tenda AC8 WifiExtraSet fromSetWirelessRepeat stack-based overflow
CVE-2025-49127 2025-06-06 Kafbat UI vulnerable to Remote Code Execution by JMX in Metrices Configuration
CVE-2025-49128 2025-06-06 Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation
CVE-2024-55585 2025-06-07 In the moPS App through 1.8.618, all users can access...
CVE-2025-49619 2025-06-07 Skyvern through 0.1.85 has a Jinja runtime leak in sdk/workflow/models/block.py.
CVE-2025-5814 2025-06-07 Profiler – What Slowing Down Your WP <= 1.0.0 - Missing Authentication to Unauthenticated Arbitrary Plugin Reactivation via State Restoration
CVE-2025-47601 2025-06-07 WordPress MaxiBlocks plugin <= 2.1.0 - Arbitrary Option Update to Privilege Escalation vulnerability
CVE-2025-5399 2025-06-07 WebSocket endless loop
CVE-2025-5303 2025-06-07 LTL Freight Quotes – Freightview Edition <= 1.0.11, LTL Freight Quotes – Daylight Edition <=2.2.6 and LTL Freight Quotes – Day & Ross Edition <= 2.1.10 - Unauthenticated Stored Cross-Site Scripting via `expiry_date` Parameter
CVE-2024-9994 2025-06-07 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Pricing Table Widget
CVE-2025-5528 2025-06-07 Social Sharing Plugin – Sassy Social Share <= 3.3.75 - Reflected Cross-Site Scripting via 'heateor_mastodon_share' Parameter
CVE-2025-5568 2025-06-07 WpEvently <= 4.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-9993 2025-06-07 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Event Calendar Widget
CVE-2025-5836 2025-06-07 Tenda AC9 POST Request SetIPTVCfg formSetIptv command injection
CVE-2025-5837 2025-06-07 PHPGurukul Employee Record Management System allemployees.php sql injection
CVE-2025-5838 2025-06-07 PHPGurukul Employee Record Management System adminprofile.php sql injection
CVE-2025-5839 2025-06-07 Tenda AC9 POST Request AdvSetLanip fromadvsetlanip buffer overflow
CVE-2025-5840 2025-06-07 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload