Top 100 Recent CVEs

CVE-2025-6494 3.3
Published: 2025-06-22T23:15:20.103

What it does:

The CVE-2025-6494 vulnerability is a heap-based buffer overflow issue in the Nokogiri library, specifically in the `hashmap_get_with_hash` function of the `gumbo-parser/src/hashmap.c` file, which can be exploited locally.

Why it's a problem:

This vulnerability is a problem because it can be used by an attacker to overflow a buffer on the heap, potentially allowing them to execute arbitrary code, leading to a range of malicious activities such as data theft, system compromise, or malware installation.

Steps to mitigate:

  • Update Nokogiri to a version later than 1.18.7]
  • [Apply patches or fixes provided by the vendor]
  • [Monitor systems for suspicious activity and implement additional security measures to prevent local exploitation.
CVE-2025-6493 5.3
Published: 2025-06-22T22:15:22.430

What it does:

This vulnerability affects the Markdown Mode in CodeMirror versions up to 5.17.0, causing inefficient regular expression complexity when manipulated, which can be launched remotely.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, potentially allowing attackers to launch a denial-of-service attack or slow down the system, which can lead to decreased performance and increased risk of further exploitation.

Steps to mitigate:

  • Update CodeMirror to version 6 or later, which is more actively maintained and less susceptible to this vulnerability'
  • Avoid using the affected Markdown Mode in CodeMirror versions up to 5.17.0'
  • Monitor system performance for signs of exploitation and implement measures to prevent remote attacks.
CVE-2025-6492 5.3
Published: 2025-06-22T20:15:19.803

What it does:

The CVE-2025-6492 vulnerability allows an attacker to manipulate the getRecommendTitleFromMarkdownString function in MarkText versions up to 0.17.1, causing inefficient regular expression complexity, which can be launched remotely.

Why it's a problem:

This vulnerability is a problem because it can be exploited by attackers to potentially cause a denial-of-service (DoS) or disrupt the performance of the MarkText application, allowing unauthorized individuals to impact the system's availability and reliability.

Steps to mitigate:

  • Update MarkText to a version later than 0.17.1
  • Implement regular expression complexity limits
  • Monitor system performance for signs of exploitation
  • Apply security patches as soon as they become available
  • Limit remote access to the MarkText application whenever possible.
CVE-2025-6490 3.3
Published: 2025-06-22T19:15:20.790

What it does:

The CVE-2025-6490 vulnerability is a heap-based buffer overflow issue in the Nokogiri library, specifically in the hashmap_set_with_hash function of the gumbo-parser/src/hashmap.c file, which can be exploited by a local attacker to potentially execute arbitrary code.

Why it's a problem:

This vulnerability is a problem because it can be used by an attacker to overflow a buffer on the heap, potentially allowing them to execute malicious code, access sensitive data, or cause the system to crash, which can lead to security breaches, data loss, or system downtime.

Steps to mitigate:

  • Update Nokogiri to a version later than 1.18.7
  • [Apply the patch provided by the vendor if available]
  • Implement local access controls to limit the ability of attackers to exploit the vulnerability
  • Monitor systems for signs of exploitation and be prepared to respond quickly in case of an attack.
CVE-2025-6489 7.3
Published: 2025-06-22T19:15:19.843

What it does:

The CVE-2025-6489 vulnerability allows an attacker to inject malicious SQL code into the Agri-Trading Online Shopping System 1.0 by manipulating the "del" argument in the /transactionsave.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access, modify, or delete sensitive data in the system's database, potentially leading to data breaches, financial losses, or disruptions to the online shopping system.

Steps to mitigate:

  • Update the Agri-Trading Online Shopping System to a patched version
  • [Implement input validation and sanitization for the "del" argument in the /transactionsave.php file
  • [Use prepared statements or parameterized queries to prevent SQL injection
  • [Limit access to the /transactionsave.php file to authorized personnel
  • [Monitor system logs for suspicious activity and signs of exploitation.
CVE-2025-6487 8.8
Published: 2025-06-22T18:15:22.783

What it does:

This vulnerability allows an attacker to cause a stack-based buffer overflow in the TOTOLINK A3002R router by manipulating the "subnet" argument in the formRoute function, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it can be exploited by attackers to potentially gain control of the router, allowing them to steal sensitive information, disrupt network traffic, or use the router as a launching point for further attacks, posing a significant risk to the security of the network.

Steps to mitigate:

  • Update the TOTOLINK A3002R firmware to the latest version
  • [Change the subnet settings to prevent buffer overflow]
  • Use a firewall to block unauthorized access to the router
  • [Monitor network traffic for suspicious activity]
  • Contact the manufacturer for further guidance and support.
CVE-2025-6486 8.8
Published: 2025-06-22T18:15:22.573

What it does:

This vulnerability allows an attacker to cause a stack-based buffer overflow in the TOTOLINK A3002R router by manipulating the "submit-url" argument in the formWlanMultipleAP function, which can be done remotely.

Why it's a problem:

This is a critical issue because it can be exploited by attackers to potentially execute arbitrary code, gain unauthorized access to the router, and compromise the security of the network, leading to data breaches, malware distribution, and other malicious activities.

Steps to mitigate:

  • Update the TOTOLINK A3002R firmware to the latest version
  • [Apply patches or fixes provided by the manufacturer]
  • [Change default passwords and settings to prevent unauthorized access]
  • [Limit remote access to the router and enable firewall rules to restrict incoming traffic]
  • [Monitor network traffic for suspicious activity and keep an eye out for future security updates].
CVE-2025-6485 6.3
Published: 2025-06-22T17:15:23.043

What it does:

This vulnerability allows an attacker to inject operating system commands into the TOTOLINK A3002R router, specifically through the formWlSiteSurvey function, by manipulating the wlanif argument, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to execute unauthorized commands on the router, potentially leading to unauthorized access, data theft, or disruption of the network, and since the exploit is publicly disclosed, attackers can easily use it to target vulnerable devices.

Steps to mitigate:

  • Update the TOTOLINK A3002R firmware to a version later than 1.1.1-B20200824.0128
  • [Apply firewall rules to restrict remote access to the router]
  • Change default passwords and credentials to prevent unauthorized access
  • Monitor network traffic for suspicious activity
  • Consider replacing the router if a patch is not available.
CVE-2025-6484 4.7
Published: 2025-06-22T17:15:22.063

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Shopping Store 1.0 application by manipulating certain arguments (cat_id, brand_id, keyword, proId, pid) in the /action.php file, potentially leading to unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the application's database, potentially resulting in data breaches, tampering, or even taking control of the entire system, which can lead to significant financial and reputational damage.

Steps to mitigate:

  • Update the Online Shopping Store 1.0 application to a patched version
  • [Implement input validation and sanitization for user-provided arguments]
  • [Use prepared statements and parameterized queries to prevent SQL injection]
  • [Limit database privileges to the minimum required for the application
  • [Monitor application logs for suspicious activity and potential exploitation attempts].
CVE-2025-6483 7.3
Published: 2025-06-22T16:15:24.290

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Pizza Ordering System 1.0 by manipulating the "ID" argument in the /edituser.php file, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to access, modify, or delete sensitive data in the system's database, potentially leading to data breaches, unauthorized access, or system compromise.

Steps to mitigate:

  • Update the Simple Pizza Ordering System to a patched version
  • [Implement input validation and sanitization on the "ID" argument in /edituser.php
  • [Use prepared statements with parameterized queries to prevent SQL injection
  • [Limit access to the /edituser.php file to authorized personnel
  • [Monitor system logs for suspicious activity and signs of SQL injection attacks].
CVE-2025-6482 7.3
Published: 2025-06-22T16:15:24.093

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Pizza Ordering System 1.0 by manipulating the "userid" argument in the /edituser-exec.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to data breaches, unauthorized data modification, or even complete system compromise, which can have severe consequences for the system's security and integrity.

Steps to mitigate:

  • Update the Simple Pizza Ordering System to a patched version
  • [Apply input validation and sanitization to the "userid" argument]
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the system and restrict user privileges
  • [Perform regular security audits and penetration testing to identify and address vulnerabilities].
CVE-2025-6481 7.3
Published: 2025-06-22T15:15:20.830

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Pizza Ordering System 1.0 by manipulating the "ID" argument in the /update.php file, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to access, modify, or extract sensitive data from the system's database, potentially leading to data breaches, unauthorized access, or disruption of services.

Steps to mitigate:

  • Update the Simple Pizza Ordering System to a patched version
  • [Apply input validation and sanitization to the "ID" argument in /update.php
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Use parameterized queries or prepared statements to prevent SQL injection
  • [Limit remote access to the /update.php file and restrict user privileges.
CVE-2025-6480 7.3
Published: 2025-06-22T15:15:20.030

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Pizza Ordering System 1.0 through the "textfield" argument in the /addcatexec.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing physical access to the system, which can lead to data breaches, unauthorized modifications, and other malicious activities.

Steps to mitigate:

  • Update the Simple Pizza Ordering System to a patched version
  • [Implement input validation and sanitization for the "textfield" argument]
  • [Use prepared statements to prevent SQL injection]
  • [Limit access to the /addcatexec.php file
  • [Monitor system logs for suspicious activity]
CVE-2025-6479 7.3
Published: 2025-06-22T14:15:22.193

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Pizza Ordering System 1.0 by manipulating the "dayfrom" argument in the /salesreport.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to data breaches, tampering, or even taking control of the system, which can have severe consequences for the business and its customers.

Steps to mitigate:

  • Update the Simple Pizza Ordering System to a patched version
  • [Implement input validation and sanitization for the "dayfrom" argument]
  • [Use prepared statements to prevent SQL injection]
  • [Limit access to the /salesreport.php file to authorized personnel
  • [Monitor system logs for suspicious activity and signs of exploitation].
CVE-2025-6478 4.3
Published: 2025-06-22T14:15:21.467

What it does:

The CVE-2025-6478 vulnerability allows an attacker to perform a cross-site request forgery (CSRF) attack on the CodeAstro Expense Management System 1.0, which can be launched remotely.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to trick users into performing unintended actions on the system, potentially leading to unauthorized data modifications, financial transactions, or other malicious activities, compromising the security and integrity of the system.

Steps to mitigate:

  • Update to a patched version of the CodeAstro Expense Management System
  • [Implement CSRF protection measures, such as token-based validation]
  • Configure web application firewalls to detect and prevent CSRF attacks
  • Limit user privileges to minimize potential damage
  • Monitor system activity for suspicious requests and transactions.
CVE-2025-6477 2.4
Published: 2025-06-22T13:15:35.120

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "School Name" argument on the System Settings Page of the SourceCodester Student Result Management System 1.0, specifically affecting the /script/admin/system file.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious code into the system, potentially leading to unauthorized access, data theft, or other malicious activities, compromising the security and integrity of the system.

Steps to mitigate:

  • Update the SourceCodester Student Result Management System to a patched version
  • [Implement input validation and sanitization for the "School Name" field]
  • [Restrict access to the System Settings Page to authorized personnel only]
  • [Monitor system logs for suspicious activity and signs of XSS attacks]
CVE-2025-6476 4.3
Published: 2025-06-22T13:15:34.470

What it does:

This vulnerability allows an attacker to perform a cross-site request forgery (CSRF) attack on the SourceCodester Gym Management System 1.0, which can be launched remotely.

Why it's a problem:

This is a problem because a CSRF attack can trick users into performing unintended actions on the system, potentially leading to unauthorized data modifications, theft, or other malicious activities, compromising the security and integrity of the system.

Steps to mitigate:

  • Update the SourceCodester Gym Management System to a patched version if available
  • Implement CSRF protection measures such as token-based validation
  • Use web application firewalls (WAFs) to detect and prevent CSRF attacks
  • Limit user privileges to minimize potential damage
  • Monitor system activity for suspicious behavior.
CVE-2025-6475 2.4
Published: 2025-06-22T12:15:20.747

What it does:

The CVE-2025-6475 vulnerability allows an attacker to perform a cross-site scripting (XSS) attack on the Student Result Management System 1.0, specifically targeting the Manage Students Module. This occurs when an unknown processing issue in the /script/admin/manage_students file is manipulated, allowing malicious code to be executed.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious scripts into the system, potentially leading to unauthorized access, data theft, or other malicious activities. The fact that the exploit has been publicly disclosed increases the risk of attack, as malicious actors can use this information to launch targeted attacks.

Steps to mitigate:

  • Update the Student Result Management System to a patched version
  • [Implement input validation and sanitization for all user-input data]
  • Use a Web Application Firewall (WAF) to detect and prevent XSS attacks
  • Limit access to the Manage Students Module to authorized personnel only
  • Monitor system logs for suspicious activity and respond promptly to potential security incidents.
CVE-2025-6474 7.3
Published: 2025-06-22T12:15:19.777

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Inventory Management System by manipulating the "user_id" argument in the /changeUsername.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to data breaches, unauthorized data modification, or even complete system takeover, which can have severe consequences for the security and integrity of the affected system.

Steps to mitigate:

  • Update the Inventory Management System to the latest version
  • [patch the /changeUsername.php file to validate and sanitize user input]
  • implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • use parameterized queries or prepared statements to prevent SQL injection
  • limit access to the /changeUsername.php file to authorized personnel only.
CVE-2025-6473 4.3
Published: 2025-06-22T11:15:19.517

What it does:

This vulnerability allows an attacker to inject malicious code into the School Fees Payment System through the "transcation_remark" argument in the /fees.php file, leading to a cross-site scripting (XSS) attack that can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to execute malicious scripts on the system, potentially stealing user data, taking control of user sessions, or performing other unauthorized actions, which can compromise the security and integrity of the payment system.

Steps to mitigate:

  • Update the School Fees Payment System to the latest version
  • [Patch the /fees.php file to validate and sanitize user input]
  • [Implement web application firewall (WAF) rules to detect and block XSS attacks]
  • [Limit access to the /fees.php file to authorized personnel only
  • [Monitor system logs for suspicious activity and signs of XSS attacks].
CVE-2025-6472 7.3
Published: 2025-06-22T10:15:22.703

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Bidding System 1.0 by manipulating the "ID" argument in the /showprod.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to access and manipulate sensitive data, potentially leading to data breaches, unauthorized modifications, or even taking control of the system, which can have severe consequences for the security and integrity of the affected system.

Steps to mitigate:

  • Update the Online Bidding System to the latest version
  • [Patch the /showprod.php file to validate and sanitize user input]
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the system and monitor for suspicious activity
  • [Use parameterized queries or prepared statements to prevent SQL injection].
CVE-2025-6471 7.3
Published: 2025-06-22T10:15:21.680

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Bidding System 1.0 by manipulating the "aduser" argument in the /administrator file, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to access, modify, or extract sensitive data from the system's database, potentially leading to data breaches, unauthorized access, or disruption of the bidding system.

Steps to mitigate:

  • Update the Online Bidding System to a patched version if available
  • Implement input validation and sanitization for the "aduser" argument
  • Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • Limit remote access to the /administrator file
  • Monitor system logs for suspicious activity related to SQL injection attempts.
CVE-2025-6470 7.3
Published: 2025-06-22T09:15:25.157

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Bidding System 1.0 by manipulating the "ID" argument in the /bidlog.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to access and manipulate sensitive database information, which could lead to data breaches, tampering, or even full system compromise, resulting in significant security and privacy risks.

Steps to mitigate:

  • Update to a patched version of the Online Bidding System
  • [Implement input validation and sanitization for the "ID" argument in /bidlog.php
  • [Use prepared statements or parameterized queries to prevent SQL injection
  • [Limit remote access to the /bidlog.php file and restrict user privileges
  • [Monitor system logs for suspicious activity and signs of exploitation]
CVE-2025-6469 7.3
Published: 2025-06-22T08:15:25.497

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Bidding System 1.0 by manipulating the "ID" argument in the /details.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This is a problem because it enables remote attackers to exploit the system, potentially leading to data theft, modification, or deletion, which could have serious consequences for the affected organization and its users.

Steps to mitigate:

  • Update the Online Bidding System to a patched version
  • [Implement input validation and sanitization for the "ID" argument in /details.php
  • [Use prepared statements with parameterized queries to prevent SQL injection
  • [Limit access to the /details.php file and restrict user input
  • [Monitor system logs for suspicious activity and signs of exploitation].
CVE-2025-6468 7.3
Published: 2025-06-22T08:15:24.677

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Bidding System 1.0 by manipulating the "ID" argument in the /bidnow.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, meaning an attacker can launch the attack from anywhere, and it has been publicly disclosed, making it more likely that malicious actors will attempt to use it to steal or manipulate data, compromising the security and integrity of the system.

Steps to mitigate:

  • Update the Online Bidding System to a patched version
  • [Implement input validation and sanitization on the "ID" argument in /bidnow.php
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the /bidnow.php file
  • [Regularly monitor the system for suspicious activity and signs of exploitation.
CVE-2025-6467 7.3
Published: 2025-06-22T06:15:23.623

What it does:

This vulnerability allows an attacker to manipulate the "User" argument in the /login.php file of the Online Bidding System 1.0, leading to a SQL injection attack, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to inject malicious SQL code into the system, potentially allowing them to access, modify, or delete sensitive data, disrupt system operations, or gain unauthorized access to the system.

Steps to mitigate:

  • Update the Online Bidding System to a patched version
  • [Apply input validation and sanitization to user-input data]
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the system and restrict user privileges
  • [Perform regular security audits and penetration testing to identify and address vulnerabilities].
CVE-2025-6466 6.3
Published: 2025-06-22T05:15:25.840

What it does:

This vulnerability allows an attacker to upload unrestricted files to a system using the speechToTextTranscriptionsV2/upload function in the ruoyi-ai 2.0.0 software, potentially leading to malicious file execution or other security breaches.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to upload malicious files, which could result in unauthorized access, data breaches, or disruption of system services, ultimately compromising the security and integrity of the affected system.

Steps to mitigate:

  • Upgrade to version 2.0.1 of ruoyi-ai
  • [Apply the patch identified as 4e93ac86d4891c59ecfcd27c051de9b3c5379315]
  • [Monitor system activity for signs of unauthorized file uploads and malicious behavior
  • Restrict access to the speechToTextTranscriptionsV2/upload function to trusted users and sources.
CVE-2025-6458 7.3
Published: 2025-06-22T05:15:25.577

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Hotel Reservation System 1.0 by manipulating the "userid" argument in the /admin/execedituser.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the system's database, potentially leading to unauthorized data disclosure, modification, or deletion, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Update the Online Hotel Reservation System to the latest version
  • [patch the /admin/execedituser.php file to prevent SQL injection]
  • implement input validation and sanitization for the "userid" argument
  • use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • limit remote access to the /admin/execedituser.php file to trusted users and IP addresses.
CVE-2025-6457 7.3
Published: 2025-06-22T04:15:33.007

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Hotel Reservation System 1.0 by manipulating the "Start" argument in the /reservation/demo.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to unauthorized data access, modification, or deletion, which can compromise the security and integrity of the hotel's reservation system and customer data.

Steps to mitigate:

  • Update the Online Hotel Reservation System to a patched version
  • [Apply input validation and sanitization to the "Start" argument in demo.php
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the reservation system
  • [Use a database query parameterization technique to prevent user-input data from being executed as SQL code]
CVE-2025-6456 7.3
Published: 2025-06-22T04:15:28.673

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Hotel Reservation System 1.0 by manipulating the "Start" argument in the /reservation/order.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing physical access to the system, which can lead to data breaches, financial losses, and damage to the system's integrity.

Steps to mitigate:

  • Update the Online Hotel Reservation System to a patched version
  • [Implement input validation and sanitization for the "Start" argument in the /reservation/order.php file
  • [Use prepared statements and parameterized queries to prevent SQL injection]
  • [Limit access to the /reservation/order.php file and restrict user input
  • [Monitor system logs for suspicious activity and signs of exploitation]
CVE-2025-6455 7.3
Published: 2025-06-22T03:15:31.667

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Online Hotel Reservation System 1.0 by manipulating the "Name" argument in the /messageexec.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, meaning an attacker doesn't need direct access to the system to launch the attack, and it can lead to unauthorized data access, modification, or even deletion, compromising the security and integrity of the reservation system.

Steps to mitigate:

  • Update the Online Hotel Reservation System to a patched version
  • [Implement input validation and sanitization for the "Name" argument in the /messageexec.php file
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the system and implement secure authentication and authorization mechanisms
  • [Regularly monitor the system for suspicious activity and perform security audits to identify vulnerabilities.
CVE-2025-6453 6.3
Published: 2025-06-22T03:15:31.490

What it does:

The CVE-2025-6453 vulnerability allows an attacker to manipulate the "dirName" argument in the ForumManageAction.java file, leading to a path traversal attack, which can be launched remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and potentially modify sensitive files and directories on the server, which can lead to data breaches, malware distribution, and other malicious activities, compromising the security and integrity of the system.

Steps to mitigate:

  • Update diyhi bbs to the latest version
  • [Apply patches to the ForumManageAction.java file to validate and sanitize user input]
  • [Implement remote access restrictions and monitoring to detect potential attacks]
  • [Use a web application firewall to filter and block suspicious traffic]
CVE-2025-6452 2.4
Published: 2025-06-22T03:15:30.703

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "Patient Name/Name" argument on the "Generate New Report Page" of the CodeAstro Patient Record Management System 1.0, potentially injecting malicious code into the system.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious scripts into the system, which could lead to unauthorized access, data theft, or other malicious activities, compromising the security and integrity of patient records.

Steps to mitigate:

  • Update CodeAstro Patient Record Management System to a patched version
  • [Implement input validation and sanitization for the "Patient Name/Name" field]
  • [Restrict access to the "Generate New Report Page" to authorized personnel only]
  • [Monitor system logs for suspicious activity and signs of XSS attacks
  • Apply a web application firewall (WAF) to detect and prevent XSS attacks.
CVE-2025-6451 7.3
Published: 2025-06-22T02:15:22.983

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "transaction_id" argument in the /admin/delete_pending.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the system's database, potentially leading to data breaches, unauthorized modifications, or even complete system compromise, which can have severe consequences for the system's users and owners.

Steps to mitigate:

  • Apply a patch to fix the issue
  • Update the Simple Online Hotel Reservation System to a version that is not vulnerable
  • Implement input validation and sanitization to prevent SQL injection attacks
  • Limit remote access to the /admin/delete_pending.php file to authorized personnel only
  • Monitor system logs for suspicious activity and respond promptly to potential security incidents.
CVE-2025-6450 7.3
Published: 2025-06-22T01:15:24.470

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "transaction_id" argument in the /admin/confirm_reserve.php file, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to access, modify, or extract sensitive data from the system's database, potentially leading to unauthorized access, data breaches, or disruption of the reservation system.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [Verify user input to prevent SQL injection]
  • Implement a Web Application Firewall (WAF) to detect and block malicious traffic
  • Limit access to the /admin/confirm_reserve.php file to authorized personnel
  • Use parameterized queries or prepared statements to prevent SQL injection.
CVE-2025-6449 7.3
Published: 2025-06-22T01:15:24.283

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "transaction_id" argument in the /admin/checkout_query.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing physical access to the system, which can lead to data breaches, financial loss, and reputational damage.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [Implement input validation and sanitization for the "transaction_id" argument]
  • [Use prepared statements to prevent SQL injection
  • [Limit access to the /admin/checkout_query.php file to authorized personnel
  • [Monitor system logs for suspicious activity]
CVE-2025-52923 4.3
Published: 2025-06-22T01:15:24.097

What it does:

The CVE-2025-52923 vulnerability in Sangfor aTrust versions up to 2.4.10 allows users to modify the ExecStartPre command, which is a part of the system's startup process.

Why it's a problem:

This vulnerability is a problem because it enables users to potentially execute malicious commands or modify the system's behavior during startup, which could lead to unauthorized access, data breaches, or system compromise.

Steps to mitigate:

  • Update Sangfor aTrust to a version later than 2.4.10
  • Restrict user permissions to prevent unauthorized modifications
  • Monitor system logs for suspicious activity related to the ExecStartPre command
CVE-2025-6448 7.3
Published: 2025-06-22T00:15:25.400

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "room_id" argument in the /admin/delete_room.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access, modify, or delete sensitive data in the system's database, potentially leading to data breaches, tampering, or disruption of the reservation system, which can have serious consequences for the business and its customers.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [validate and sanitize user input to prevent SQL injection]
  • implement a Web Application Firewall (WAF) to detect and block suspicious traffic
  • [use parameterized queries or prepared statements to prevent SQL injection]
  • limit access to the /admin/delete_room.php file to authorized personnel only
  • [monitor system logs for suspicious activity and respond promptly to potential security incidents].
CVE-2025-6447 7.3
Published: 2025-06-22T00:15:25.220

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "Username" argument in the /admin/index.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to data breaches, unauthorized data modification, or even complete system compromise, which can have severe consequences for the security and integrity of the system and its data.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [Implement input validation and sanitization for the Username field]
  • [Use prepared statements to prevent SQL injection]
  • [Limit access to the /admin/index.php file to authorized personnel
  • [Monitor system logs for suspicious activity and signs of exploitation]
CVE-2025-6446 7.3
Published: 2025-06-21T23:15:24.743

What it does:

This vulnerability allows an attacker to perform a SQL injection attack by manipulating the "Username" argument in the /clientdetails/admin/index.php file of the Client Details System 1.0, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing physical access to the system, which can lead to data breaches, fraud, and other malicious activities.

Steps to mitigate:

  • Update the Client Details System to a patched version
  • [Apply input validation and sanitization to the Username field
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the /clientdetails/admin/index.php file
  • [Use a database encryption and access control mechanism to protect sensitive data]
CVE-2025-6422 6.3
Published: 2025-06-21T23:15:24.563

What it does:

This vulnerability allows an attacker to upload files without restrictions to the Campcodes Online Recruitment Management System 1.0 by manipulating the "img" argument in the /admin/ajax.php?action=save_settings file, which is part of the About Content Page component. This can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to upload malicious files, such as viruses, malware, or backdoors, to the system, potentially leading to unauthorized access, data breaches, or system compromise.

Steps to mitigate:

  • Update the Campcodes Online Recruitment Management System to a patched version if available
  • Implement file upload validation and sanitization to restrict file types and sizes
  • Limit access to the /admin/ajax.php file to authorized personnel only
  • Monitor system logs for suspicious upload activity
  • Consider using a web application firewall (WAF) to detect and prevent exploit attempts.
CVE-2025-52919 4.3
Published: 2025-06-21T23:15:24.297

What it does:

The Yealink YMCS RPS certificate upload function fails to properly validate the content of uploaded certificates, allowing potentially invalid certificates to be uploaded.

Why it's a problem:

This vulnerability is a problem because it could allow an attacker to upload a fake or malicious certificate, which could be used to intercept or manipulate sensitive data, compromising the security and trust of the system.

Steps to mitigate:

  • Update Yealink YMCS RPS to a version released after 2025-05-26
  • [Verify the validity of all existing certificates uploaded to the system]
  • [Monitor system logs for suspicious certificate upload activity]
  • [Contact Yealink support for further guidance and recommendations].
CVE-2025-52918 5.0
Published: 2025-06-21T23:15:24.157

What it does:

The Yealink YMCS system fails to block access to OpenAPI for enterprise accounts that have been frozen, allowing unauthorized users to access interfaces that should be deactivated.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to potentially sensitive areas of the system, even after the associated account has been deactivated, which can lead to data breaches, system manipulation, or other malicious activities.

Steps to mitigate:

  • Update Yealink YMCS to a version released after 2025-05-26
  • [Verify that all frozen enterprise accounts are properly blocked from accessing OpenAPI]
  • Regularly review and audit account status and access permissions to ensure they are up-to-date and aligned with organizational policies.
CVE-2025-52917 3.5
Published: 2025-06-21T23:15:24.017

What it does:

The Yealink YMCS RPS API has a vulnerability that allows it to process an unlimited number of requests without any restrictions, potentially leading to the disclosure of sensitive information through excessive requests.

Why it's a problem:

This vulnerability is a problem because it enables attackers to send a large number of requests to the API, which could result in unauthorized access to sensitive data, overload the system, or disrupt its functionality.

Steps to mitigate:

  • Update the Yealink YMCS RPS API to a version released after 2025-05-26
  • [Implement rate limiting on the API to restrict the number of requests
  • [Monitor API traffic for suspicious activity
  • [Consider implementing additional security measures such as IP blocking or authentication requirements.
CVE-2025-52916 2.2
Published: 2025-06-21T23:15:23.820

What it does:

The Yealink YMCS RPS system has a vulnerability that allows attackers to perform brute-force attempts to guess the last five digits of a serial number (SN) without any limits on the number of attempts.

Why it's a problem:

This vulnerability is a problem because it enables malicious actors to easily guess or crack the serial number through repeated attempts, potentially allowing unauthorized access to the system or its data.

Steps to mitigate:

  • Update Yealink YMCS RPS to a version released after 2025-06-04
  • [Monitor system logs for unusual activity]
  • [Implement additional security measures such as IP blocking or rate limiting to prevent brute-force attacks]
  • [Contact Yealink support for further guidance and patches].
CVE-2025-6421 7.3
Published: 2025-06-21T22:15:21.870

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "admin_id" argument in the /admin/add_account.php file, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to access, modify, or delete sensitive data in the system's database, potentially leading to unauthorized access, data breaches, or disruption of the reservation system.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [Implement input validation and sanitization for the "admin_id" argument]
  • [Use prepared statements to prevent SQL injection]
  • [Limit access to the /admin/add_account.php file to authorized personnel
  • [Monitor system logs for suspicious activity and signs of SQL injection attempts].
CVE-2025-6420 7.3
Published: 2025-06-21T22:15:21.687

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "room_type" argument in the /admin/add_room.php file, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to access, modify, or extract sensitive data from the system's database, potentially leading to unauthorized data breaches, system compromise, or other malicious activities.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [Validate and sanitize user input to prevent SQL injection]
  • Implement a Web Application Firewall (WAF) to detect and block suspicious traffic
  • Limit access to the /admin/add_room.php file to authorized personnel only
  • Regularly monitor the system for signs of malicious activity.
CVE-2025-1987 0
Published: 2025-06-21T22:15:21.510

What it does:

This vulnerability allows an attacker to inject malicious JavaScript code into a user's browser by creating a crafted vault entry with a javascript:URL in the Psono-Client, which is used in Bitdefender SecurePass. When a user interacts with this entry, the malicious code is executed, giving the attacker control over the user's browser.

Why it's a problem:

This is a problem because it enables an attacker to run arbitrary code in the victim's browser, potentially allowing them to access the user's password vault and sensitive data, compromising the user's security and privacy.

Steps to mitigate:

  • Update Psono-Client to the latest version
  • [Avoid interacting with suspicious or unknown vault entries]
  • [Use a web application firewall (WAF) to detect and block malicious JavaScript code]
  • [Disable JavaScript execution in the browser when using the Psono-Client, if possible]
  • [Monitor browser activity for suspicious behavior and report any incidents to the vendor or security team]
CVE-2025-6419 7.3
Published: 2025-06-21T21:15:24.453

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "room_type" argument in the /admin/edit_room.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data, potentially leading to data breaches, unauthorized changes to the system, and other malicious activities.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks]
  • [Implement input validation and sanitization for the "room_type" argument in the /admin/edit_room.php file
  • [Limit access to the /admin/edit_room.php file to authorized personnel only
  • [Monitor system logs for suspicious activity and signs of SQL injection attacks]
CVE-2025-6418 7.3
Published: 2025-06-21T21:15:23.713

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "Name" argument in the /admin/edit_query_account.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to access and manipulate sensitive database information, which could lead to data breaches, unauthorized account modifications, or other malicious activities, ultimately compromising the security and integrity of the system.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a patched version
  • [Implement input validation and sanitization for the "Name" argument in the /admin/edit_query_account.php file]
  • [Use prepared statements to prevent SQL injection]
  • [Limit access to the /admin/edit_query_account.php file to authorized personnel only
  • [Monitor system logs for suspicious activity and signs of exploitation]
CVE-2025-6417 6.3
Published: 2025-06-21T20:15:27.210

What it does:

The CVE-2025-6417 vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System through the "awarddetails" argument in the /admin/add-artist.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the database, potentially leading to data breaches, unauthorized modifications, or even complete system compromise.

Steps to mitigate:

  • Update PHPGurukul Art Gallery Management System to the latest version
  • [Apply input validation and sanitization to the "awarddetails" argument]
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Use parameterized queries or prepared statements to prevent SQL injection
  • [Limit access to the /admin/add-artist.php file to authorized personnel only]
CVE-2025-6416 6.3
Published: 2025-06-21T20:15:26.237

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System 1.1 by manipulating the "editid" argument in the /admin/changeimage4.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the database, potentially leading to data theft, modification, or deletion, and can be exploited remotely, making it easily accessible to malicious actors.

Steps to mitigate:

  • Update to a patched version of the PHPGurukul Art Gallery Management System]
  • [Implement input validation and sanitization for the "editid" argument]
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks]
  • [Limit remote access to the /admin/changeimage4.php file]
  • [Monitor database activity for suspicious behavior.
CVE-2025-6415 6.3
Published: 2025-06-21T19:15:22.583

What it does:

The CVE-2025-6415 vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System 1.1 by manipulating the "editid" argument in the /admin/changeimage3.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the system's database, potentially leading to data breaches, unauthorized modifications, or even taking control of the system.

Steps to mitigate:

  • Update to a patched version of PHPGurukul Art Gallery Management System
  • [Implement input validation and sanitization for the "editid" argument]
  • [Use prepared statements or parameterized queries to prevent SQL injection
  • [Limit remote access to the /admin/changeimage3.php file
  • [Monitor system logs for suspicious activity]
CVE-2025-6414 6.3
Published: 2025-06-21T19:15:22.377

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System by manipulating the "editid" argument in the /admin/changeimage2.php file, which can be done remotely.

Why it's a problem:

This is a problem because SQL injection attacks can give an attacker unauthorized access to sensitive data, allowing them to modify, delete, or extract confidential information, potentially leading to data breaches, system compromises, or other malicious activities.

Steps to mitigate:

  • Update PHPGurukul Art Gallery Management System to a patched version
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks]
  • [Implement input validation and sanitization on the "editid" argument
  • [Limit remote access to the /admin/changeimage2.php file
  • [Monitor system logs for suspicious activity and signs of SQL injection attempts].
CVE-2025-6413 6.3
Published: 2025-06-21T18:15:24.720

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System by manipulating the "editid" argument in the /admin/changeimage1.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing direct access to the system, which can lead to data breaches, unauthorized modifications, and other malicious activities.

Steps to mitigate:

  • Update PHPGurukul Art Gallery Management System to the latest version
  • [Patch the /admin/changeimage1.php file to validate and sanitize user input]
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the system and restrict user privileges to minimize potential damage]
CVE-2025-6412 6.3
Published: 2025-06-21T18:15:23.830

What it does:

The CVE-2025-6412 vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System by manipulating the "editid" argument in the /admin/changeimage.php file, potentially leading to unauthorized access and data manipulation.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, allowing them to access, modify, or extract sensitive data, which can lead to significant security breaches and data losses.

Steps to mitigate:

  • Update PHPGurukul Art Gallery Management System to a patched version
  • [Implement input validation and sanitization for the "editid" argument]
  • [Use prepared statements to prevent SQL injection]
  • [Limit access to the /admin/changeimage.php file to authorized personnel
  • [Monitor system logs for suspicious activity and potential exploitation attempts]
CVE-2025-6411 6.3
Published: 2025-06-21T17:15:23.800

What it does:

The CVE-2025-6411 vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System by manipulating the "imageid" argument in the /admin/changepropic.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the system's database, potentially leading to data breaches, unauthorized access, and other malicious activities, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Update PHPGurukul Art Gallery Management System to the latest version
  • [patch the /admin/changepropic.php file to validate and sanitize user input]
  • [implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks]
  • [limit remote access to the system and restrict user privileges to minimize potential damage].
CVE-2025-6410 6.3
Published: 2025-06-21T17:15:23.580

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System by manipulating the "editid" argument in the /admin/edit-art-medium-detail.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to access and manipulate sensitive data, potentially leading to data breaches, tampering, or even taking control of the system, which can have serious consequences for the security and integrity of the data and the system as a whole.

Steps to mitigate:

  • Update PHPGurukul Art Gallery Management System to a patched version
  • [Apply input validation and sanitization to prevent SQL injection
  • [Implement a Web Application Firewall (WAF) to detect and block malicious traffic
  • [Limit access to the /admin/edit-art-medium-detail.php file to authorized personnel only
  • [Monitor system logs for suspicious activity and respond promptly to potential security incidents].
CVE-2025-6409 7.3
Published: 2025-06-21T16:15:21.407

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Art Gallery Management System by manipulating the "email" argument in the /admin/forgot-password.php file, potentially giving them unauthorized access to the system's database.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to access sensitive data, modify database records, or even take control of the entire system, which can lead to data breaches, system compromise, and other security threats.

Steps to mitigate:

  • Update PHPGurukul Art Gallery Management System to a version that fixes this vulnerability
  • [use a web application firewall (WAF) to detect and prevent SQL injection attacks]
  • implement input validation and sanitization on the "email" argument in the /admin/forgot-password.php file
  • limit database privileges to the minimum required for the application
  • monitor system logs for suspicious activity.
CVE-2025-6408 7.3
Published: 2025-06-21T15:15:21.397

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Campcodes Online Hospital Management System by manipulating the "searchdata" argument in the /doctor/search.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive hospital data without needing physical access to the system, which could lead to data breaches, unauthorized changes to medical records, and other serious security issues.

Steps to mitigate:

  • Update Campcodes Online Hospital Management System to the latest version
  • [Apply patches to fix the SQL injection vulnerability in the /doctor/search.php file]
  • [Implement input validation and sanitization to prevent malicious data from being injected into the database]
  • [Use a Web Application Firewall (WAF) to detect and block potential SQL injection attacks
  • [Limit remote access to the system and implement strict access controls to reduce the risk of exploitation].
CVE-2025-6407 7.3
Published: 2025-06-21T15:15:21.213

What it does:

This vulnerability allows an attacker to perform a SQL injection attack by manipulating the "Username" argument in the /user-login.php file of the Campcodes Online Hospital Management System 1.0, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious SQL code, which can lead to data breaches, unauthorized data modification, or even complete system compromise, posing a significant risk to the confidentiality, integrity, and availability of the hospital's data.

Steps to mitigate:

  • Update to a patched version of the Campcodes Online Hospital Management System
  • [Implement input validation and sanitization on the Username field]
  • [Use prepared statements or parameterized queries to prevent SQL injection]
  • [Limit database privileges to the minimum required for the application
  • [Monitor system logs for suspicious activity and implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks].
CVE-2025-6406 7.3
Published: 2025-06-21T14:15:19.777

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Campcodes Online Hospital Management System by manipulating the "fullname" argument in the forgot-password.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to unauthorized data access, modification, or deletion, which could compromise patient confidentiality and the overall integrity of the hospital management system.

Steps to mitigate:

  • Update the Campcodes Online Hospital Management System to the latest version
  • [patch the vulnerability in the forgot-password.php file]
  • Implement input validation and sanitization to prevent SQL injection
  • [use a Web Application Firewall (WAF) to detect and block malicious traffic]
  • Limit remote access to the system and monitor for suspicious activity.
CVE-2025-6405 7.3
Published: 2025-06-21T14:15:19.557

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Campcodes Online Teacher Record Management System 1.0 by manipulating the "editid" argument in the /admin/edit-teacher-detail.php file, which can be done remotely.

Why it's a problem:

This is a problem because SQL injection attacks can give an attacker unauthorized access to sensitive data, allowing them to modify, delete, or extract confidential information, potentially leading to data breaches, system compromise, or other malicious activities.

Steps to mitigate:

  • Update the Campcodes Online Teacher Record Management System to a patched version
  • [Implement input validation and sanitization for the "editid" argument]
  • [Use parameterized queries or prepared statements to prevent SQL injection]
  • [Limit access to the /admin/edit-teacher-detail.php file to authorized personnel
  • [Monitor system logs for suspicious activity and signs of SQL injection attempts].
CVE-2025-3629 4.3
Published: 2025-06-21T13:15:21.993

What it does:

The CVE-2025-3629 vulnerability in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 allows an authenticated user to delete comments made by other users, due to a flaw in managing ownership of user comments.

Why it's a problem:

This vulnerability is a problem because it can lead to the loss of important information and data integrity, as users may unintentionally or maliciously delete comments that are crucial for collaboration, decision-making, or auditing purposes.

Steps to mitigate:

  • Update IBM InfoSphere Information Server to a version later than 11.7.1.6
  • [Apply security patches provided by IBM]
  • Restrict user permissions to prevent unauthorized comment deletion
  • Monitor user activity and comment history to detect potential misuse.
CVE-2025-3221 7.5
Published: 2025-06-21T13:15:21.850

What it does:

This vulnerability allows a remote attacker to cause a denial of service in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 by sending malicious incoming requests that are not properly validated.

Why it's a problem:

This vulnerability is a problem because it enables attackers to disrupt the normal functioning of the IBM InfoSphere Information Server, making it unavailable to users and potentially causing significant disruptions to business operations.

Steps to mitigate:

  • Update IBM InfoSphere Information Server to a version later than 11.7.1.6
  • [apply the patch provided by IBM]
  • [implement network traffic filtering to block suspicious incoming requests]
  • [monitor server logs for signs of denial of service attacks]
  • contact IBM support for additional guidance and recommendations.
CVE-2025-36016 6.8
Published: 2025-06-21T13:15:20.913

What it does:

This vulnerability allows a remote attacker to conduct phishing attacks using an open redirect attack, where a victim is redirected to a malicious website that appears to be trusted, after visiting a specially crafted website.

Why it's a problem:

This vulnerability is a problem because it enables attackers to trick victims into revealing highly sensitive information or conducting further attacks, by making the malicious website appear as if it is a trusted IBM Process Mining website.

Steps to mitigate:

  • Update IBM Process Mining to the latest version
  • [Verify URLs before clicking on them to ensure they are legitimate]
  • [Implement phishing-resistant authentication mechanisms, such as multi-factor authentication]
  • [Educate users about the risks of phishing attacks and how to identify suspicious websites]
CVE-2025-6404 7.3
Published: 2025-06-21T12:15:19.313

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Campcodes Online Teacher Record Management System 1.0 through the "searchdata" argument in the /admin/search.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This SQL injection vulnerability is a problem because it can be exploited remotely, allowing attackers to access, modify, or delete sensitive data, disrupt system operations, or even take control of the entire system, compromising the security and integrity of the data and the system.

Steps to mitigate:

  • Update to a patched version of the Campcodes Online Teacher Record Management System
  • [Implement input validation and sanitization on the "searchdata" argument
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the /admin/search.php file
  • [Monitor system logs for suspicious activity and signs of exploitation.
CVE-2025-5289 6.4
Published: 2025-06-21T11:15:35.240

What it does:

The 3D FlipBook plugin for WordPress allows attackers to inject arbitrary web scripts into pages due to insufficient input sanitization and output escaping in the 'style' and 'mode' parameters, which can execute when a user accesses the injected page.

Why it's a problem:

This vulnerability is a problem because it enables authenticated attackers with Contributor-level access or higher to perform Stored Cross-Site Scripting attacks, potentially leading to unauthorized actions, data theft, or malicious activities on the affected website.

Steps to mitigate:

  • Update the 3D FlipBook plugin to a version higher than 1.16.15
  • [Limit Contributor-level access to trusted users
  • [Monitor website activity for suspicious script injections
  • [Use a web application firewall (WAF) to detect and prevent XSS attacks]
CVE-2025-6403 7.3
Published: 2025-06-21T10:15:22.360

What it does:

The CVE-2025-6403 vulnerability allows an attacker to inject malicious SQL code into the School Fees Payment System 1.0 by manipulating the "ID" argument in the /student.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to data breaches, unauthorized data modification, or even complete system compromise, which can have severe consequences for the affected organization and its users.

Steps to mitigate:

  • Update the School Fees Payment System to a patched version
  • [Implement input validation and sanitization for the "ID" argument in the /student.php file
  • [Use prepared statements or parameterized queries to prevent SQL injection
  • [Limit access to the /student.php file and restrict remote access to authorized users only
  • [Monitor system logs for suspicious activity and implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks].
CVE-2025-6402 8.8
Published: 2025-06-21T09:15:22.193

What it does:

This vulnerability allows an attacker to cause a buffer overflow in the TOTOLINK X15 router by manipulating the "submit-url" argument in an HTTP POST request to the /boafrm/formIpv6Setup file, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing an attacker to potentially gain control of the router, disrupt its functionality, or use it as a launching point for further attacks on the network, posing a significant risk to the security and integrity of the affected system.

Steps to mitigate:

  • Update the TOTOLINK X15 firmware to the latest version
  • [Disable remote management access to the router until a patch is available]
  • Implement network segmentation to limit the spread of potential attacks
  • Monitor network traffic for suspicious activity
  • Change default passwords and credentials to prevent unauthorized access.
CVE-2025-6401 3.5
Published: 2025-06-21T07:15:23.197

What it does:

The CVE-2025-6401 vulnerability allows an attacker to manipulate the "url" argument in the HTTP POST message handler of the TOTOLINK N300RH router, specifically in the /boafrm/formFilter component, which can lead to a denial of service.

Why it's a problem:

This vulnerability is a problem because it can be exploited to disrupt the normal functioning of the router, making it unavailable for legitimate users and potentially causing network downtime, which can have significant consequences for individuals and organizations relying on the affected router for internet access.

Steps to mitigate:

  • Update the TOTOLINK N300RH firmware to the latest version
  • [Disable remote management access to the router until a patch is available]
  • Implement network segmentation to limit the impact of a denial of service attack
  • [Monitor network traffic for suspicious activity and have a backup plan in place in case of an attack].
CVE-2025-5143 6.4
Published: 2025-06-21T07:15:22.110

What it does:

The TableOn WordPress Posts Table Filterable plugin has a vulnerability that allows attackers to inject malicious scripts into website pages using a specific shortcode, due to poor input validation and escaping of user-supplied attributes.

Why it's a problem:

This vulnerability is a problem because it enables authenticated attackers with contributor-level access or higher to execute arbitrary web scripts on pages, potentially leading to unauthorized actions, data theft, or malware distribution whenever a user visits the compromised page.

Steps to mitigate:

  • Update the TableOn WordPress Posts Table Filterable plugin to a version above 1.0.4.1
  • [Restrict contributor-level access to trusted users only]
  • [Monitor website pages for suspicious script injections]
  • [Implement a Web Application Firewall (WAF) to detect and prevent cross-site scripting attacks]
CVE-2025-6400 8.8
Published: 2025-06-21T06:15:19.577

What it does:

This vulnerability allows an attacker to overflow a buffer in the TOTOLINK N300RH router by manipulating the "service_type" argument in an HTTP POST message, potentially giving them control over the device.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, meaning an attacker doesn't need physical access to the router to launch an attack. The fact that the exploit has been publicly disclosed also increases the risk, as malicious actors can use the available information to launch attacks.

Steps to mitigate:

  • Update the TOTOLINK N300RH firmware to a version later than 6.1c.1390_B20191101
  • [Apply firewall rules to restrict access to the router's HTTP interface]
  • Change default passwords and credentials for the router
  • [Monitor network traffic for signs of unusual activity]
  • Consider replacing the router if an update is not available.
CVE-2025-5034 0
Published: 2025-06-21T06:15:18.363

What it does:

The wp-file-download WordPress plugin, versions before 6.2.6, fails to properly clean and secure a parameter before displaying it on a webpage, allowing for a Reflected Cross-Site Scripting (XSS) attack.

Why it's a problem:

This vulnerability is a problem because it enables attackers to inject malicious scripts into websites, potentially stealing user data, taking control of user sessions, or performing other harmful actions, which can compromise the security and integrity of the website and its users.

Steps to mitigate:

  • Update the wp-file-download WordPress plugin to version 6.2.6 or later
  • Regularly check for and install updates for all WordPress plugins
  • Implement a Web Application Firewall (WAF) to detect and prevent XSS attacks
  • Use a security plugin to scan for vulnerabilities and malware on the WordPress site.
CVE-2025-6399 8.8
Published: 2025-06-21T04:15:23.140

What it does:

This vulnerability allows an attacker to cause a buffer overflow in the TOTOLINK X15 router by manipulating the "submit-url" argument in an HTTP POST request to the /boafrm/formIPv6Addr file, potentially enabling remote code execution.

Why it's a problem:

This is a problem because it can be exploited remotely, meaning an attacker doesn't need physical access to the device to launch the attack, and the exploit has been publicly disclosed, making it easier for malicious actors to use it, which could lead to unauthorized access, data theft, or device takeover.

Steps to mitigate:

  • Update the TOTOLINK X15 firmware to the latest version
  • Change the default settings and passwords of the router
  • Limit remote access to the router's administration interface
  • Use a firewall to restrict incoming traffic to the router
  • Monitor the device for suspicious activity.
CVE-2025-52552 0
Published: 2025-06-21T03:15:24.990

What it does:

The LastRoute Parameter on the FastGPT login page is vulnerable to open redirect and DOM-based XSS attacks, allowing attackers to execute malicious JavaScript or redirect users to attacker-controlled sites due to improper validation and lack of sanitization.

Why it's a problem:

This vulnerability is a problem because it enables attackers to trick users into revealing sensitive information, execute malicious code, or redirect them to phishing sites, potentially leading to data breaches, financial loss, or other malicious activities.

Steps to mitigate:

  • Update FastGPT to version 4.9.12 or later
  • Validate and sanitize user input on the login page
  • Implement additional security measures to detect and prevent open redirect and XSS attacks.
CVE-2025-52488 8.6
Published: 2025-06-21T03:15:24.817

What it does:

The CVE-2025-52488 vulnerability in DNN (formerly DotNetNuke) allows a specially crafted series of malicious interactions to potentially expose NTLM hashes to a third-party SMB server, affecting versions 6.0.0 to before 10.0.1.

Why it's a problem:

This vulnerability is a problem because it could allow unauthorized access to sensitive information, specifically NTLM hashes, which can be used to gain access to the network and potentially lead to further malicious activities.

Steps to mitigate:

  • Update DNN to version 10.0.1 or later
  • Ensure all instances of DNN are patched and up-to-date
  • Limit access to the DNN platform to trusted users and networks to reduce the risk of malicious interactions.
CVE-2025-52487 0
Published: 2025-06-21T03:15:24.667

What it does:

This vulnerability allows a specially crafted request to bypass the login IP filters in DNN (DotNetNuke) content management platform, enabling login attempts from IP addresses that are not on the allowed list.

Why it's a problem:

This vulnerability is a problem because it could allow unauthorized access to the platform from restricted IP addresses, potentially leading to security breaches, data theft, or other malicious activities.

Steps to mitigate:

  • Update DNN to version 10.0.1 or later
  • Review and monitor login attempts for suspicious activity
  • Implement additional security measures, such as multi-factor authentication, to prevent unauthorized access.
CVE-2025-52486 0
Published: 2025-06-21T03:15:24.507

What it does:

The CVE-2025-52486 vulnerability allows specially crafted content in URLs to bypass proper sanitization by certain SkinObjects in the DNN web content management platform, potentially leading to unauthorized actions through the TokenReplace feature.

Why it's a problem:

This vulnerability is a problem because it could enable attackers to inject malicious content or code into the platform, potentially compromising the security and integrity of the website, its data, and its users.

Steps to mitigate:

  • Update DNN to version 10.0.1 or later
  • [Verify that all SkinObjects are properly configured to sanitize user-inputted content]
  • [Monitor website traffic and logs for signs of malicious activity related to this vulnerability]
CVE-2025-52485 0
Published: 2025-06-21T03:15:23.767

What it does:

This vulnerability allows an attacker to inject scripts into the Activity Feed Attachments endpoint of the DNN web content management platform, which can then be rendered in the feed, potentially leading to unauthorized code execution.

Why it's a problem:

This vulnerability is a problem because it enables attackers to inject malicious scripts, potentially allowing them to steal user data, take control of user accounts, or perform other malicious actions, compromising the security and integrity of the platform.

Steps to mitigate:

  • Update DNN to version 10.0.1 or later
  • Avoid using affected versions of DNN (6.0.0 to before 10.0.1)
  • Monitor Activity Feed Attachments for suspicious activity and script injections.
CVE-2025-6394 7.3
Published: 2025-06-21T02:15:20.247

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Simple Online Hotel Reservation System 1.0 by manipulating the "firstname" argument in the /add_reserve.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing physical access to the system, and since the exploit has been made public, it's likely that malicious actors will attempt to use it.

Steps to mitigate:

  • Update the Simple Online Hotel Reservation System to a version where this vulnerability is patched
  • [Implement input validation and sanitization for all user-supplied data, especially for the "firstname" field
  • [Use prepared statements and parameterized queries to prevent SQL injection
  • [Limit access to the /add_reserve.php file and restrict user input
  • [Monitor system logs for suspicious activity and signs of exploitation.
CVE-2025-52557 0
Published: 2025-06-21T02:15:20.107

What it does:

This vulnerability allows an attacker to craft a malicious email that executes JavaScript code, potentially leading to session hijacking, due to improper sanitization in Mail-0's Zero email solution version 0.8.

Why it's a problem:

This vulnerability is a problem because it enables attackers to gain unauthorized access to user sessions, which can result in sensitive information theft, account takeover, and other malicious activities.

Steps to mitigate:

  • Update Mail-0's Zero to version 0.81 or later
  • [Avoid clicking on suspicious links or executing unknown scripts in emails]
  • Implement additional security measures such as email content scanning and filtering to detect and block malicious emails.
CVE-2025-52556 0
Published: 2025-06-21T02:15:19.947

What it does:

The CVE-2025-52556 vulnerability is a flaw in the rfc3161-client Python library that fails to properly verify the signature of timestamp responses, allowing an attacker to introduce a fake signature as long as it chains up to a trusted root.

Why it's a problem:

This vulnerability is a problem because it enables attackers to manipulate timestamp responses, potentially allowing them to fake the timing of events or documents, which can have serious consequences in applications that rely on trusted timestamps, such as digital signatures and document authentication.

Steps to mitigate:

  • Update the rfc3161-client library to version 1.0.3 or later
  • Verify that all dependent applications and systems are using the updated library
  • Monitor for any potential exploits or suspicious activity related to timestamp responses.
CVE-2025-6393 8.8
Published: 2025-06-21T01:15:29.650

What it does:

This vulnerability allows an attacker to overflow a buffer in the TOTOLINK router's HTTP POST Request Handler by manipulating the "submit-url" argument in the /boafrm/formIPv6Addr file, potentially leading to remote code execution.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing an attacker to gain control of the affected router without physical access, which could lead to unauthorized access to the network, data theft, or other malicious activities.

Steps to mitigate:

  • Update the router's firmware to the latest version available
  • [apply patches or fixes provided by the manufacturer if available]
  • change the default settings and passwords of the router to prevent unauthorized access
  • limit access to the router's administration interface from the internet
  • monitor network traffic for suspicious activity.
CVE-2025-6375 3.3
Published: 2025-06-21T01:15:29.463

What it does:

The CVE-2025-6375 vulnerability is a null pointer dereference issue in the MultipartInputStream function of the POCO library, specifically in the Net/src/MultipartReader.cpp file, which can be exploited locally.

Why it's a problem:

This vulnerability is a problem because it allows an attacker to manipulate the function, leading to a null pointer dereference, which can cause the program to crash or potentially execute arbitrary code, compromising the security of the system.

Steps to mitigate:

  • Upgrade to POCO version 1.14.2
  • Apply the patch identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf
  • Replace the affected component with a patched version to prevent exploitation of this vulnerability.
CVE-2025-6374 8.8
Published: 2025-06-21T01:15:29.257

What it does:

This vulnerability allows an attacker to cause a stack-based buffer overflow in the D-Link DIR-619L router by manipulating the "curTime" argument in the formSetACLFilter function, potentially leading to remote code execution.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to gain control over the affected router, which could lead to unauthorized access to the network, data theft, or other malicious activities, especially since the exploit has been publicly disclosed.

Steps to mitigate:

  • Discontinue use of unsupported D-Link DIR-619L routers
  • Upgrade to a supported router model
  • Apply network segmentation to limit the potential damage from a compromised router
  • Monitor network traffic for suspicious activity
  • Consider replacing the router with a model from a manufacturer that still provides security updates and support.
CVE-2025-6218 0
Published: 2025-06-21T01:15:29.123

What it does:

The CVE-2025-6218 vulnerability allows attackers to execute arbitrary code on computers with affected RARLAB WinRAR installations by tricking users into visiting malicious websites or opening malicious files, which can lead to unauthorized access and code execution.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to gain control over a user's system, potentially leading to data theft, malware installation, or other malicious activities, all of which can occur in the context of the current user's permissions.

Steps to mitigate:

  • Avoid opening suspicious archive files or links]
  • [Ensure RARLAB WinRAR is updated to the latest version]
  • [Use alternative archive software until a patch is available
  • [Be cautious when visiting unfamiliar websites]
  • [Use security software to scan files and systems for potential threats.
CVE-2025-6217 0
Published: 2025-06-21T01:15:28.990

What it does:

This vulnerability, found in the PEAK-System Driver, allows a local attacker to access sensitive information on the system by exploiting a flaw in the handling of the PCANFD_ADD_FILTERS IOCTL, which lacks proper locking mechanisms.

Why it's a problem:

This vulnerability is a problem because it can be used by an attacker to disclose sensitive information and potentially execute arbitrary code in the context of the kernel, which could lead to a complete system compromise, especially when combined with other vulnerabilities.

Steps to mitigate:

  • Update the PEAK-System Driver to the latest version
  • [apply security patches as soon as they become available]
  • restrict access to the system to prevent low-privileged code execution
  • [monitor system activity for signs of exploitation]
  • implement kernel-level security measures to prevent arbitrary code execution.
CVE-2025-6216 0
Published: 2025-06-21T01:15:28.860

What it does:

This vulnerability allows remote attackers to bypass authentication on Allegra installations by exploiting a flaw in the password recovery mechanism, which relies on a predictable value to generate password reset tokens.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to Allegra, allowing attackers to bypass security measures without requiring any authentication, which can lead to unauthorized data access, modification, or other malicious activities.

Steps to mitigate:

  • Update Allegra to the latest version
  • [Apply security patches from the vendor]
  • Implement additional authentication measures, such as two-factor authentication, to reduce reliance on password-based authentication
  • Monitor system logs for suspicious activity
  • Limit access to Allegra from trusted IP addresses or networks.
CVE-2025-5820 0
Published: 2025-06-21T01:15:28.723

What it does:

This vulnerability allows attackers to bypass authentication on Sony XAV-AX8500 devices using Bluetooth, giving them unauthorized access to the system without requiring any authentication credentials.

Why it's a problem:

This vulnerability is a problem because it enables network-adjacent attackers to gain access to the device without permission, potentially allowing them to steal sensitive information, disrupt system functionality, or take control of the device.

Steps to mitigate:

  • Update Sony XAV-AX8500 device software to the latest version
  • [Disable Bluetooth when not in use]
  • Implement network segmentation to limit access to the device
  • [Contact Sony support for additional guidance and patches].
CVE-2025-5479 0
Published: 2025-06-21T01:15:28.593

What it does:

This vulnerability allows an attacker to execute arbitrary code on Sony XAV-AX8500 devices by exploiting a heap-based buffer overflow in the Bluetooth AVCTP protocol, which occurs when a malicious Bluetooth device is paired with the target system.

Why it's a problem:

This vulnerability is a problem because it enables network-adjacent attackers to gain control over affected devices, potentially leading to unauthorized access, data theft, or other malicious activities, by exploiting the lack of proper validation of user-supplied data.

Steps to mitigate:

  • Update Sony XAV-AX8500 device software to the latest version
  • [Disable Bluetooth connectivity when not in use]
  • [Use strong authentication and authorization mechanisms to prevent unauthorized Bluetooth device pairing]
  • [Monitor device activity for suspicious behavior and take prompt action if an incident occurs]
CVE-2025-5478 0
Published: 2025-06-21T01:15:28.457

What it does:

This vulnerability allows an attacker to execute arbitrary code on Sony XAV-AX8500 devices by exploiting an integer overflow in the Bluetooth SDP protocol, which occurs due to the lack of proper validation of user-supplied data.

Why it's a problem:

This vulnerability is a problem because it enables network-adjacent attackers to gain control over the device without requiring authentication, potentially leading to unauthorized access and malicious activities, all executed with root-level privileges.

Steps to mitigate:

  • Update Sony XAV-AX8500 device software to the latest version
  • [Disable Bluetooth connectivity when not in use]
  • [Implement network segmentation to limit device exposure]
  • [Monitor device activity for suspicious behavior]
CVE-2025-5477 0
Published: 2025-06-21T01:15:28.330

What it does:

This vulnerability allows an attacker to execute arbitrary code on Sony XAV-AX8500 devices by exploiting a heap-based buffer overflow in the Bluetooth L2CAP protocol, which occurs when a malicious Bluetooth device is paired with the target system.

Why it's a problem:

This vulnerability is a problem because it enables network-adjacent attackers to gain control over affected devices, potentially leading to unauthorized access, data theft, or other malicious activities, by exploiting the lack of proper validation of user-supplied data.

Steps to mitigate:

  • Update Sony XAV-AX8500 device software to the latest version
  • [Avoid pairing devices with unknown or untrusted Bluetooth devices]
  • [Implement network segmentation to limit the spread of potential attacks]
  • [Monitor device behavior for signs of unauthorized access or malicious activity]
CVE-2025-5476 0
Published: 2025-06-21T01:15:28.193

What it does:

The CVE-2025-5476 vulnerability allows an attacker to bypass authentication on Sony XAV-AX8500 devices with Bluetooth capabilities, without requiring any authentication, by exploiting a flaw in the implementation of ACL-U links due to the lack of L2CAP channel isolation.

Why it's a problem:

This vulnerability is a problem because it enables network-adjacent attackers to access the device without authorization, potentially leading to unauthorized control, data theft, or other malicious activities, compromising the security and integrity of the device.

Steps to mitigate:

  • Update Sony XAV-AX8500 device software to the latest version
  • [Disable Bluetooth when not in use]
  • Implement network segmentation to limit access to the device
  • Use a firewall to restrict incoming connections
  • Monitor device activity for suspicious behavior.
CVE-2025-5475 0
Published: 2025-06-21T01:15:28.037

What it does:

The CVE-2025-5475 vulnerability allows an attacker to execute arbitrary code on Sony XAV-AX8500 devices by sending malicious Bluetooth packets, which can cause an integer overflow and enable remote code execution.

Why it's a problem:

This vulnerability is a problem because it enables network-adjacent attackers to take control of affected devices, potentially leading to unauthorized access, data theft, or other malicious activities, by exploiting the lack of proper validation of user-supplied Bluetooth data.

Steps to mitigate:

  • Update Sony XAV-AX8500 device software to the latest version
  • [Disable Bluetooth when not in use to prevent unauthorized pairing]
  • [Use a firewall or network segmentation to limit network-adjacent attacker access]
  • [Monitor device behavior for signs of unauthorized access or malicious activity]
CVE-2025-6373 8.8
Published: 2025-06-21T00:15:22.420

What it does:

This vulnerability allows an attacker to cause a stack-based buffer overflow in the D-Link DIR-619L router by manipulating the "curTime" argument in the formSetWizard1 function, which can be initiated remotely.

Why it's a problem:

This is a problem because it can be exploited by attackers to potentially execute arbitrary code, gain unauthorized access, or crash the system, leading to a loss of security and control over the affected device, with a severity score of 8.8 indicating a critical level of risk.

Steps to mitigate:

  • Check for alternative supported devices
  • [Upgrade to a supported version of the D-Link router, if available]
  • [Disable remote access to the router until a patch is available]
  • [Replace the device with a currently supported model
  • [Contact the vendor for any available patches or guidance].
CVE-2025-6372 8.8
Published: 2025-06-20T23:15:20.077

What it does:

This vulnerability allows an attacker to cause a stack-based buffer overflow in the D-Link DIR-619L router by manipulating the "curTime" argument in the "formSetWizard1" function, which can be done remotely.

Why it's a problem:

This is a problem because it can be exploited by attackers to potentially execute arbitrary code, gain unauthorized access, or disrupt the normal functioning of the affected device, and since the exploit has been publicly disclosed, it's likely that malicious actors may try to take advantage of it.

Steps to mitigate:

  • Check for alternative supported devices or firmware
  • [Upgrade to a supported version of the device or firmware if available]
  • Disable remote access to the device until a patch is available
  • Replace the device with a newer model that is still supported by the manufacturer.
CVE-2025-6371 8.8
Published: 2025-06-20T23:15:19.050

What it does:

This vulnerability allows an attacker to exploit a stack-based buffer overflow in the D-Link DIR-619L router's formSetEnableWizard function by manipulating the curTime argument, potentially leading to remote code execution.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to gain unauthorized access to the router and potentially compromise the entire network, leading to data theft, malware distribution, or other malicious activities.

Steps to mitigate:

  • Upgrade to a supported version of the D-Link DIR-619L firmware if available
  • Replace the router with a newer model that is still supported by the manufacturer
  • Disable remote access to the router until a patch or replacement can be implemented
  • Monitor network traffic for suspicious activity and keep antivirus software up to date.
CVE-2025-6370 8.8
Published: 2025-06-20T22:15:19.800

What it does:

This vulnerability allows an attacker to overflow a buffer on the stack by manipulating the "curTime" argument in the "formWlanGuestSetup" function of certain D-Link DIR-619L routers, potentially enabling remote code execution.

Why it's a problem:

This is a critical issue because it can be exploited remotely, meaning an attacker doesn't need physical access to the device to launch the attack. Since the exploit has been publicly disclosed, malicious actors may use it to compromise vulnerable routers, potentially leading to unauthorized access, data theft, or other malicious activities.

Steps to mitigate:

  • Check if your D-Link DIR-619L router is running version 2.06B01 and is no longer supported by the manufacturer
  • Upgrade to a supported version of the router or a different model that is still receiving security updates
  • Implement network segmentation to isolate vulnerable devices from the rest of your network
  • Monitor your network for suspicious activity and consider replacing the affected device with a newer, supported model.
CVE-2025-6369 8.8
Published: 2025-06-20T22:15:19.613

What it does:

This vulnerability allows an attacker to exploit a stack-based buffer overflow in the D-Link DIR-619L router's formdumpeasysetup function by manipulating a specific argument, potentially allowing remote code execution.

Why it's a problem:

This is a critical issue because it can be exploited remotely, meaning an attacker doesn't need physical access to the router to launch the attack, and it may allow them to gain control over the device, compromising the security of the network and potentially leading to data theft or other malicious activities.

Steps to mitigate:

  • Upgrade to a supported D-Link router model
  • [disable remote access to the vulnerable router if it cannot be upgraded]
  • limit network access to the vulnerable device to minimize potential damage
  • [consider replacing the router with a newer model that receives regular security updates].