Latest CVE Feed
-
5.9
MEDIUMCVE-2025-11380
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everest_process_status' AJAX action in all versions up to, and inc... Read more
Affected Products : everest_backup- Published: Oct. 11, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
6.2
MEDIUMCVE-2025-54654
Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality... Read more
Affected Products : harmonyos- Published: Oct. 11, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2025-31718
In modem, there is a possible system crash due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed.... Read more
Affected Products :- Published: Oct. 11, 2025
- Modified: Oct. 15, 2025
- Vuln Type: Denial of Service
-
9.8
CRITICALCVE-2025-31717
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.... Read more
Affected Products :- Published: Oct. 11, 2025
- Modified: Oct. 15, 2025
- Vuln Type: Denial of Service
-
8.8
HIGHCVE-2025-11590
A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing manipulation of the argument ename can lead to sql injection. It is possibl... Read more
Affected Products : gym_management_system- Published: Oct. 11, 2025
- Modified: Oct. 20, 2025
- Vuln Type: Injection