- CVE-2025-3441 - CVE-2022-1234: Adobe Flash Type Confusion Vulnerability
- CVE-2025-37088 - HPE Cray Data Virtualization Service (DVS) Authentication Bypass Vulnerability
- CVE-2025-27087 - Cray Operating System (COS) Kernel Local Denial of Service (DoS)
- CVE-2025-32965 - XRP Ledger Malicious Code Exfiltration in xrpl.js
- CVE-2025-37087 - HPE Performance Cluster Manager (HPCM) Arbitrary File Access Vulnerability
- CVE-2025-29743 - D-Link DIR-816 Command Injection Vulnerability
- CVE-2025-26159 - Laravel Starter XSS in Tag Name Field
- CVE-2025-29621 - RosarioSIS Content Spoofing Vulnerability
- CVE-2025-31327 - SAP Field Logistics Manage Logistics Data Tampering Vulnerability
- CVE-2025-31328 - SAP Learning Solution CSRF Vulnerability
- CVE-2024-53568 - Volmarg Personal Management System Stored XSS
- CVE-2024-53569 - Volmarg Personal Management System Stored XSS
- CVE-2025-23253 - NVIDIA NvContainer OpenSSL Hard-Coded Constant DLL Injection Vulnerability
- CVE-2025-43948 - Codemers KLIMS Python Code Injection Vulnerability
- CVE-2025-43949 - MuM MapEdit SQL Injection Vulnerability
- CVE-2025-43950 - "Microsoft DPMAdirektPro DLL Hijacking Privilege Escalation Vulnerability"
- CVE-2025-43951 - LabVantage Local File Inclusion Vulnerability
- CVE-2025-43952 - Mettler Toledo FreeWeight.Net Web Reports Viewer Cross-Site Scripting (XSS)
- CVE-2025-43947 - Codemers KLIMS Privilege Escalation Vulnerability
- CVE-2025-43946 - TCPWave DDI Remote Code Execution Vulnerability
- CVE-2025-32959 - CUBA Platform Denial of Service File Upload Vulnerability
- CVE-2025-32960 - CUBA REST API Cross-Site Scripting (XSS)
- CVE-2025-32961 - Cuba JPA Cross-Site Scripting (XSS)
- CVE-2025-32963 - MinIO Operator STS Unauthenticated Kubernetes API Server Impersonation Vulnerability
- CVE-2025-32964 - ManageWiki Extension Privilege Escalation Vulnerability
- CVE-2025-32952 - Jmix File Size Limitation Dos
- CVE-2025-28029 - TOTOLINK Buffer Overflow Vulnerability
- CVE-2025-28036 - TOTOLINK A950RG Remote Command Execution Vulnerability
- CVE-2025-28035 - TOTOLINK A830R Remote Command Execution Vulnerability
- CVE-2025-28038 - TOTOLINK EX1200T Remote Command Execution Vulnerability
- CVE-2025-28039 - TOTOLINK EX1200T Remote Command Execution Vulnerability
- CVE-2025-32788 - OctoPrint Authentication Bypass
- CVE-2025-32950 - Jmix File Path Traversal Vulnerability
- CVE-2025-32951 - Jmix HTML Injection Vulnerability
- CVE-2023-44753 - Student Management System Stored Cross-Site Scripting Vulnerability
- CVE-2023-44755 - Sacco Management System SQL Injection
- CVE-2025-28026 - TOTOLINK Router Buffer Overflow Vulnerability
- CVE-2025-28027 - TOTOLINK Router Buffer Overflow Vulnerability
- CVE-2025-28030 - TOTOLINK A810R Stack Overflow Vulnerability
- CVE-2025-28031 - TOTOLINK A810R Hardcoded Telnet Password
- CVE-2025-28037 - TOTOLINK A810R/A950RG Remote Command Execution
- CVE-2025-3767 - Centreon BAM SQL Injection Vulnerability
- CVE-2024-33452 - OpenResty Lua-Nginx Module HTTP Request Smuggling Vulnerability
- CVE-2025-23249 - NVIDIA NeMo Framework Remote Code Execution (RCE)
- CVE-2025-23250 - NVIDIA NeMo Framework Arbitrary File Write Code Execution Vulnerability
- CVE-2025-23251 - NVIDIA NeMo Framework Code Generation Remote Code Execution Vulnerability
- CVE-2025-28024 - TOTOLINK A810R Buffer Overflow Vulnerability
- CVE-2025-29547 - Rollback Rx Professional Null Pointer Dereference Denial of Service Vulnerability
- CVE-2025-28033 - Totolink Router Pre-Auth Buffer Overflow Vulnerability
- CVE-2025-28034 - TOTOLINK Router Pre-Auth Remote Command Execution Vulnerability
- CVE-2025-28032 - TOTOLINK Router Pre-Auth Buffer Overflow Vulnerability
- CVE-2024-40445 - Forkosh Mime Tex Directory Traversal Arbitrary Code Execution
- CVE-2024-40446 - Forkosh Mime Tex Script Injection Vulnerability
- CVE-2024-46546 - NEXTU FLETA AX1500 WIFI6 Router Stack Overflow Denial of Service
- CVE-2025-23175 - Apache Struts Cross-Site Scripting Vulnerability
- CVE-2025-3457 - WordPress Ocean Extra Stored Cross-Site Scripting Vulnerability
- CVE-2025-3458 - WordPress Ocean Extra Stored Cross-Site Scripting Vulnerability
- CVE-2025-3472 - WooCommerce Ocean Extra Plugin Shortcode Injection Vulnerability
- CVE-2025-2092 - Checkmk GmbH Checkmk Log File Information Disclosure
- CVE-2024-11299 - Memberpress WordPress Sensitive Information Exposure
- CVE-2025-46254 - Visual Composer Cross-Site Scripting (XSS)
- CVE-2025-46253 - Ataur GutenKit Stored Cross-site Scripting (XSS)
- CVE-2025-46249 - Elementor Simple Calendar CSRF
- CVE-2025-46250 - Vikas Ratudi VForm Cross-site Scripting
- CVE-2025-46251 - VikRestaurants Table Reservations and Take-Away CSRF
- CVE-2025-46252 - Contact Form 7 SQL Injection Vulnerability
- CVE-2025-46247 - Codepeople Appointment Booking Calendar Missing Authorization Vulnerability
- CVE-2025-46242 - Watu Quiz SQL Injection
- CVE-2025-46243 - Sonalsinha21 WooCommerce Recover Abandoned Cart CSRF
- CVE-2025-46244 - Dotstore Advanced Linked Variations for Woocommerce Missing Authorization Vulnerability
- CVE-2025-46245 - CreativeMindsSolutions CM Ad Changer CSRF Vulnerability
- CVE-2025-46246 - CM Answers CSRF
- CVE-2025-46238 - Apache RBAER Cross-Site Scripting Vulnerability
- CVE-2025-46239 - Theme Switcha Cross-site Scripting Vulnerability
- CVE-2025-46240 - Simple Download Counter Stored Cross-site Scripting
- CVE-2025-46237 - Yannick Lefebvre Link Library Cross-site Scripting
- CVE-2025-46241 - Codepeople Appointment Booking Calendar CSRF-Enabled SQL Injection
- CVE-2025-46231 - SERVIT Software Solutions Affiliate-Toolkit CSRF Vulnerability
- CVE-2025-46232 - Alt Text AI Missing Authorization
- CVE-2025-46233 - Sirv CDN and Image Hosting Stored Cross-Site Scripting Vulnerability
- CVE-2025-46235 - SKT Blocks - Gutenberg based Page Builder Cross-site Scripting
- CVE-2025-46236 - Link Software LLC HTML Forms Stored Cross-site Scripting (XSS)
- CVE-2025-46227 - Brecht Custom Related Posts Cross-site Scripting (XSS)
- CVE-2025-46228 - Bastien Ho Eventpost DOM-Based Cross-Site Scripting Vulnerability
- CVE-2025-46229 - Israpil Textmetrics Cross-site Scripting Vulnerability
- CVE-2025-26413 - Apache Kvrocks Out-of-Range Index Denial of Service
- CVE-2025-3814 - WooCommerce Tax Switch Stored Cross-Site Scripting
- CVE-2025-2839 - WordPress WP Import Export Lite Stored Cross-Site Scripting Vulnerability
- CVE-2024-13569 - WordPress Front End Users Reflected Cross-Site Scripting
- CVE-2025-2594 - WordPress User Registration & Membership Unauthorized Authentication Vulnerability
- CVE-2024-46899 - Hitachi Ops Center Analyzer Viewpoint OVF Authentication Credentials Leakage Vulnerability
- CVE-2025-2300 - Hitachi Ops Center Common Services Information Exposure
- CVE-2025-1731 - "USG FLEX H series PostgreSQL Command Privilege Escalation Vulnerability"
- CVE-2025-1732 - "Fortinet USG FLEX H Series Privilege Escalation Vulnerability"
- CVE-2025-3577 - Zyxel AMG1302-T10B Path Traversal Vulnerability
- CVE-2025-3850 - YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability
- CVE-2025-3855 - CodeCanyon RISE Ultimate Project Manager File Inclusion Vulnerability
- CVE-2025-3856 - Xxyopen Novel-Plus SQL Injection Vulnerability
- CVE-2025-2987 - IBM Maximo Asset Management SSRF
- CVE-2025-3849 - YXJ2018 SpringBoot-Vue-OnlineExam Remote Unverified Password Change Vulnerability
Franck Ridel
