Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.1 CVE-2025-5060

Bravis User <= 1.0.0 - Authentication Bypass to Account Takeover_CVE-2025-5060

The Bravis User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.0. This is due to the plugin ...

Bravis-Themes Bravis User * CVE
HIGH 7.2 CVE-2025-7813

Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery_CVE-2025-7813

The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for WordPress is vulnerable to Server-Side Request Forgery in ...

arraytics Eventin – AI Powered Event Manager, Events Calendar, Booking and Tickets Plugin * CVE
HIGH 8.7 CVE-2025-9357

Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 langSwitchByBBS stack-based overflow_CVE-2025-9357

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001...

Linksys RE6250 1.0.013.001 CVE
HIGH 8.1 CVE-2025-9048

Wptobe-memberships <= 3.4.2 - Authenticated (Subscriber+) Arbitrary File Deletion_CVE-2025-9048

The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the del_img_ajax_c...

wptobe Wptobe-memberships * CVE
HIGH 8.5 CVE-2025-52451

CVE-2025-52451_CVE-2025-52451

Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modules) a...

Salesforce Tableau Server CVE
HIGH 8.7 CVE-2025-9356

Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 inboundFilterAdd stack-based overflow_CVE-2025-9356

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001...

Linksys RE6250 1.0.013.001 CVE
HIGH 8.7 CVE-2025-9355

Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 scheduleAdd stack-based overflow_CVE-2025-9355

A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Aff...

Linksys RE6250 1.0.013.001 CVE
HIGH 8.6 CVE-2025-57801

gnark is vulnerable to signature malleability in EdDSA and ECDSA due to missing scalar checks_CVE-2025-57801

gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a...

Consensys gnark < 0.14.0 CVE
HIGH 8.8 CVE-2025-6791

Second order SQL injection available to user with low privilege_CVE-2025-6791

On the monitoring event logs page, it is possible to alter the http request to insert a payload in the DB. Caused by an Improper Neutralization of ...

Centreon web 24.10.0 CVE
HIGH 7.2 CVE-2025-4650

User with high privileges is able to introduce a SQLi using the Meta Service indicator page_CVE-2025-4650

User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elemen...

Centreon web 24.10.0 CVE