CVSS: 8.1EPSS: %CPEs: 1EXPL: 0CVE-2025-12974 – Gravity Forms <= 2.9.21.1 - Unauthenticated Arbitrary File Upload via Legacy Chunked Upload
https://notcve.org/view.php?id=CVE-2025-12974
17 Nov 2025 — This makes it possible for unauthenticated attackers to upload executable .phar files and achieve remote code execution on the server, granted they can discover or enumerate the upload path. In order for an attacker to achieve RCE, the web server needs to be set up to process .phar file as PHP via file handler mapping or similar. • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4466 – IPCop <= 2.1.9 Authenticated RCE
https://notcve.org/view.php?id=CVE-2021-4466
14 Nov 2025 — IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. • https://www.vulncheck.com/advisories/ipcop-authenticated-rce • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4470 – TG8 Firewall Unauthenticated RCE via runphpcmd.php
https://notcve.org/view.php?id=CVE-2021-4470
14 Nov 2025 — TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd.php endpoint. • https://ssd-disclosure.com/ssd-advisory-tg8-firewall-preauth-rce-and-password-disclosure • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4471 – TG8 Firewall Unauthenticated User Password Disclosure
https://notcve.org/view.php?id=CVE-2021-4471
14 Nov 2025 — TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading to loss of confidentiality and further unauthorized access. • https://ssd-disclosure.com/ssd-advisory-tg8-firewall-preauth-rce-and-password-disclosure • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-55449
https://notcve.org/view.php?id=CVE-2025-55449
14 Nov 2025 — AstrBot is vulnerable to RCE with hard-coded JWT signing keys •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-11918 – Rockwell Automation Arena® Simulation Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-11918
14 Nov 2025 — Local attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of Arena®. ... Local attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of Arena®. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1763.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-42749
https://notcve.org/view.php?id=CVE-2024-42749
14 Nov 2025 — Cross Site Scripting vulnerability in Alto CMS v.1.1.13 allows a local attacker to execute arbitrary code via a crafted script. • https://github.com/altocms/altocms • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-64726 – External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw
https://notcve.org/view.php?id=CVE-2025-64726
13 Nov 2025 — The vulnerability allows an attacker to execute arbitrary code by placing a malicious `.sfw.config` file in a project directory. • https://bsky.app/profile/evilpacket.net/post/3m4iylwxtns2t • CWE-15: External Control of System or Configuration Setting CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-43515
https://notcve.org/view.php?id=CVE-2025-43515
13 Nov 2025 — An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code. • https://support.apple.com/en-us/125693 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-11538 – Keycloak-server: debug default bind address
https://notcve.org/view.php?id=CVE-2025-11538
13 Nov 2025 — This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine. • https://access.redhat.com/errata/RHSA-2025:21370 • CWE-1327: Binding to an Unrestricted IP Address •