CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2025-3481 – MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-3481
09 Apr 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. ... An attacker can leverage this vulnerability to execute code in the context of the service account. •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2025-3482 – MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-3482
09 Apr 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. ... An attacker can leverage this vulnerability to execute code in the context of the service account. •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2025-3483 – MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-3483
09 Apr 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. ... An attacker can leverage this vulnerability to execute code in the context of the service account. •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2025-3484 – MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-3484
09 Apr 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. ... An attacker can leverage this vulnerability to execute code in the context of the service account. •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31002 – WordPress Squeeze plugin <= 1.6 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2025-31002
09 Apr 2025 — The Squeeze – Image Optimization & Compression, WebP Conversion plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/wordpress/plugin/squeeze/vulnerability/wordpress-squeeze-plugin-1-6-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32464 – Ubuntu Security Notice USN-7431-1
https://notcve.org/view.php?id=CVE-2025-32464
09 Apr 2025 — A remote attacker could use this issue to cause HAProxy to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://github.com/haproxy/haproxy/commit/3e3b9eebf871510aee36c3a3336faac2f38c9559 • CWE-1025: Comparison Using Wrong Factors •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32496 – WordPress Ultra Demo Importer plugin <= 1.0.5 - CSRF to RCE vulnerability
https://notcve.org/view.php?id=CVE-2025-32496
09 Apr 2025 — This makes it possible for unauthenticated attackers to execute arbitrary code on the server via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/wordpress/plugin/ut-demo-importer/vulnerability/wordpress-ultra-demo-importer-plugin-1-0-5-csrf-to-rce-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32642 – WordPress Vite Coupon plugin <= 1.0.7 - CSRF to Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2025-32642
09 Apr 2025 — Cross-Site Request Forgery (CSRF) vulnerability in appsbd Vite Coupon allows Remote Code Inclusion. ... This makes it possible for unauthenticated attackers to execute arbitrary code on the server via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/wordpress/plugin/vite-coupon/vulnerability/wordpress-vite-coupon-plugin-1-0-7-csrf-to-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31014 – WordPress Material Dashboard <= 1.4.5 - Local File Inclusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-31014
09 Apr 2025 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ho3einie Material Dashboard allows PHP Local File Inclusion. ... This makes it possible for authenticated attackers, with subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code exec... • https://patchstack.com/database/wordpress/plugin/material-dashboard/vulnerability/wordpress-material-dashboard-1-4-5-local-file-inclusion-vulnerability-2?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31015 – WordPress WordPress SMTP Service, Email Delivery Solved! — MailHawk <= 1.3.1 - Local File Inclusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-31015
09 Apr 2025 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Adrian Tobey WordPress SMTP Service, Email Delivery Solved! ... This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and othe... • https://patchstack.com/database/wordpress/plugin/mailhawk/vulnerability/wordpress-wordpress-smtp-service-email-delivery-solved-mailhawk-1-3-1-local-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •