CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-64714 – PrivateBin's template-switching feature allows arbitrary local file inclusion through path traversal
https://notcve.org/view.php?id=CVE-2025-64714
13 Nov 2025 — An attacker can read sensitive data or, if they manage to drop a PHP file elsewhere, gain remote code execution. • https://github.com/PrivateBin/PrivateBin/commit/4434dbf73ac53217fda0f90d8cf9b6110f8acc4f • CWE-23: Relative Path Traversal CWE-73: External Control of File Name or Path CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-12762 – Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode (pgAdmin 4)
https://notcve.org/view.php?id=CVE-2025-12762
13 Nov 2025 — pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. • https://github.com/pgadmin-org/pgadmin4/issues/9320 •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2025-11919
https://notcve.org/view.php?id=CVE-2025-11919
13 Nov 2025 — Wolfram Cloud version 14.2 allows Java Virtual Machine (JVM) unrestricted access to temporary resources in the /tmp/ directory of the cloud environment which may result in privilege escalation, information exfiltration, and remote code execution. •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2025-60674
https://notcve.org/view.php?id=CVE-2025-60674
13 Nov 2025 — An attacker with physical access or control over a USB device can exploit this vulnerability to potentially execute arbitrary code on the device. • http://d-link.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-60679
https://notcve.org/view.php?id=CVE-2025-60679
13 Nov 2025 — Input exceeding 481 bytes triggers a stack buffer overflow, allowing an attacker who can control /proc/version content to potentially execute arbitrary code on the device. • http://d-link.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.1EPSS: 0%CPEs: -EXPL: 0CVE-2025-60685
https://notcve.org/view.php?id=CVE-2025-60685
13 Nov 2025 — Maliciously crafted /proc/stat content can overwrite adjacent stack memory, potentially allowing an attacker with filesystem write privileges to execute arbitrary code on the device. • http://totolink.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-60690
https://notcve.org/view.php?id=CVE-2025-60690
13 Nov 2025 — Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication. • http://linksys.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-60691
https://notcve.org/view.php?id=CVE-2025-60691
13 Nov 2025 — Remote attackers can exploit this vulnerability via crafted HTTP requests to execute arbitrary code or cause denial of service without authentication. • http://linksys.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-60693
https://notcve.org/view.php?id=CVE-2025-60693
13 Nov 2025 — Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication. • http://linksys.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 1%CPEs: -EXPL: 0CVE-2025-60694
https://notcve.org/view.php?id=CVE-2025-60694
13 Nov 2025 — Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication. • http://linksys.com • CWE-121: Stack-based Buffer Overflow •