2025-08-27 Daily Vulns
NEW:
| CVE | vendor-product | description | metric | Referenceurl | title | GithubURL | |
|---|---|---|---|---|---|---|---|
| CVE-2022-45134 | n/a - n/a | Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import. A particularly structured XML file could cause code execution when being processed. | CNA n/a CVSS3.1: 9.8 - CRITICAL | 0 1 | Exploitation: noneAutomatable: yesTechnical Impact: total | undefined | github |
| CVE-2025-8627 | TP-Link Systems Inc. - TP-Link KP303 (US) Smartplug | The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 (US) Smartplug: before 1.1.0. | CVSS4.0: 8.7 - HIGH | 0 | Exploitation: noneAutomatable: noTechnical Impact: partial | Unauthenticated Protocol Commands on TP-Link KP303 | github |
This post is licensed under CC BY 4.0 by the author.