Latest CVE Feed
-
1.2
LOWCVE-2025-62852
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th... Read more
Affected Products : qts- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.2
LOWCVE-2025-53593
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th... Read more
- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.2
LOWCVE-2025-53596
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have ... Read more
- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.2
LOWCVE-2025-48721
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th... Read more
Affected Products : qts- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.2
LOWCVE-2025-53414
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have ... Read more
- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.2
LOWCVE-2025-52426
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have ... Read more
- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.2
LOWCVE-2025-53597
A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the f... Read more
Affected Products : license_center- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.2
LOWCVE-2025-52431
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have ... Read more
- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Denial of Service
-
1.2
LOWCVE-2025-53591
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify mem... Read more
- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Injection
-
1.2
LOWCVE-2025-69210
FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.7, a stored cross-site scripting (XSS) vulnerability exists in the product file upload functionality. Authenticated users can upload crafted XML file... Read more
Affected Products : facturascripts- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Cross-Site Scripting
-
1.2
LOWCVE-2025-53590
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have ... Read more
Affected Products : qts- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Denial of Service
-
1.2
LOWCVE-2025-53589
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have ... Read more
- Published: Jan. 02, 2026
- Modified: Jan. 02, 2026
- Vuln Type: Memory Corruption
-
1.1
LOWCVE-2025-12945
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154.... Read more
Affected Products : r7000p_firmware- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Injection
-
1.0
LOWCVE-2025-13912
Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timin... Read more
Affected Products : wolfssl- Published: Dec. 11, 2025
- Modified: Dec. 12, 2025
- Vuln Type: Cryptography
-
0.9
LOWCVE-2025-14714
An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle By executing the bundled int... Read more
Affected Products : libreoffice- Published: Dec. 15, 2025
- Modified: Dec. 15, 2025
- Vuln Type: Authentication
-
0.6
LOWCVE-2025-14266
CSRF in Ercom Cryptobox administration console allows attacker to trigger some actions on behalf of a Cryptobox administrator. The attack requires the administrator to browse a malicious web site or to click a link while he has an open session on the admi... Read more
Affected Products : cryptobox- Published: Dec. 17, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Cross-Site Request Forgery
-
0.0
NACVE-2023-54046
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Handle EBUSY correctly As it is essiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request.... Read more
Affected Products : linux_kernel- Published: Dec. 24, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54043
In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not add the same hwpt to the ioas->hwpt_list twice The hwpt is added to the hwpt_list only during its creation, it is never added again. This hunk is some missed leftover fr... Read more
Affected Products : linux_kernel- Published: Dec. 24, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54208
In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675_init_controls() There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff88810736216... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50766
In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for commit bc877d285ca3dba2 ("btrf... Read more
Affected Products : linux_kernel- Published: Dec. 24, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Memory Corruption