Latest CVE Feed
-
9.6
CRITICALCVE-2025-26496
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1... Read more
Affected Products :- Published: Aug. 22, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Memory Corruption
-
6.9
MEDIUMCVE-2025-43761
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through up... Read more
- Published: Aug. 22, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Cross-Site Scripting
-
8.5
HIGHCVE-2025-9380
A vulnerability was identified in FNKvision Y215 CCTV Camera 10.194.120.40. Affected by this issue is some unknown functionality of the file /etc/passwd of the component Firmware. Such manipulation leads to hard-coded credentials. Local access is required... Read more
Affected Products :- Published: Aug. 24, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Authentication
-
6.4
MEDIUMCVE-2025-9382
A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1_rf_test_config of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targe... Read more
Affected Products :- Published: Aug. 24, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Authentication
-
6.5
MEDIUMCVE-2025-9395
A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost of the file backup.go. Such manipulation of the argument fileName leads to server-side request forgery. It is possible to launch the attack remotely. The expl... Read more
Affected Products :- Published: Aug. 24, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Server-Side Request Forgery