Latest CVE Feed
-
7.5
HIGHCVE-2025-11942
A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may b... Read more
Affected Products : x200_firmware- Published: Oct. 19, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Authentication
-
0.0
NACVE-2025-40003
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work The origin code calls cancel_delayed_work() in ocelot_stats_deinit() to cancel the cyclic delayed work item ocelot->s... Read more
Affected Products : linux_kernel- Published: Oct. 18, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Memory Corruption
-
6.4
MEDIUMCVE-2025-9562
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's qs_date shortcode in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping on user supplied... Read more
Affected Products : redirection_for_contact_form_7- Published: Oct. 18, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Cross-Site Scripting
-
9.8
CRITICALCVE-2025-11391
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it poss... Read more
Affected Products :- Published: Oct. 18, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Misconfiguration