Latest CVE Feed
-
0.0
NACVE-2025-38335
In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT When enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in hard irq context, but the input_event() takes a spin_loc... Read more
Affected Products : linux_kernel- Published: Jul. 10, 2025
- Modified: Aug. 15, 2025
-
5.5
MEDIUMCVE-2025-37925
In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 3 UID:... Read more
Affected Products : linux_kernel- Published: Apr. 18, 2025
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2025-36604
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, lead... Read more
Affected Products : unity_operating_environment- Published: Aug. 04, 2025
- Modified: Aug. 15, 2025
-
6.1
MEDIUMCVE-2025-36605
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). An ... Read more
Affected Products : unity_operating_environment- Published: Aug. 04, 2025
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-36606
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating sys... Read more
Affected Products : unity_operating_environment- Published: Aug. 04, 2025
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-36607
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system com... Read more
Affected Products : unity_operating_environment- Published: Aug. 04, 2025
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2025-51390
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function.... Read more
- Published: Aug. 04, 2025
- Modified: Aug. 15, 2025
-
5.4
MEDIUMCVE-2025-50592
Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player.... Read more
Affected Products : seacms- Published: Aug. 05, 2025
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2025-52237
An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal.... Read more
Affected Products : sscms- Published: Aug. 05, 2025
- Modified: Aug. 15, 2025
-
6.7
MEDIUMCVE-2025-21017
Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.... Read more
Affected Products : blockchain_keystore- Published: Aug. 06, 2025
- Modified: Aug. 15, 2025
-
4.4
MEDIUMCVE-2025-21018
Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.... Read more
Affected Products : blockchain_keystore- Published: Aug. 06, 2025
- Modified: Aug. 15, 2025
-
5.5
MEDIUMCVE-2025-21019
Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.... Read more
Affected Products : health- Published: Aug. 06, 2025
- Modified: Aug. 15, 2025
-
6.7
MEDIUMCVE-2025-21020
Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.... Read more
Affected Products : blockchain_keystore- Published: Aug. 06, 2025
- Modified: Aug. 15, 2025
-
6.7
MEDIUMCVE-2025-21021
Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.... Read more
Affected Products : blockchain_keystore- Published: Aug. 06, 2025
- Modified: Aug. 15, 2025
-
5.3
MEDIUMCVE-2025-49559
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature b... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
5.9
MEDIUMCVE-2025-49558
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could explo... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2025-49556
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
8.1
HIGHCVE-2025-49555
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a vic... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2025-49554
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
8.8
HIGHCVE-2022-29376
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory.... Read more
- EPSS Score: %0.55
- Published: May. 23, 2022
- Modified: Aug. 15, 2025