Latest CVE Feed
-
9.0
HIGHCVE-2025-8940
A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParentControlInfo. The manipulation of the argument Time leads to buffer overflow. The attack can be launched rem... Read more
- Published: Aug. 14, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
9.0
HIGHCVE-2025-8939
A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The explo... Read more
- Published: Aug. 14, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
8.2
HIGHCVE-2025-6297
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files ... Read more
Affected Products : dpkg- Published: Jul. 01, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-0149
Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access.... Read more
- Published: Mar. 11, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-25175
A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All versions < V2406.0002). The affected application contains a memory corruption vulnerability while parsing specially crafted .NEU files. T... Read more
Affected Products : simcenter_femap- Published: Mar. 13, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2023-4458
A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage thi... Read more
Affected Products : linux_kernel- Published: Nov. 14, 2024
- Modified: Aug. 19, 2025
-
6.5
MEDIUMCVE-2024-45556
Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.... Read more
Affected Products : sd_8_gen1_5g_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wsa8830_firmware wsa8835_firmware ipq9008_firmware ipq9574_firmware qca8075_firmware qca8081_firmware +110 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Cryptography
-
7.8
HIGHCVE-2024-45557
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.... Read more
Affected Products : sd_8_gen1_5g_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware ar8035_firmware qca6584au_firmware +112 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2023-52927
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some s... Read more
Affected Products : linux_kernel- Published: Mar. 14, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2025-21421
Memory corruption while processing escape code in API.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +80 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21423
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +80 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21425
Memory corruption may occur due top improper access control in HAB process.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +56 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-21431
Information disclosure may be there when a guest VM is connected.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +62 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-21442
Memory corruption while transmitting packet mapping information with invalid header payload size.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware +42 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21443
Memory corruption while processing message content in eAVB.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +62 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Memory Corruption
-
6.3
MEDIUMCVE-2024-49825
IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.20 and 23.0.0 through 23.0.20 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.... Read more
- Published: Apr. 14, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Authentication
-
7.5
HIGHCVE-2024-22314
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.... Read more
Affected Products : storage_defender_resiliency_service- Published: Apr. 16, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Cryptography
-
8.1
HIGHCVE-2020-10650
A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jnd... Read more
- EPSS Score: %5.16
- Published: Dec. 26, 2022
- Modified: Aug. 19, 2025
-
8.0
HIGHCVE-2022-21661
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certai... Read more
- EPSS Score: %90.23
- Published: Jan. 06, 2022
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-6230
A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite commands.... Read more
- Published: Jul. 17, 2025
- Modified: Aug. 19, 2025
- Vuln Type: Injection