Latest CVE Feed
-
9.1
CRITICALCVE-2025-21450
Cryptographic issue occurs due to use of insecure connection method while downloading.... Read more
Affected Products : qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware +208 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Cryptography
-
7.5
HIGHCVE-2025-21449
Transient DOS may occur while processing malformed length field in SSID IEs.... Read more
Affected Products : aqt1000_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware sd_8_gen1_5g_firmware +366 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-21446
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware +472 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21432
Memory corruption while retrieving the CBOR data from TA.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +488 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-53009
Memory corruption while operating the mailbox in Automotive.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +370 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2024-49839
Memory corruption during management frame processing due to mismatch in T2LM info element.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9380_firmware +366 more products- Published: Feb. 03, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-38411
Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.... Read more
- Published: Feb. 03, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +72 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21470
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +58 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21469
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.... Read more
- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-21459
Transient DOS while parsing per STA profile in ML IE.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9341_firmware +242 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +526 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +356 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.1
HIGHCVE-2024-47384
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One] allows Reflected XSS.This issue affects WP Compress – Image Optimizer [All-In-One]: from n/... Read more
Affected Products : wp_compress- Published: Oct. 05, 2024
- Modified: Aug. 11, 2025
-
8.7
HIGHCVE-2025-21601
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthentic... Read more
Affected Products : junos- Published: Apr. 09, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-2539
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the ... Read more
Affected Products : file_away- Published: Mar. 20, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.... Read more
Affected Products : sonicos nsa_2700 nsa_3700 nsa_4700 nsa_5700 nsa_6700 nssp_10700 nssp_11700 nssp_13700 tz270 +13 more products- Published: Jul. 29, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
9.8
CRITICALCVE-2025-2512
The File Away plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check and missing file type validation in the upload() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthentica... Read more
Affected Products : file_away- Published: Mar. 19, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Authentication
-
8.3
HIGHCVE-2025-26530
The question bank filter required additional sanitizing to prevent a reflected XSS risk.... Read more
Affected Products : moodle- Published: Feb. 24, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Cross-Site Scripting
-
9.8
CRITICALCVE-2025-53606
Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): 2.4.0. Users are recommended to upgrade to version 2.5.0, which fixes the issue.... Read more
Affected Products : seata- Published: Aug. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Misconfiguration