Latest CVE Feed
-
7.5
HIGHCVE-2025-21449
Transient DOS may occur while processing malformed length field in SSID IEs.... Read more
Affected Products : aqt1000_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware sd_8_gen1_5g_firmware +366 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-21446
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware +472 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21432
Memory corruption while retrieving the CBOR data from TA.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +488 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-53009
Memory corruption while operating the mailbox in Automotive.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +370 more products- Published: Jul. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2024-49839
Memory corruption during management frame processing due to mismatch in T2LM info element.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9380_firmware +366 more products- Published: Feb. 03, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-38411
Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.... Read more
- Published: Feb. 03, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +72 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21470
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +58 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21469
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.... Read more
- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-21459
Transient DOS while parsing per STA profile in ML IE.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9341_firmware +242 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +526 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +356 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.1
HIGHCVE-2024-47384
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One] allows Reflected XSS.This issue affects WP Compress – Image Optimizer [All-In-One]: from n/... Read more
Affected Products : wp_compress- Published: Oct. 05, 2024
- Modified: Aug. 11, 2025
-
8.7
HIGHCVE-2025-21601
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthentic... Read more
Affected Products : junos- Published: Apr. 09, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-2539
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the ... Read more
Affected Products : file_away- Published: Mar. 20, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.... Read more
Affected Products : sonicos nsa_2700 nsa_3700 nsa_4700 nsa_5700 nsa_6700 nssp_10700 nssp_11700 nssp_13700 tz270 +13 more products- Published: Jul. 29, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
9.8
CRITICALCVE-2025-2512
The File Away plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check and missing file type validation in the upload() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthentica... Read more
Affected Products : file_away- Published: Mar. 19, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Authentication
-
8.3
HIGHCVE-2025-26530
The question bank filter required additional sanitizing to prevent a reflected XSS risk.... Read more
Affected Products : moodle- Published: Feb. 24, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Cross-Site Scripting
-
9.8
CRITICALCVE-2025-53606
Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): 2.4.0. Users are recommended to upgrade to version 2.5.0, which fixes the issue.... Read more
Affected Products : seata- Published: Aug. 08, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Misconfiguration
-
9.0
CRITICALCVE-2025-24936
The web application allows user input to pass unfiltered to a command executed on the underlying operating system. The vulnerable component is bound to the network stack and the set of possible attackers extends up to and including the entire Internet. A... Read more
Affected Products : wavesuite_noc- Published: Jul. 21, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Injection