Latest CVE Feed
-
9.4
CRITICALCVE-2025-40746
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to ... Read more
Affected Products : simatic_rtls_locating_manager- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-40751
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenti... Read more
Affected Products : simatic_rtls_locating_manager- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2025-40770
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the int... Read more
Affected Products : sinec_traffic_analyzer- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
-
7.9
HIGHCVE-2025-49707
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-27031
memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2025-27029
Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.... Read more
Affected Products : wsa8830_firmware wsa8835_firmware ipq9008_firmware ipq9574_firmware qca8075_firmware qca8081_firmware qca8082_firmware qca8084_firmware qca8085_firmware qca8386_firmware +124 more products- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-21486
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-21485
Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
8.2
HIGHCVE-2024-53019
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.... Read more
Affected Products : qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sd_8_gen1_5g_firmware sw5100_firmware sw5100p_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware +152 more products- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
6.6
MEDIUMCVE-2024-53018
Memory corruption may occur while processing the OIS packet parser.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
6.6
MEDIUMCVE-2024-53017
Memory corruption while handling test pattern generator IOCTL command.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
6.1
MEDIUMCVE-2025-7949
A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html.... Read more
Affected Products : publiccms- Published: Jul. 22, 2025
- Modified: Aug. 20, 2025
-
6.6
MEDIUMCVE-2024-53016
Memory corruption while processing I2C settings in Camera driver.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware sd865_5g_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware +58 more products- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
6.6
MEDIUMCVE-2024-53013
Memory corruption may occur while processing voice call registration with user.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +110 more products- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
-
6.1
MEDIUMCVE-2025-7953
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS up to 5.202506.a. This issue affects some unknown processing of the file publiccms-parent/publiccms/src/main/webapp/resource/plugins/pdfjs/viewer.html. The manipulat... Read more
Affected Products : publiccms- Published: Jul. 22, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-21441
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware qca1062_firmware +88 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
-
8.8
HIGHCVE-2025-55164
content-security-policy-parser parses content security policy directives. A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if a policy name is called __proto__, one can override the Object prototype. This issue has been pa... Read more
Affected Products :- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
-
5.3
MEDIUMCVE-2025-54939
LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.... Read more
Affected Products : lsquic- Published: Aug. 01, 2025
- Modified: Aug. 20, 2025
-
5.2
MEDIUMCVE-2025-53013
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an *invalid* Linux Hello PIN, provided the host i... Read more
Affected Products :- Published: Jun. 26, 2025
- Modified: Aug. 20, 2025
-
3.1
LOWCVE-2025-46824
The Discourse Code Review Plugin allows users to review GitHub commits on Discourse. Prior to commit eed3a80, an attacker can execute arbitrary JavaScript on users' browsers by posting links to malicious GitHub commits. This problem is patched in commit e... Read more
Affected Products :- Published: May. 07, 2025
- Modified: Aug. 20, 2025