Latest CVE Feed
-
6.5
MEDIUMCVE-2025-7204
In ConnectWise PSA versions older than 2025.9, a vulnerability exists where authenticated users could gain access to sensitive user information. Specific API requests were found to return an overly verbose user object, which included encrypted password ha... Read more
Affected Products : professional_service_automation- Published: Jul. 09, 2025
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2024-56468
IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service.... Read more
Affected Products : infosphere_data_replication- Published: Jul. 08, 2025
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2025-27073
Transient DOS while creating NDP instance.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd865_5g_firmware wcd9380_firmware wcd9385_firmware +330 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2025-27065
Transient DOS while processing a frame with malformed shared-key descriptor.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd865_5g_firmware wcd9380_firmware wcd9385_firmware +290 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2025-21477
Transient DOS while processing CCCH data when NW sends data with invalid length.... Read more
Affected Products : qca6391_firmware qca6595au_firmware qca6696_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +168 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-21456
Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +118 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
6.2
MEDIUMCVE-2025-54608
Vulnerability that allows setting screen rotation direction without permission verification in the screen management module. Impact: Successful exploitation of this vulnerability may cause device screen orientation to be arbitrarily set.... Read more
Affected Products : harmonyos- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-21455
Memory corruption while submitting blob data to kernel space though IOCTL.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware sd865_5g_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware +48 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
6.5
MEDIUMCVE-2024-32006
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application does not expire the user session on reboot without logout. This could allow an attacker to bypass Multi-Factor Authentication.... Read more
- Published: Sep. 10, 2024
- Modified: Aug. 20, 2025
-
8.1
HIGHCVE-2024-38365
btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference... Read more
Affected Products : btcd- Published: Oct. 11, 2024
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2025-21452
Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd855_firmware sd865_5g_firmware wcd9341_firmware wcd9380_firmware +150 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.1
HIGHCVE-2025-52955
An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a memory corruption that leads to a rpd crash. Wh... Read more
- Published: Jul. 11, 2025
- Modified: Aug. 20, 2025
-
9.8
CRITICALCVE-2025-51543
An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's password via the /administrator/auth/reset_password endpoint.... Read more
Affected Products :- Published: Aug. 19, 2025
- Modified: Aug. 20, 2025
-
5.9
MEDIUMCVE-2024-43382
Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption.... Read more
Affected Products : snowflake_jdbc- Published: Oct. 30, 2024
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2024-46891
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logg... Read more
Affected Products : sinec_ins- Published: Nov. 12, 2024
- Modified: Aug. 20, 2025
-
6.3
MEDIUMCVE-2024-46894
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoint. This could allow an authenticated remote attacker to ... Read more
Affected Products : sinec_ins- Published: Nov. 12, 2024
- Modified: Aug. 20, 2025
-
7.5
HIGHCVE-2024-54137
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, p... Read more
Affected Products : liboqs- Published: Dec. 06, 2024
- Modified: Aug. 20, 2025
-
8.1
HIGHCVE-2025-54655
Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module.... Read more
Affected Products : harmonyos- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.7
HIGHCVE-2025-54607
Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more
Affected Products : harmonyos- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.3
HIGHCVE-2025-54606
Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.... Read more
Affected Products : harmonyos- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025