Latest CVE Feed
-
6.5
MEDIUMCVE-2025-41685
A low-privileged remote attacker can obtain the username of another registered Sunny Portal user by entering that user's email address.... Read more
Affected Products :- Published: Aug. 19, 2025
- Modified: Aug. 19, 2025
-
9.8
CRITICALCVE-2025-6758
The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'imic_agent_register' function in all versions up to, and including, 3.6. This is due to a lack of restriction in the registration rol... Read more
Affected Products :- Published: Aug. 19, 2025
- Modified: Aug. 19, 2025
-
5.4
MEDIUMCVE-2024-55896
IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system.... Read more
- Published: Jan. 03, 2025
- Modified: Aug. 19, 2025
-
6.1
MEDIUMCVE-2025-21457
Information disclosure while opening a fastrpc session when domain is not sanitized.... Read more
Affected Products : ar8035_firmware qca6584au_firmware qca6698aq_firmware qca8081_firmware qca8337_firmware wcd9340_firmware fastconnect_7800_firmware qcc710_firmware qcn6224_firmware qcn6274_firmware +20 more products- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21458
Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.... Read more
Affected Products : sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware wsa8830_firmware wsa8835_firmware qca6698aq_firmware qca6174a_firmware +38 more products- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21461
Memory corruption when programming registers through virtual CDM.... Read more
- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21473
Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware fastconnect_6900_firmware fastconnect_7800_firmware snapdragon_8_gen_1_mobile_platform_firmware wcd9380 wsa8830 wsa8835 fastconnect_6900 +2 more products- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21474
Memory corruption while processing commands from A2dp sink command queue.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +80 more products- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025
-
8.8
HIGHCVE-2025-21611
tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used to authorize API methods were incorrectly OR'd instead of AND'ed with the role used to determine if a user was enabled. This allows enabled users access t... Read more
Affected Products : tgstation-server- Published: Jan. 06, 2025
- Modified: Aug. 19, 2025
-
7.1
HIGHCVE-2025-8312
Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service.This issue affects the following version(s) : * D... Read more
Affected Products : devolutions_server- Published: Jul. 30, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1433
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d civil_3d +1 more products- Published: Mar. 13, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1431
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of th... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d civil_3d +1 more products- Published: Mar. 13, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1430
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d civil_3d +1 more products- Published: Mar. 13, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1429
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d civil_3d +1 more products- Published: Mar. 13, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1428
A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of t... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d civil_3d +1 more products- Published: Mar. 13, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1427
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the conte... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d civil_3d +1 more products- Published: Mar. 13, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1277
A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more
Affected Products : revit- Published: Apr. 15, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1276
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the ... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +8 more products- Published: Apr. 15, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1275
A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code i... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +2 more products- Published: Apr. 15, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-1274
A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the ... Read more
Affected Products : revit- Published: Apr. 15, 2025
- Modified: Aug. 19, 2025