Latest CVE Feed
-
9.8
CRITICALCVE-2025-6836
A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotel... Read more
Affected Products : library_system- Published: Jun. 29, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Injection
-
6.2
MEDIUMCVE-2024-50929
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to arbitrarily change the device type in the controller's memory, leading to a Denial of Service (DoS).... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
6.5
MEDIUMCVE-2024-50928
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to change the wakeup interval of end devices in controller memory, disrupting the device's communications with the controller.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
6.5
MEDIUMCVE-2024-50924
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause disrupt communications between the controller and the device itself via repeatedly sending crafted packets to the controller.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
6.5
MEDIUMCVE-2024-50921
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause a Denial of Service (DoS) via repeatedly sending crafted packets to the controller.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
8.8
HIGHCVE-2024-50920
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to create a fake node via supplying crafted packets.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
8.8
HIGHCVE-2024-57376
Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to 3.17B901C allows unauthenticated users to execute remote code execution.... Read more
Affected Products : dsr-150_firmware dsr-150n_firmware dsr-250_firmware dsr-250n_firmware dsr-500_firmware dsr-1000n_firmware dsr-500 dsr-150n dsr-150 dsr-250 +2 more products- Published: Jan. 28, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
9.0
HIGHCVE-2025-0566
A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to in... Read more
- Published: Jan. 19, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
6.8
MEDIUMCVE-2025-31334
Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affe... Read more
Affected Products : winrar- Published: Apr. 03, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2025-27688
Dell ThinOS 2408 and prior, contains an improper permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.... Read more
- Published: Mar. 18, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-26331
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code ... Read more
- Published: Mar. 07, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-6840
A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. It is... Read more
Affected Products : product_inventory_system- Published: Jun. 29, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2024-29645
Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.... Read more
Affected Products : radare2- Published: Dec. 02, 2024
- Modified: Jul. 01, 2025
-
6.1
MEDIUMCVE-2024-54959
Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack through the Favorites component, enabling POST-based Cross-Site Scripting (XSS).... Read more
Affected Products : nagios_xi- Published: Feb. 20, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Cross-Site Request Forgery
-
6.1
MEDIUMCVE-2024-54958
Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting (XSS) vulnerability in the Tools page. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored and executed in the context of other users... Read more
Affected Products : nagios_xi- Published: Feb. 20, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Cross-Site Scripting
-
7.5
HIGHCVE-2024-52924
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary ... Read more
- Published: Mar. 06, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2024-52923
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundar... Read more
- Published: Mar. 06, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Denial of Service
-
8.1
HIGHCVE-2024-39890
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly c... Read more
- Published: Dec. 02, 2024
- Modified: Jul. 01, 2025
-
7.0
HIGHCVE-2024-39343
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management... Read more
- Published: Dec. 02, 2024
- Modified: Jul. 01, 2025
-
5.9
MEDIUMCVE-2024-25074
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, ... Read more
- Published: Sep. 10, 2024
- Modified: Jul. 01, 2025