Latest CVE Feed
-
9.1
CRITICALCVE-2024-28751
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.... Read more
Affected Products :- Published: Jul. 09, 2024
- Modified: Aug. 22, 2025
-
8.8
HIGHCVE-2024-7129
The Appointment Booking Calendar WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig Template Injection which further exploited can result to remote code Execution by high privilege such as admins... Read more
Affected Products : simply_schedule_appointments- Published: Sep. 13, 2024
- Modified: Aug. 22, 2025
-
6.5
MEDIUMCVE-2024-6758
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.... Read more
- Published: Aug. 12, 2024
- Modified: Aug. 22, 2025
-
7.5
HIGHCVE-2024-6477
The UsersWP WordPress plugin before 1.2.12 uses predictable filenames when an admin generates an export, which could allow unauthenticated attackers to download them and retrieve sensitive information such as IP, username, and email address... Read more
Affected Products : userswp- Published: Aug. 03, 2024
- Modified: Aug. 22, 2025
-
6.5
MEDIUMCVE-2024-1287
The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes via an SQLi vector.... Read more
- Published: Jul. 30, 2024
- Modified: Aug. 22, 2025
-
5.4
MEDIUMCVE-2024-1706
A vulnerability was determined in ZKTeco ZKBio Access IVS up to 3.3.2. This impacts an unknown function of the component Department Name Search Bar. This manipulation with the input <marquee>hi causes cross site scripting. Remote exploitation of the attac... Read more
Affected Products : zkbio_access_ivs- Published: Feb. 21, 2024
- Modified: Aug. 22, 2025
-
5.7
MEDIUMCVE-2024-7698
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.... Read more
Affected Products : tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware fl_mguard_centerport_vpn-1000_firmware fl_mguard_core_tx_firmware fl_mguard_core_tx_vpn_firmware fl_mguard_delta_tx\/tx_firmware +62 more products- Published: Sep. 10, 2024
- Modified: Aug. 22, 2025
-
7.5
HIGHCVE-2024-6421
An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service.... Read more
- Published: Jul. 10, 2024
- Modified: Aug. 22, 2025
-
8.1
HIGHCVE-2024-43393
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP ... Read more
Affected Products : tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware fl_mguard_centerport_vpn-1000_firmware fl_mguard_core_tx_firmware fl_mguard_core_tx_vpn_firmware fl_mguard_delta_tx\/tx_firmware +62 more products- Published: Sep. 10, 2024
- Modified: Aug. 22, 2025
-
8.1
HIGHCVE-2024-43392
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP ... Read more
Affected Products : tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware fl_mguard_centerport_vpn-1000_firmware fl_mguard_core_tx_firmware fl_mguard_core_tx_vpn_firmware fl_mguard_delta_tx\/tx_firmware +56 more products- Published: Sep. 10, 2024
- Modified: Aug. 22, 2025
-
8.1
HIGHCVE-2024-43391
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.... Read more
Affected Products : tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware fl_mguard_centerport_vpn-1000_firmware fl_mguard_core_tx_firmware fl_mguard_core_tx_vpn_firmware fl_mguard_delta_tx\/tx_firmware +62 more products- Published: Sep. 10, 2024
- Modified: Aug. 22, 2025
-
8.1
HIGHCVE-2024-43390
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.... Read more
Affected Products : tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware fl_mguard_centerport_vpn-1000_firmware fl_mguard_core_tx_firmware fl_mguard_core_tx_vpn_firmware fl_mguard_delta_tx\/tx_firmware +62 more products- Published: Sep. 10, 2024
- Modified: Aug. 22, 2025
-
8.1
HIGHCVE-2024-43389
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.... Read more
Affected Products : tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware fl_mguard_centerport_vpn-1000_firmware fl_mguard_core_tx_firmware fl_mguard_core_tx_vpn_firmware fl_mguard_delta_tx\/tx_firmware +62 more products- Published: Sep. 10, 2024
- Modified: Aug. 22, 2025
-
8.8
HIGHCVE-2024-43388
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.... Read more
Affected Products : tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware fl_mguard_centerport_vpn-1000_firmware fl_mguard_core_tx_firmware fl_mguard_core_tx_vpn_firmware fl_mguard_delta_tx\/tx_firmware +62 more products- Published: Sep. 10, 2024
- Modified: Aug. 22, 2025
-
5.3
MEDIUMCVE-2025-9135
A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer and BusBahnBim up to 12.1.1(258). The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android applicati... Read more
Affected Products :- Published: Aug. 19, 2025
- Modified: Aug. 22, 2025
- Vuln Type: Misconfiguration
-
7.1
HIGHCVE-2025-49142
Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configuration of the Jinja2 templating feature used in computed... Read more
Affected Products : nautobot- Published: Jun. 10, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Misconfiguration
-
6.3
MEDIUMCVE-2025-49143
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to v2.4.10 and v1.6.32 , files uploaded by users to Nautobot's MEDIA_ROOT directory, including DeviceType image attachments as well as images attached to a Location, Device, or R... Read more
Affected Products : nautobot- Published: Jun. 10, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2025-27151
Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exists in redis-check-aof due to the use of memcpy with strlen(filepath) when copying a user-supplied file pa... Read more
Affected Products : redis- Published: May. 29, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Memory Corruption
-
7.1
HIGHCVE-2025-7365
A flaw was found in Keycloak. When an authenticated attacker attempts to merge accounts with another existing account during an identity provider (IdP) login, the attacker will subsequently be prompted to "review profile" information. This vulnerability a... Read more
- Published: Jul. 10, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Authentication
-
7.5
HIGHCVE-2024-38866
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection... Read more
Affected Products : nagvis- Published: May. 27, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Injection