Latest CVE Feed
-
9.8
CRITICALCVE-2025-8913
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.... Read more
Affected Products : organization_portal_system- Published: Aug. 13, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Path Traversal
-
7.5
HIGHCVE-2025-8914
Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.... Read more
Affected Products : organization_portal_system- Published: Aug. 13, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Injection
-
3.7
LOWCVE-2025-8515
A vulnerability was found in Intelbras InControl 2.21.60.9 and classified as problematic. This issue affects some unknown processing of the file /v1/operador/ of the component JSON Endpoint. The manipulation leads to information disclosure. The attack may... Read more
Affected Products : incontrol_web- Published: Aug. 04, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Information Disclosure
-
7.3
HIGHCVE-2025-26065
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network.... Read more
- Published: Aug. 04, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Cross-Site Scripting
-
7.5
HIGHCVE-2025-53009
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsi... Read more
Affected Products : materialx- Published: Aug. 01, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-53010
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which ... Read more
Affected Products : materialx- Published: Aug. 01, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-53011
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which ... Read more
Affected Products : materialx- Published: Aug. 01, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-53012
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limi... Read more
Affected Products : materialx- Published: Aug. 01, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
9.0
CRITICALCVE-2025-54117
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text ed... Read more
Affected Products : nameless- Published: Aug. 18, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Cross-Site Scripting
-
7.2
HIGHCVE-2025-54421
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords ... Read more
Affected Products : nameless- Published: Aug. 18, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Cross-Site Scripting
-
5.3
MEDIUMCVE-2025-54118
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code ... Read more
Affected Products : nameless- Published: Aug. 18, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-5047
A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of t... Read more
- Published: Aug. 15, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-5048
A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more
- Published: Aug. 15, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-5046
A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context... Read more
- Published: Aug. 15, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21447
Memory corruption may occur while processing device IO control call for session control.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21436
Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.... Read more
- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21437
Memory corruption while processing memory map or unmap IOCTL operations simultaneously.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware qca6574_firmware qca6574a_firmware +52 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-43058
Memory corruption while processing IOCTL calls.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware fastconnect_6900_firmware fastconnect_7800_firmware snapdragon_8_gen_1_mobile_platform_firmware wcd9380 wsa8830 wsa8835 fastconnect_6900 +2 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-43067
Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +106 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
6.9
MEDIUMCVE-2025-30034
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to c... Read more
Affected Products : simatic_rtls_locating_manager- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service