Latest CVE Feed
-
6.9
MEDIUMCVE-2025-62375
go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succe... Read more
Affected Products :- Published: Oct. 15, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Authentication
-
6.5
MEDIUMCVE-2025-11683
YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure Missing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to be read The issu... Read more
Affected Products :- Published: Oct. 16, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Information Disclosure
-
9.2
CRITICALCVE-2025-55089
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets... Read more
Affected Products :- Published: Oct. 16, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Memory Corruption
-
6.1
MEDIUMCVE-2025-20351
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. ... Read more
Affected Products :- Published: Oct. 15, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Cross-Site Scripting
-
9.2
CRITICALCVE-2025-6338
There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2.... Read more
Affected Products :- Published: Oct. 16, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Denial of Service