Latest CVE Feed
-
6.5
MEDIUMCVE-2025-6013
Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Va... Read more
Affected Products : vault- Published: Aug. 06, 2025
- Modified: Aug. 06, 2025
-
9.8
CRITICALCVE-2025-22470
CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow crafted dangerous files to be uploaded. An arbitrary Lua script may be executed on the system with the root privilege.... Read more
Affected Products :- Published: Aug. 06, 2025
- Modified: Aug. 06, 2025
-
7.3
HIGHCVE-2025-22469
OS command injection vulnerability exists in CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1. An arbitrary OS command may be executed on the system with a certain non-administrative user privilege.... Read more
Affected Products :- Published: Aug. 06, 2025
- Modified: Aug. 06, 2025
-
3.7
LOWCVE-2025-8556
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.... Read more
Affected Products : circl- Published: Aug. 06, 2025
- Modified: Aug. 06, 2025
-
5.1
MEDIUMCVE-2025-7202
A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an attacker to host a malicious webpage that remotely controlles the victim's lights.... Read more
Affected Products :- Published: Aug. 06, 2025
- Modified: Aug. 06, 2025
-
6.0
MEDIUMCVE-2025-7954
A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.... Read more
Affected Products : shopware- Published: Aug. 06, 2025
- Modified: Aug. 07, 2025
-
7.5
HIGHCVE-2025-47324
Information disclosure while accessing and modifying the PIB file of a remote device via powerline.... Read more
- Published: Aug. 06, 2025
- Modified: Aug. 18, 2025
-
7.8
HIGHCVE-2025-27076
Memory corruption while processing simultaneous requests via escape path.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +80 more products- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-27075
Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +62 more products- Published: Aug. 06, 2025
- Modified: Aug. 18, 2025
-
7.5
HIGHCVE-2025-27073
Transient DOS while creating NDP instance.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd865_5g_firmware wcd9380_firmware wcd9385_firmware +330 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
5.5
MEDIUMCVE-2025-27072
Information disclosure while processing a packet at EAVB BE side with invalid header length.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +62 more products- Published: Aug. 06, 2025
- Modified: Aug. 18, 2025
-
9.8
CRITICALCVE-2025-27071
Memory corruption while processing specific files in Powerline Communication Firmware.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware sd865_5g_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware +58 more products- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-27069
Memory corruption while processing DDI command calls.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Aug. 06, 2025
- Modified: Aug. 18, 2025
-
7.8
HIGHCVE-2025-27068
Memory corruption while processing an IOCTL command with an arbitrary address.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8835_firmware sm6250_firmware fastconnect_6200_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware +22 more products- Published: Aug. 06, 2025
- Modified: Aug. 18, 2025
-
7.8
HIGHCVE-2025-27067
Memory corruption while processing DDI call with invalid buffer.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Aug. 06, 2025
- Modified: Aug. 18, 2025
-
7.5
HIGH- Published: Aug. 06, 2025
- Modified: Aug. 06, 2025
-
7.5
HIGHCVE-2025-27065
Transient DOS while processing a frame with malformed shared-key descriptor.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd865_5g_firmware wcd9380_firmware wcd9385_firmware +290 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-27062
Memory corruption while handling client exceptions, allowing unauthorized channel access.... Read more
Affected Products :- Published: Aug. 06, 2025
- Modified: Aug. 06, 2025
-
7.5
HIGHCVE-2025-21477
Transient DOS while processing CCCH data when NW sends data with invalid length.... Read more
Affected Products : qca6391_firmware qca6595au_firmware qca6696_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +168 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
-
7.8
HIGHCVE-2025-21474
Memory corruption while processing commands from A2dp sink command queue.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +80 more products- Published: Aug. 06, 2025
- Modified: Aug. 19, 2025