Latest CVE Feed
-
7.8
HIGHCVE-2024-45560
Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +64 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2024-38420
Memory corruption while configuring a Hypervisor based input virtual device.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +310 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-38418
Memory corruption while parsing the memory map info in IOCTL calls.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +114 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
6.1
MEDIUMCVE-2024-38417
Information disclosure while processing IO control commands.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +102 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Information Disclosure
-
6.1
MEDIUMCVE-2024-38416
Information disclosure during audio playback.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +134 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Information Disclosure
-
6.1
MEDIUMCVE-2024-38414
Information disclosure while processing information on firmware image during core initialization.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +48 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2024-38413
Memory corruption while processing frame packets.... Read more
Affected Products : fastconnect_7800_firmware wcd9390_firmware wcd9395_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware fastconnect_7800 wcd9390 wcd9395 wsa8840 +4 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-38412
Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.... Read more
Affected Products : fastconnect_7800_firmware wcd9390_firmware wcd9395_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware fastconnect_7800 wcd9390 wcd9395 wsa8840 +4 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-38411
Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.... Read more
- Published: Feb. 03, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2024-38404
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.... Read more
Affected Products : wcn3980_firmware wsa8830_firmware wsa8835_firmware ar8035_firmware qca6584au_firmware qca6698aq_firmware qca8081_firmware qca8337_firmware wcd9340_firmware wcd9370_firmware +70 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Denial of Service
-
7.1
HIGHCVE-2025-24781
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WPJobBoard allows Reflected XSS. This issue affects WPJobBoard: from n/a through 5.10.1.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-24707
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3 Photo Gallery Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery allows Reflected XSS. This issue affects Photo Gallery - GT3 Image Gallery ... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-24697
Missing Authorization vulnerability in Realwebcare Image Gallery – Responsive Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Gallery – Responsive Photo Gallery: from n/a through 1.0.5.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Authorization
-
7.1
HIGHCVE-2025-24684
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ederson Peka Media Downloader allows Reflected XSS. This issue affects Media Downloader: from n/a through 0.4.7.5.... Read more
Affected Products : media_downloader- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-24676
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in umangmetatagg Custom WP Store Locator allows Reflected XSS.This issue affects Custom WP Store Locator: from n/a through 1.4.7.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: May. 19, 2025
- Vuln Type: Cross-Site Scripting
-
8.8
HIGHCVE-2025-24661
Deserialization of Untrusted Data vulnerability in MagePeople Team Taxi Booking Manager for WooCommerce allows Object Injection.This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.1.8.... Read more
Affected Products : ecab_taxi_booking_manager- Published: Feb. 03, 2025
- Modified: May. 19, 2025
- Vuln Type: Injection
-
7.1
HIGHCVE-2025-24660
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership Custom Messages allows Reflected XSS. This issue affects Simple Membership Custom Messages: from n/a through 2.4.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-24656
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Provisioning allows Reflected XSS. This issue affects Realtyna Provisioning: from n/a through 1.2.2.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-24646
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maxim Glazunov XML for Avito allows Reflected XSS. This issue affects XML for Avito: from n/a through 2.5.2.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-24643
Missing Authorization vulnerability in Amento Tech Pvt ltd WPGuppy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPGuppy: from n/a through 1.1.0.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Authorization