Latest CVE Feed
-
6.5
MEDIUMCVE-2025-0571
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required ... Read more
Affected Products : sante_pacs_server- Published: Jan. 30, 2025
- Modified: Feb. 19, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-0570
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required ... Read more
Affected Products : sante_pacs_server- Published: Jan. 30, 2025
- Modified: Feb. 19, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-0569
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to expl... Read more
Affected Products : sante_pacs_server- Published: Jan. 30, 2025
- Modified: Feb. 19, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-0568
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to expl... Read more
Affected Products : sante_pacs_server- Published: Jan. 30, 2025
- Modified: Feb. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-11611
AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is require... Read more
- Published: Jan. 30, 2025
- Modified: Aug. 12, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-11610
AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is require... Read more
- Published: Jan. 30, 2025
- Modified: Aug. 12, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-11609
AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction ... Read more
- Published: Jan. 30, 2025
- Modified: Aug. 12, 2025
- Vuln Type: Memory Corruption
-
8.6
HIGHCVE-2025-24802
Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floor(num_routed_wires / 3) always include the 0 -> 0 input-output pair. Thus a malicious prover can always prove that f(0) = 0 ... Read more
Affected Products :- Published: Jan. 30, 2025
- Modified: Jan. 30, 2025
- Vuln Type: Misconfiguration
-
9.8
CRITICALCVE-2025-0147
Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access.... Read more
Affected Products : meeting_software_development_kit video_software_development_kit workplace_desktop- Published: Jan. 30, 2025
- Modified: Aug. 01, 2025
- Vuln Type: Authorization
-
5.0
MEDIUMCVE-2025-0146
Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access.... Read more
- Published: Jan. 30, 2025
- Modified: Aug. 01, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-0145
Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access.... Read more
- Published: Jan. 30, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Authorization
-
6.5
MEDIUMCVE-2025-0144
Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.... Read more
- Published: Jan. 30, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-0143
Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access.... Read more
Affected Products : meeting_software_development_kit video_software_development_kit workplace_desktop- Published: Jan. 30, 2025
- Modified: Jul. 31, 2025
- Vuln Type: Denial of Service
-
4.3
MEDIUMCVE-2025-0142
Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access.... Read more
Affected Products :- Published: Jan. 30, 2025
- Modified: Jan. 30, 2025
- Vuln Type: Information Disclosure
-
6.9
MEDIUMCVE-2024-10604
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances... Read more
Affected Products : fuchsia- Published: Jan. 30, 2025
- Modified: Jul. 29, 2025
- Vuln Type: Cryptography
-
6.3
MEDIUMCVE-2024-10603
Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances.... Read more
Affected Products : gvisor- Published: Jan. 30, 2025
- Modified: Jul. 29, 2025
- Vuln Type: Misconfiguration
-
6.3
MEDIUMCVE-2024-10026
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances.... Read more
Affected Products : gvisor- Published: Jan. 30, 2025
- Modified: Jul. 31, 2025
- Vuln Type: Cryptography
-
8.9
HIGHCVE-2025-24507
This vulnerability allows appliance compromise at boot time.... Read more
Affected Products : symantec_privileged_access_management- Published: Jan. 30, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Authentication
-
5.3
MEDIUMCVE-2025-24506
A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.... Read more
Affected Products : symantec_privileged_access_management- Published: Jan. 30, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Authentication
-
8.8
HIGHCVE-2025-24505
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.... Read more
Affected Products : symantec_privileged_access_management- Published: Jan. 30, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Authentication