Latest CVE Feed
-
6.4
MEDIUMCVE-2025-3782
The Cision Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 4.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated atta... Read more
Affected Products :- Published: May. 06, 2025
- Modified: May. 07, 2025
- Vuln Type: Cross-Site Scripting
-
7.5
HIGHCVE-2025-2011
The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient prepara... Read more
Affected Products :- Published: May. 06, 2025
- Modified: May. 07, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-4343
A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. ... Read more
- Published: May. 06, 2025
- Modified: May. 13, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2025-4342
A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched rem... Read more
- Published: May. 06, 2025
- Modified: May. 13, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2025-4341
A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTP_ST/REMO... Read more
- Published: May. 06, 2025
- Modified: May. 13, 2025
- Vuln Type: Injection
-
5.5
MEDIUMCVE-2025-27248
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-27241
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-27132
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-25218
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-25052
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-22886
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +72 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21470
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +58 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21469
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.... Read more
- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21468
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +298 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21467
Memory corruption while reading the FW response from the shared queue.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +208 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21462
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.... Read more
Affected Products : sa6155p_firmware sa8155p_firmware sa8195p_firmware wcd9380_firmware wcd9385_firmware sa4150p_firmware sa4155p_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware +16 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21460
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +62 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-21459
Transient DOS while parsing per STA profile in ML IE.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9341_firmware +242 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +526 more products- Published: May. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption