Latest CVE Feed
-
4.3
MEDIUMCVE-2025-20365
A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attacker to modify the IPv6 gateway on an affected device. This vulnerability is due to a logic error in the... Read more
Affected Products :- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Denial of Service
-
4.3
MEDIUMCVE-2025-20364
A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point (AP) Software could allow an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This vulnerability is due... Read more
Affected Products :- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Injection
-
5.8
MEDIUMCVE-2025-20339
A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the improper enforcement of the implicit... Read more
Affected Products : sd-wan_vedge_router- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Authorization
-
8.8
HIGHCVE-2025-20334
A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. This vulnerability is due to insufficient input validation.... Read more
Affected Products : ios_xe- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Injection
-
4.8
MEDIUMCVE-2025-10909
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site script... Read more
Affected Products :- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Cross-Site Scripting
-
8.8
HIGHCVE-2025-10892
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-10891
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
9.1
CRITICALCVE-2025-10890
Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Information Disclosure
-
8.8
HIGHCVE-2025-10585
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more
- Actively Exploited
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-10502
Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-10501
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-10500
Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2025-56819
An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter.... Read more
Affected Products :- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-47329
Memory corruption while handling invalid inputs in application info setup.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware +66 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-47328
Transient DOS while processing power control requests with invalid antenna or stream values.... Read more
Affected Products : wsa8830_firmware wsa8835_firmware ipq9008_firmware ipq9574_firmware qca8075_firmware qca8081_firmware qca8082_firmware qca8084_firmware qca8085_firmware qca8386_firmware +124 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-47327
Memory corruption while encoding the image data.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +72 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-47326
Transient DOS while handling command data during power control processing.... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-47318
Transient DOS while parsing the EPTM test control message to get the test pattern.... Read more
Affected Products :- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-47317
Memory corruption due to global buffer overflow when a test command uses an invalid payload type.... Read more
Affected Products : wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware wcd9370_firmware wcd9375_firmware wsa8832_firmware fastconnect_6200_firmware +96 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47316
Memory corruption due to double free when multiple threads race to set the timestamp store.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +48 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption