Latest CVE Feed
-
7.8
HIGHCVE-2025-47353
Memory corruption while processing request sent from GVM.... Read more
Affected Products : qca6595_firmware qca6698aq_firmware sa9000p_firmware qam8255p_firmware qca6797aq_firmware sa8255p_firmware qam8650p_firmware qam8775p_firmware qca6595 sa8770p_firmware +26 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
8.0
HIGHCVE-2025-47357
Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.... Read more
Affected Products : qca6595au_firmware qca6696_firmware qca6595_firmware qca6678aq_firmware qca6698aq_firmware sa9000p_firmware qam8255p_firmware qca6797aq_firmware sa8255p_firmware qam8650p_firmware +38 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-47360
Memory corruption while processing client message during device management.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +60 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47361
Memory corruption when triggering a subsystem crash with an out-of-range identifier.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware +46 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
6.1
MEDIUMCVE-2025-47362
Information disclosure while processing message from client with invalid payload.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +66 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-47365
Memory corruption while processing large input data from a remote source via a communication interface.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +60 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47367
Memory corruption while accessing a buffer during IOCTL processing.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47368
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-47370
Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +262 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-20725
In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges nee... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-20726
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
9.1
CRITICALCVE-2025-64459
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary,... Read more
Affected Products : django- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Injection
-
7.5
HIGHCVE-2025-64458
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence, `django.http.HttpResponseRedirect`, `django.http.HttpResponsePermanentRedirect`, and the shortcut `dj... Read more
Affected Products : django- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Denial of Service
-
10.0
CRITICALCVE-2025-62168
Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error handling allows information disclosure. The vulnerability allows a script to bypass browser security protections and learn t... Read more
Affected Products : squid- Published: Oct. 17, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Information Disclosure
-
8.3
HIGHCVE-2025-57130
An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6.07 allows a remote, authenticated attacker to escalate their privileges. By sending a specially crafted HTTP request, a low-privilege user can access and mod... Read more
Affected Products :- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Authorization
-
6.7
MEDIUMCVE-2025-46424
Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service.... Read more
Affected Products : cloudlink- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Cryptography
-
6.7
MEDIUMCVE-2025-46366
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information.... Read more
Affected Products : cloudlink- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Authorization
-
5.3
MEDIUMCVE-2025-46365
Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink.... Read more
Affected Products : cloudlink- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Injection
-
9.1
CRITICALCVE-2025-46364
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system.... Read more
Affected Products :- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Authentication
-
8.4
HIGHCVE-2025-45379
Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system.... Read more
Affected Products : cloudlink- Published: Nov. 05, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Injection