Latest CVE Feed
-
7.5
HIGHCVE-2025-11488
A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public... Read more
Affected Products : dir-852_firmware- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Injection
-
6.5
MEDIUMCVE-2025-42706
A logic error exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 ... Read more
Affected Products :- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Denial of Service
-
8.7
HIGHCVE-2025-9868
Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests.... Read more
Affected Products : nexus_repository_manager- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Server-Side Request Forgery
-
5.6
MEDIUMCVE-2025-42701
A race condition exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.... Read more
Affected Products :- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Race Condition