Latest CVE Feed
-
7.3
HIGHCVE-2025-7405
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to read or write the device values of the product and stop the operation of the programs, ... Read more
Affected Products : melsec_iq-fx5u-32mt\/es_firmware melsec_iq-fx5u-32mt\/ds_firmware melsec_iq-fx5u-32mt\/ess_firmware melsec_iq-fx5u-32mt\/dss_firmware melsec_iq-fx5u-32mr\/es_firmware melsec_iq-fx5u-32mr\/ds_firmware melsec_iq-fx5u-64mt\/es_firmware melsec_iq-fx5u-64mt\/ds_firmware melsec_iq-fx5u-64mt\/ess_firmware melsec_iq-fx5u-64mt\/dss_firmware +11 more products- Published: Sep. 01, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Authentication
-
8.4
HIGHCVE-2010-10017
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records ... Read more
Affected Products :- Published: Aug. 30, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Memory Corruption
-
5.1
MEDIUMCVE-2025-9688
A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function write_is_viewer of the file src/device/cart/is_viewer.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely... Read more
Affected Products :- Published: Aug. 30, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-7731
Cleartext Transmission of Sensitive Information vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to obtain credential information by intercepting SLMP communication messages, and read ... Read more
Affected Products : melsec_iq-fx5u-32mt\/es_firmware melsec_iq-fx5u-32mt\/ds_firmware melsec_iq-fx5u-32mt\/ess_firmware melsec_iq-fx5u-32mt\/dss_firmware melsec_iq-fx5u-32mr\/es_firmware melsec_iq-fx5u-32mr\/ds_firmware melsec_iq-fx5u-64mt\/es_firmware melsec_iq-fx5u-64mt\/ds_firmware melsec_iq-fx5u-64mt\/ess_firmware melsec_iq-fx5u-64mt\/dss_firmware +11 more products- Published: Sep. 01, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-58178
SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. In versions 4 to 5.3.0, a command injection vulnerability was discovered in the SonarQube Scan GitHub Action that allows untrusted input argument... Read more
Affected Products :- Published: Sep. 02, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Injection
-
8.6
HIGHCVE-2025-52550
E3 Site Supervisor Control (firmware version < 2.31F01) firmware upgrade packages are unsigned. An attacker can forge malicious firmware upgrade packages. An attacker with admin access to the application services can install a malicious firmware upgrade.... Read more
Affected Products :- Published: Sep. 02, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Authentication
-
6.8
MEDIUMCVE-2025-9810
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.... Read more
Affected Products :- Published: Sep. 01, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Race Condition
-
8.6
HIGHCVE-2025-0610
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request Forgery.This issue affects QR Menü: from s1.05.06 before v1.05.12.... Read more
Affected Products :- Published: Sep. 01, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Cross-Site Request Forgery