Latest CVE Feed
-
6.1
MEDIUMCVE-2025-7949
A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html.... Read more
Affected Products : publiccms- Published: Jul. 22, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Misconfiguration
-
6.6
MEDIUMCVE-2024-53016
Memory corruption while processing I2C settings in Camera driver.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware sd865_5g_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware +58 more products- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
6.6
MEDIUMCVE-2024-53013
Memory corruption may occur while processing voice call registration with user.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +110 more products- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
6.1
MEDIUMCVE-2025-7953
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS up to 5.202506.a. This issue affects some unknown processing of the file publiccms-parent/publiccms/src/main/webapp/resource/plugins/pdfjs/viewer.html. The manipulat... Read more
Affected Products : publiccms- Published: Jul. 22, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2025-21441
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware qca1062_firmware +88 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-55164
content-security-policy-parser parses content security policy directives. A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if a policy name is called __proto__, one can override the Object prototype. This issue has been pa... Read more
Affected Products :- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Misconfiguration
-
5.2
MEDIUMCVE-2025-53013
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an *invalid* Linux Hello PIN, provided the host i... Read more
Affected Products :- Published: Jun. 26, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Authentication
-
3.1
LOWCVE-2025-46824
The Discourse Code Review Plugin allows users to review GitHub commits on Discourse. Prior to commit eed3a80, an attacker can execute arbitrary JavaScript on users' browsers by posting links to malicious GitHub commits. This problem is patched in commit e... Read more
Affected Products :- Published: May. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Cross-Site Scripting
-
9.0
HIGHCVE-2025-8019
A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. ... Read more
- Published: Jul. 22, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-46198
Cross Site Scripting vulnerability in grav v.1.7.48, v.1.7.47 and v.1.7.46 allows an attacker to execute arbitrary code via the onerror attribute of the img element... Read more
Affected Products : grav- Published: Jul. 25, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Cross-Site Scripting
-
7.8
HIGHCVE-2025-21440
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware qca1062_firmware +88 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2025-26063
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.... Read more
- Published: Jul. 31, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Injection
-
7.3
HIGHCVE-2025-26064
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.... Read more
- Published: Jul. 31, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-7204
In ConnectWise PSA versions older than 2025.9, a vulnerability exists where authenticated users could gain access to sensitive user information. Specific API requests were found to return an overly verbose user object, which included encrypted password ha... Read more
Affected Products : professional_service_automation- Published: Jul. 09, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2024-56468
IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service.... Read more
Affected Products : infosphere_data_replication- Published: Jul. 08, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-27073
Transient DOS while creating NDP instance.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd865_5g_firmware wcd9380_firmware wcd9385_firmware +330 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-27065
Transient DOS while processing a frame with malformed shared-key descriptor.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd865_5g_firmware wcd9380_firmware wcd9385_firmware +290 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-21477
Transient DOS while processing CCCH data when NW sends data with invalid length.... Read more
Affected Products : qca6391_firmware qca6595au_firmware qca6696_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +168 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21456
Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +118 more products- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
6.2
MEDIUMCVE-2025-54608
Vulnerability that allows setting screen rotation direction without permission verification in the screen management module. Impact: Successful exploitation of this vulnerability may cause device screen orientation to be arbitrarily set.... Read more
Affected Products : harmonyos- Published: Aug. 06, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Authorization