Latest CVE Feed
-
9.0
CRITICALCVE-2025-54117
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text ed... Read more
Affected Products : nameless- Published: Aug. 18, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Cross-Site Scripting
-
7.2
HIGHCVE-2025-54421
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords ... Read more
Affected Products : nameless- Published: Aug. 18, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Cross-Site Scripting
-
5.3
MEDIUMCVE-2025-54118
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code ... Read more
Affected Products : nameless- Published: Aug. 18, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-5047
A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of t... Read more
- Published: Aug. 15, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-5048
A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more
- Published: Aug. 15, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-5046
A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context... Read more
- Published: Aug. 15, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21447
Memory corruption may occur while processing device IO control call for session control.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21436
Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.... Read more
- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21437
Memory corruption while processing memory map or unmap IOCTL operations simultaneously.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware qca6574_firmware qca6574a_firmware +52 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-43058
Memory corruption while processing IOCTL calls.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware fastconnect_6900_firmware fastconnect_7800_firmware snapdragon_8_gen_1_mobile_platform_firmware wcd9380 wsa8830 wsa8835 fastconnect_6900 +2 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-43067
Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +106 more products- Published: Apr. 07, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
6.9
MEDIUMCVE-2025-30034
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to c... Read more
Affected Products : simatic_rtls_locating_manager- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
9.4
CRITICALCVE-2025-40746
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to ... Read more
Affected Products : simatic_rtls_locating_manager- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2025-40751
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenti... Read more
Affected Products : simatic_rtls_locating_manager- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Authentication
-
7.5
HIGHCVE-2025-40770
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the int... Read more
Affected Products : sinec_traffic_analyzer- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Misconfiguration
-
7.9
HIGHCVE-2025-49707
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-27031
memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-27029
Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.... Read more
Affected Products : wsa8830_firmware wsa8835_firmware ipq9008_firmware ipq9574_firmware qca8075_firmware qca8081_firmware qca8082_firmware qca8084_firmware qca8085_firmware qca8386_firmware +124 more products- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21486
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21485
Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.... Read more
- Published: Jun. 03, 2025
- Modified: Aug. 20, 2025
- Vuln Type: Memory Corruption