Latest CVE Feed
-
8.1
CVSS31CVE-2025-24888
The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions on the SecureDrop Workstation. Prior to version 0.14.1, a malicious SecureDrop Server could obtain code execution on the SecureDrop Client... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25389
A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25387
A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
6.2
CVSS31CVE-2025-0426
A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25901
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
4.9
CVSS31CVE-2025-25900
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25898
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25897
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'ip' parameter at /userRpm/WanStaticIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25357
A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25356
A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the " todate" POST request parameter.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25355
A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the fromdate POST request parameter.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25354
A SQL Injection was found in /admin/admin-profile.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactnumber POST request parameter.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
0.0
NONECVE-2025-25352
A SQL Injection vulnerability was found in /admin/aboutus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the pagetitle POST request parameter.... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
4.7
CVSS31CVE-2025-25287
Lakeus is a simple skin made for MediaWiki. Starting in version 1.8.0 and prior to versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0, Lakeus is vulnerable to store cross-site scripting via malicious system messages, though editing the messages requires hig... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
8.5
CVSS31CVE-2025-24904
libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, plaintext content envelopes could be injecte... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
8.5
CVSS31CVE-2025-24903
libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impers... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
7.0
CVSS31CVE-2025-22480
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privilege... Read more
Affected Products :- Published: Feb. 13, 2025
- Modified: Feb. 13, 2025
-
7.5
CVSS31CVE-2024-41917
Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software before version 2.4.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
Affected Products : battery_life_diagnostic_tool- Published: Feb. 12, 2025
- Modified: Feb. 13, 2025
-
3.3
CVSS31CVE-2024-39286
Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products :- Published: Feb. 12, 2025
- Modified: Feb. 13, 2025
-
6.5
CVSS31CVE-2024-36293
Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products :- Published: Feb. 12, 2025
- Modified: Feb. 13, 2025