Total
82112 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46659 | 2025-08-06 | N/A | 7.5 HIGH | ||
| An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request. | |||||
| CVE-2024-42645 | 1 Flashmq | 1 Flashmq | 2025-08-06 | N/A | 7.5 HIGH |
| An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS). | |||||
| CVE-2024-42644 | 1 Flashmq | 1 Flashmq | 2025-08-06 | N/A | 7.5 HIGH |
| FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0. | |||||
| CVE-2025-44137 | 1 Maptiler | 1 Tileserver Php | 2025-08-06 | N/A | 8.2 HIGH |
| MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of "../" and thus read any file on the web server. Affected GET parameters are "TileMatrix", "TileRow", "TileCol" and "Format" | |||||
| CVE-2025-28170 | 1 Grandstream | 2 Gxp1628, Gxp1628 Firmware | 2025-08-06 | N/A | 7.6 HIGH |
| Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files. | |||||
| CVE-2025-51970 | 1 Puneethreddyhc | 1 Online Shopping System Advanced | 2025-08-06 | N/A | 7.7 HIGH |
| A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter. | |||||
| CVE-2020-25078 | 1 Dlink | 18 Dcs-2530l, Dcs-2530l Firmware, Dcs-2670l and 15 more | 2025-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. | |||||
| CVE-2020-25079 | 1 Dlink | 18 Dcs-2530l, Dcs-2530l Firmware, Dcs-2670l and 15 more | 2025-08-06 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection. | |||||
| CVE-2022-40799 | 1 Dlink | 2 Dnr-322l, Dnr-322l Firmware | 2025-08-06 | N/A | 8.8 HIGH |
| Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. | |||||
| CVE-2025-27076 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption while processing simultaneous requests via escape path. | |||||
| CVE-2025-51040 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the /FrameSetCore.html endpoint in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2. | |||||
| CVE-2025-27065 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Transient DOS while processing a frame with malformed shared-key descriptor. | |||||
| CVE-2025-54655 | 2025-08-06 | N/A | 8.1 HIGH | ||
| Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module. | |||||
| CVE-2025-21473 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption when using Virtual cdm (Camera Data Mover) to write registers. | |||||
| CVE-2025-51624 | 2025-08-06 | N/A | 7.6 HIGH | ||
| Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0. | |||||
| CVE-2025-27068 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption while processing an IOCTL command with an arbitrary address. | |||||
| CVE-2025-46387 | 2025-08-06 | N/A | 8.8 HIGH | ||
| CWE-639 Authorization Bypass Through User-Controlled Key | |||||
| CVE-2025-54627 | 2025-08-06 | N/A | 8.8 HIGH | ||
| Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-27075 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host. | |||||
| CVE-2025-27066 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Transient DOS while processing an ANQP message. | |||||