Total
18 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-10081 | 1 Ericsson | 1 Codechecker | 2025-11-14 | N/A | 10.0 CRITICAL |
| CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability. This issue affects CodeChecker: through 6.24.1. | |||||
| CVE-2025-59033 | 2025-11-14 | N/A | 7.4 HIGH | ||
| The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only the to-be-signed (TBS) part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a 'FileAttribRef' qualifier (such as file name or version) may not be blocked, whether hypervisor-protected code integrity (HVCI) is enabled or not. NOTE: The vendor disputes this CVE ID assignment and states that the driver blocklist is intended for use with HVCI. | |||||
| CVE-2025-54309 | 1 Crushftp | 1 Crushftp | 2025-11-05 | N/A | 9.0 CRITICAL |
| CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025. | |||||
| CVE-2023-20198 | 2 Cisco, Rockwellautomation | 5 Ios Xe, Allen-bradley Stratix 5200, Allen-bradley Stratix 5200 Firmware and 2 more | 2025-10-28 | N/A | 10.0 CRITICAL |
| Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343. | |||||
| CVE-2025-62820 | 2025-10-27 | N/A | 4.9 MEDIUM | ||
| Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network. | |||||
| CVE-2025-54351 | 1 Es | 1 Iperf3 | 2025-10-17 | N/A | 8.9 HIGH |
| In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv). | |||||
| CVE-2025-53967 | 2025-10-08 | N/A | 8.0 HIGH | ||
| Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize user-supplied input, enabling the attacker to inject malicious commands that are executed with the privileges of the MCP process. Exploitation requires network access to the MCP interface. | |||||
| CVE-2025-1095 | 4 Apple, Ibm, Linux and 1 more | 4 Macos, Personal Communications, Linux Kernel and 1 more | 2025-09-29 | N/A | 8.8 HIGH |
| IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). The vulnerability allows any interactively logged in users on the target computer to run commands with full privileges in the context of NT AUTHORITY\SYSTEM. This allows for a low privileged attacker to escalate their privileges. This vulnerability is due to an incomplete fix for CVE-2024-25029. | |||||
| CVE-2025-8557 | 2025-09-15 | N/A | 8.8 HIGH | ||
| An internal product security audit of Lenovo XClarity Orchestrator (LXCO) discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator (LXCO) network segment may be able to manipulate the local device to create an alternate communication channel which could allow the attacker, under certain conditions, to directly interact with backend LXCO API services typically inaccessible to users. While access controls may limit the scope of interaction, this could result in unauthorized access to internal functionality or data. This issue is not exploitable from remote networks. | |||||
| CVE-2024-8038 | 1 Canonical | 1 Juju | 2025-08-26 | N/A | 7.9 HIGH |
| Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks. | |||||
| CVE-2025-52968 | 2025-06-23 | N/A | 2.7 LOW | ||
| xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. (For example, xdg-open could be modified to, by default, associate x-scheme-handler/https with the execution of a browser with command-line options that arrange for an empty cookie store, although this would add substantial complexity, and would not be considered a desirable or expected behavior by all users.) NOTE: this is disputed because integrations of xdg-open typically do not provide information about whether the xdg-open command and arguments were manually entered by a user, or whether they were the result of a navigation from content in an untrusted origin. | |||||
| CVE-2025-52921 | 2025-06-23 | N/A | 9.9 CRITICAL | ||
| In Innoshop through 0.4.1, an authenticated attacker could exploit the File Manager functions in the admin panel to achieve code execution on the server, by uploading a crafted file and then renaming it to have a .php extension by using the Rename Function. This bypasses the initial check that uploaded files are image files. The application relies on frontend checks to restrict the administrator from changing the extension of uploaded files to .php. This restriction is easily bypassed with any proxy tool (e.g., BurpSuite). Once the attacker renames the file, and gives it the .php extension, a GET request can be used to trigger the execution of code on the server. | |||||
| CVE-2022-28693 | 2025-02-14 | N/A | 4.7 MEDIUM | ||
| Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |||||
| CVE-2023-52718 | 1 Huawei | 18 Pt9030-15, Pt9030-15 Firmware, Ws7206-10 and 15 more | 2025-01-13 | N/A | 6.4 MEDIUM |
| A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a (CVE)ID:CVE-2023-52718 | |||||
| CVE-2023-7266 | 1 Huawei | 6 Tc7001-10, Tc7001-10 Firmware, Ws7200-10 and 3 more | 2025-01-13 | N/A | 7.5 HIGH |
| Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605) This vulnerability has been assigned a (CVE)ID:CVE-2023-7266 | |||||
| CVE-2023-31241 | 2 Control4, Snapone | 13 Ca-1, Ca-10, Ea-1 and 10 more | 2024-12-09 | N/A | 8.6 HIGH |
| Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright. | |||||
| CVE-2023-4570 | 1 Ni | 1 Measurementlink | 2024-11-21 | N/A | 8.8 HIGH |
| An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using version 1.1.0 of the ni-measurementlink-service Python package and all previous versions. | |||||
| CVE-2024-6242 | 2024-08-01 | N/A | N/A | ||
| A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis. | |||||