6.9
CVE-2025-34451 - rofl0r/proxychains-ng <= 4.17 Stack-based Buffer Overflow
rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fโฆ
6.9
CVE-2025-34450 - merbanan/rtl_433 <= 25.02 Stack-based Buffer Overflow
merbanan/rtl_433 versions up to and including 25.02 and prior to commit 25e47f8 contain a stack-based buffer overflow vulnerability in the function parse_rfraw() located in src/rfraw.c. When processing crafted or excessively large raw RF input data, the application may write beyond the bounds of a โฆ
6.9
CVE-2025-34449 - Genymobile/scrcpy <= 3.3.3 Global Buffer Overflow
Genymobile/scrcpy versions up to and including 3.3.3 and prior to commit 3e40b24 contain aย global buffer overflow vulnerability in the function sc_read32be, invoked via sc_device_msg_deserialize() and process_msgs(). Processing crafted device messages can cause reads beyond the bounds of a global bโฆ
7.5
CVE-2025-53710 - Network boundaries not respected in certain Foundry namespaces.
Due to a product misconfiguration in certain deployment types, it was possible from different pods in the same namespace to communicate with each other. This issue resulted in bypass of access control due to the presence of a vulnerable endpoint in Foundry Container Service that executed user-contrโฆ
6.3
CVE-2025-68161 - Apache Log4j Core: Missing TLS hostname verification in Socket appender
The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName configuration attribuโฆ
5.3
CVE-2025-67653 - Advantech WebAccess/SCADA Path Traversal
Advantech WebAccess/SCADAย is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files.
7.5
CVE-2025-62004 - BullWall Server Intrusion Protection initialization race condition
BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0, 4.6.โฆ
7.5
CVE-2025-62003 - BullWall Server Intrusion Protection connection delay
BullWall Server Intrusion Protection has a noticeable delay before the MFA check when connecting via RDP. A remote authenticated attacker with administrative privileges can potentially bypass detection during this window. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affectedโฆ
5.3
CVE-2025-46268 - Advantech WebAccess/SCADA SQL Injection
Advantech WebAccess/SCADAย is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands.
5.3
CVE-2025-14848 - Advantech WebAccess/SCADA Absolute Path Traversal
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files.