5.4
CVE-2025-14596 - Quartus Prime Pro Edition Installer Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.
9.9
CVE-2025-30996 - WordPress Themify Newsy <= 1.9.9 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Newsy newsy allows Upload a Web Shell to a Web Server.This issue affects Themify Newsy: from n/a through <= 1.9.9.
8.4
CVE-2025-13744 - Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub β¦
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component (search) across GitHub that could be used to exfiltrate sensitive information. An attacker would requiβ¦
7.1
CVE-2025-30631 - WordPress Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) <= 1.2 - Croβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) azon-addon-js-composer allows Reflected XSS.This issue affects Amazon Affiliates Addon for WPBakery Page Builderβ¦
8.8
CVE-2025-29004 - WordPress Responsive Coming Soon Landing Page / Holding Page for WordPress plugin <= 3.0 - Privilegβ¦
Incorrect Privilege Assignment vulnerability in AA-Team Responsive Coming Soon Landing Page / Holding Page for WordPress wordpress-flat-countdown allows Privilege Escalation.This issue affects Responsive Coming Soon Landing Page / Holding Page for WordPress: from n/a through <= 3.0.
5.5
CVE-2026-21492 - iccDEV ToneMap Writer has NULL Pointer Member Call
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a NULL pointer member call vulnerability. This vulnerability affects users of the iccDEV libraβ¦
5.3
CVE-2025-7048 - On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can β¦
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic.
6.1
CVE-2026-21491 - iccDEV has unicode buffer overflow in CIccTagTextDescription
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It rβ¦
6.1
CVE-2026-21490 - iccDEV has heap buffer overflow in CIccTagLut16::Validate()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It rβ¦
5.3
CVE-2026-0641 - TOTOLINK WA300 cstecgi.cgi sub_401510 command injection
A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_FILENAME leads to command injection. The attack may be initiated remotely. The exploit has been discβ¦