0.0

CVE-2025-26215 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 5:15 p.m.

0.0

CVE-2025-29384 -

In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 5:15 p.m.

0.0

CVE-2025-29385 -

In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 5:15 p.m.

0.0

CVE-2025-29386 -

In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 5:15 p.m.

0.0

CVE-2025-29387 -

In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 5:15 p.m.

0.0

CVE-2024-29409 -

File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header.

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 6:15 p.m.

0.0

CVE-2025-26312 -

SendQuick Entera devices before 11HF5 are vulnerable to CAPTCHA bypass via the captcha parameter

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 6:15 p.m.

7.8

CVSS3.1

CVE-2024-55549 - libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.

๐Ÿ“… Published: March 14, 2025, midnight ๐Ÿ”„ Last Modified: March 14, 2025, 7:27 p.m.

3.3

CVSS3.1

CVE-2025-27496 - Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption maโ€ฆ

๐Ÿ“… Published: March 13, 2025, 7:01 p.m. ๐Ÿ”„ Last Modified: March 13, 2025, 7:51 p.m.

8.5

CVSS4.0

CVE-2025-2229 - Philips Intellispace Cardiovascular (ISCV) Use of Weak Credentials

A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations.

๐Ÿ“… Published: March 13, 2025, 6:17 p.m. ๐Ÿ”„ Last Modified: March 13, 2025, 7:30 p.m.
Total resulsts: 285422
Page 20 of 28,543
ยซ previous page ยป next page
Filters