7.5

CVSS3.1

CVE-2025-71020 -

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_4C408 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 9 p.m.

6.1

CVSS3.1

CVE-2025-56451 -

Cross site scripting vulnerability in seeyon Zhiyuan A8+ Collaborative Management Software 7.0 via the topValue parameter to the seeyon/main.do endpoint.

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:05 p.m.

4.8

CVSS3.1

CVE-2025-51602 -

mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server.

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:05 p.m.

2.6

CVSS3.1

CVE-2025-61873 -

Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used.

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:05 p.m.

7.5

CVSS3.1

CVE-2025-70746 -

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 8:53 p.m.

5.5

CVSS3.1

CVE-2025-69581 -

An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to vโ€ฆ

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:05 p.m.

6.7

CVSS3.1

CVE-2025-24531 - pam_pkcs11: authentication bypass in error situations

In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:05 p.m.

4.2

CVSS3.1

CVE-2025-43904 -

In SchedMD Slurm before 24.11.5, 24.05.8, and 23.11.11, the accounting system can allow a Coordinator to promote a user to Administrator.

๐Ÿ“… Published: Jan. 16, 2026, midnight ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:05 p.m.

9.3

CVSS4.0

CVE-2025-14237 -

Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02โ€ฆ

๐Ÿ“… Published: Jan. 15, 2026, 11:40 p.m. ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:11 p.m.

9.3

CVSS4.0

CVE-2025-14236 -

Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and eaโ€ฆ

๐Ÿ“… Published: Jan. 15, 2026, 11:39 p.m. ๐Ÿ”„ Last Modified: Jan. 26, 2026, 3:11 p.m.
Total resulsts: 330071
Page 205 of 33,008
ยซ previous page ยป next page
Filters