9.4
CVE-2025-65008 - OS Command Injection in WODESYS WD-R608U router
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) due to lack of validation in the langGet parameter in the adm.cgi endpoint, the malicious attacker can execute system shell commands. The vendor was notified early about this vulnerability, but didn't respond with the details of vul…
8.7
CVE-2025-65007 - Missing Authentication for Critical Function in WODESYS WD-R608U router
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) due to lack of authentication in the configuration change module in the adm.cgi endpoint, the unauthenticated attacker can execute commands including backup creation, device restart and resetting the device to factory settings. The …
8.5
CVE-2025-64469 - Stack-based Buffer Overflow in LVResource::DetachResource() in NI LabVIEW
There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially…
8.5
CVE-2025-64468 - Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW
There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerabil…
7.5
CVE-2025-7358 - Use of Hard-coded Credentials in Utarit Informatics' SoliClub
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows Authentication Abuse.This issue affects SoliClub: before 5.3.7.
4.3
CVE-2025-7047 - Missing Authorization in Utarit Informatics' SoliClub
Missing Authorization vulnerability in Utarit Informatics Services Inc. SoliClub allows Privilege Abuse.This issue affects SoliClub: before 5.3.7.
8.5
CVE-2025-64467 - Out-of-Bounds Read in LVResFile::FindRsrcListEntry() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted…
8.5
CVE-2025-64466 - Out-of-Bounds Read in lvre!ExecPostedProcRecPost() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted V…
8.5
CVE-2025-64465 - Out-of-Bounds Read in lvre!DataSizeTDR() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vu…
8.5
CVE-2025-64464 - Out-of-Bounds Read in lvre!VisaWriteFromFile() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. T…