5.1

CVSS4.0

CVE-2025-6983 - Clickjacking vulnerability on the management web application of TP-LINK Archer C1200

A Clickjackingย vulnerability in TP-Link Archer C1200 web management page allows an attacker to trick users into performing unintended actions via rendered UI layers or frames.This issue affects Archer C1200 <= 1.1.5.

๐Ÿ“… Published: July 16, 2025, 8:10 p.m. ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

6.9

CVSS4.0

CVE-2025-6982 - Hardcoded DES Decryption Keys in TP-Link Archer C50 V3/V4/V5

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= 200407 ),ย allows attackers to decrypt the config.xml files.

๐Ÿ“… Published: July 16, 2025, 8:01 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 2:20 p.m.

8.3

CVSS4.0

CVE-2025-53908 - RomM vulnerable to Authenticated Path Traversal

RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the `/api/raw` endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official imโ€ฆ

๐Ÿ“… Published: July 16, 2025, 7:55 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.3

CVSS3.1

CVE-2025-37107 -

An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

๐Ÿ“… Published: July 16, 2025, 5:55 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.3

CVSS3.1

CVE-2025-37106 -

An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

๐Ÿ“… Published: July 16, 2025, 5:53 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.5

CVSS3.1

CVE-2025-36097 - IBM WebSphere Application Server denial of service

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources.

๐Ÿ“… Published: July 16, 2025, 5:44 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 2:25 p.m.

7.5

CVSS3.1

CVE-2025-37105 -

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

๐Ÿ“… Published: July 16, 2025, 5:42 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.5

CVSS3.1

CVE-2025-40777 - A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cacโ€ฆ

๐Ÿ“… Published: July 16, 2025, 5:38 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 2:25 p.m.

1.3

CVSS4.0

CVE-2025-53904 - The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/admin.js` contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication.

๐Ÿ“… Published: July 16, 2025, 5:02 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 2:27 p.m.

10

CVSS3.1

CVE-2025-20337 - Cisco ISE API Unauthenticated Remote Code Execution Vulnerability

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to iโ€ฆ

๐Ÿ“… Published: July 16, 2025, 4:17 p.m. ๐Ÿ”„ Last Modified: July 17, 2025, 8:42 p.m.
Total resulsts: 302394
Page 21 of 30,240
ยซ previous page ยป next page
Filters