4.8

CVSS3.1

CVE-2025-14579 - Quiz Maker < 6.7.0.89 - Admin+ Stored XSS

The Quiz Maker WordPress plugin before 6.7.0.89 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: Jan. 12, 2026, 6 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.7

CVSS4.0

CVE-2026-0854 - Merit LILIN|NVR - OS Command Injection

Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.

πŸ“… Published: Jan. 12, 2026, 5:58 a.m. πŸ”„ Last Modified: April 18, 2026, 7:15 a.m.

2.3

CVSS4.0

CVE-2025-69276 - Spectrum insecure deserialiation

Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:53 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 4:41 p.m.

7.1

CVSS4.0

CVE-2025-69275 - Spectrum outdated java library in class-path

Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:47 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 4:47 p.m.

2.3

CVSS4.0

CVE-2025-69274 - Spectrum broken authorization scheme

Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:42 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 4:48 p.m.

8.7

CVSS4.0

CVE-2025-69273 - Spectrum broken authentication

Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:38 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 5:53 p.m.

5.3

CVSS4.0

CVE-2025-69272 - Spectrum password returned in clear

Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:33 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 5:54 p.m.

2.3

CVSS4.0

CVE-2025-69271 - Spectrum basic authentication in use

Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:27 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 5:55 p.m.

2.3

CVSS4.0

CVE-2025-69270 - Spectrum session token in URL

Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:20 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 5:56 p.m.

7.1

CVSS4.0

CVE-2025-69269 - Spectrum command injection in NCM service

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows OS Command Injection.This issue affects DX NetOps Spectrum: 23.3.6 and earlier.

πŸ“… Published: Jan. 12, 2026, 4:10 a.m. πŸ”„ Last Modified: Jan. 14, 2026, 6:01 p.m.
Total resulsts: 349182
Page 2195 of 34,919
Β« previous page Β» next page
Filters