7.8

CVSS3.1

CVE-2025-12771 - IBM Concert Software Improper Restriction of Operations within the Bounds of a Memory Buffer.

IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.

πŸ“… Published: Dec. 26, 2025, 1:01 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 4:07 p.m.

5.9

CVSS3.1

CVE-2025-1721 - BM Concert Software Improper Clearing of Heap Memory Before Release.

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.

πŸ“… Published: Dec. 26, 2025, 12:55 p.m. πŸ”„ Last Modified: Dec. 29, 2025, 6:15 p.m.

7.8

CVSS3.1

CVE-2025-67450 -

Due to insecure library loading in the Eaton UPS Companion software executable,Β an attacker with access to the software package could perform arbitrary code execution .Β This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

πŸ“… Published: Dec. 26, 2025, 6:59 a.m. πŸ”„ Last Modified: Feb. 18, 2026, 2:38 p.m.

6.7

CVSS3.1

CVE-2025-59888 -

Improper quotation in search paths in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the file system. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

πŸ“… Published: Dec. 26, 2025, 6:53 a.m. πŸ”„ Last Modified: Feb. 18, 2026, 2:39 p.m.

8.6

CVSS3.1

CVE-2025-59887 -

Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

πŸ“… Published: Dec. 26, 2025, 6:48 a.m. πŸ”„ Last Modified: Feb. 18, 2026, 2:37 p.m.

7.2

CVSS4.0

CVE-2025-62578 - DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information

DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information

πŸ“… Published: Dec. 26, 2025, 6:05 a.m. πŸ”„ Last Modified: Jan. 8, 2026, 10:02 p.m.

5.8

CVSS4.0

CVE-2025-8075 - Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The manu…

πŸ“… Published: Dec. 26, 2025, 4:31 a.m. πŸ”„ Last Modified: Jan. 7, 2026, 6:48 p.m.

6.3

CVSS4.0

CVE-2025-52601 - Hardcoding sensitive information

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T…

πŸ“… Published: Dec. 26, 2025, 4:29 a.m. πŸ”„ Last Modified: Jan. 7, 2026, 6:46 p.m.

5.2

CVSS4.0

CVE-2025-52600 - Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the…

πŸ“… Published: Dec. 26, 2025, 4:20 a.m. πŸ”„ Last Modified: Jan. 7, 2026, 6:45 p.m.

5.4

CVSS3.1

CVE-2025-68946 - gitea: Gitea: Cross-Site Scripting (XSS) via forbidden URL scheme in links

In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS.

πŸ“… Published: Dec. 26, 2025, 4:14 a.m. πŸ”„ Last Modified: Dec. 31, 2025, 10:17 p.m.
Total resulsts: 347398
Page 2222 of 34,740
Β« previous page Β» next page
Filters