7.7

CVSS4.0

CVE-2024-56836 -

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (Aโ€ฆ

๐Ÿ“… Published: Dec. 9, 2025, 10:44 a.m. ๐Ÿ”„ Last Modified: Jan. 13, 2026, 10:15 a.m.

8.7

CVSS4.0

CVE-2024-56835 -

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (Aโ€ฆ

๐Ÿ“… Published: Dec. 9, 2025, 10:44 a.m. ๐Ÿ”„ Last Modified: Jan. 13, 2026, 10:15 a.m.

5.3

CVSS3.1

CVE-2025-59029 - Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

๐Ÿ“… Published: Dec. 9, 2025, 9:16 a.m. ๐Ÿ”„ Last Modified: Feb. 19, 2026, 5:13 p.m.

7.5

CVSS3.1

CVE-2025-59030 - Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP.

๐Ÿ“… Published: Dec. 9, 2025, 9:15 a.m. ๐Ÿ”„ Last Modified: Feb. 19, 2026, 5:04 p.m.

8.4

CVSS4.0

CVE-2025-66271 -

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.

๐Ÿ“… Published: Dec. 9, 2025, 8:29 a.m. ๐Ÿ”„ Last Modified: Dec. 10, 2025, 5:52 p.m.

4.8

CVSS4.0

CVE-2025-64696 -

Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications.

๐Ÿ“… Published: Dec. 9, 2025, 8:16 a.m. ๐Ÿ”„ Last Modified: Dec. 9, 2025, 6:36 p.m.

4.3

CVSS3.1

CVE-2025-41693 - Authenticated Denial-of-Service via SSH

A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected.

๐Ÿ“… Published: Dec. 9, 2025, 8:13 a.m. ๐Ÿ”„ Last Modified: Dec. 19, 2025, 6:11 p.m.

4.6

CVSS3.1

CVE-2025-41696 - Hardcoded User Password

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device.

๐Ÿ“… Published: Dec. 9, 2025, 8:13 a.m. ๐Ÿ”„ Last Modified: Dec. 19, 2025, 6:12 p.m.

6.5

CVSS3.1

CVE-2025-41694 - Authenticated Denial-of-Service via Webshell

A low privileged remote attacker can run the webshell with an empty command containing whitespace. The server will then block until it receives more data, resulting in a DoS condition of the websserver.

๐Ÿ“… Published: Dec. 9, 2025, 8:12 a.m. ๐Ÿ”„ Last Modified: Dec. 19, 2025, 6:12 p.m.

6.8

CVSS3.1

CVE-2025-41692 - Weak/Predictable root Password

A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm.

๐Ÿ“… Published: Dec. 9, 2025, 8:12 a.m. ๐Ÿ”„ Last Modified: Dec. 19, 2025, 6:11 p.m.
Total resulsts: 343979
Page 2224 of 34,398
ยซ previous page ยป next page
Filters