7.5

CVSS3.1

CVE-2025-61617 -

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

πŸ“… Published: Dec. 1, 2025, 7:35 a.m. πŸ”„ Last Modified: Dec. 2, 2025, 3:53 p.m.

7.5

CVSS3.1

CVE-2025-3012 -

In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed

πŸ“… Published: Dec. 1, 2025, 7:35 a.m. πŸ”„ Last Modified: Dec. 2, 2025, 3:53 p.m.

7.5

CVSS3.1

CVE-2025-11133 -

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

πŸ“… Published: Dec. 1, 2025, 7:35 a.m. πŸ”„ Last Modified: Dec. 2, 2025, 3:53 p.m.

7.5

CVSS3.1

CVE-2025-11132 -

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

πŸ“… Published: Dec. 1, 2025, 7:35 a.m. πŸ”„ Last Modified: Dec. 2, 2025, 3:52 p.m.

7.5

CVSS3.1

CVE-2025-11131 -

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

πŸ“… Published: Dec. 1, 2025, 7:35 a.m. πŸ”„ Last Modified: Dec. 1, 2025, 7:30 p.m.

6.9

CVSS4.0

CVE-2025-13814 - moxi159753 Mogu Blog v2 uploadPicsByUrl LocalFileServiceImpl.uploadPictureByUrl server-side request…

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released t…

πŸ“… Published: Dec. 1, 2025, 7:32 a.m. πŸ”„ Last Modified: Dec. 3, 2025, 10:02 p.m.

6.3

CVSS4.0

CVE-2025-13813 - moxi159753 Mogu Blog v2 Storage Management Endpoint storage authorization

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rated…

πŸ“… Published: Dec. 1, 2025, 7:02 a.m. πŸ”„ Last Modified: Dec. 3, 2025, 10:02 p.m.

5.3

CVSS4.0

CVE-2025-13811 - jsnjfz WebStack-Guns PageFactory.java sql injection

A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing a manipulation of the argument sort can lead to sql injection. It is possible to launch the attack…

πŸ“… Published: Dec. 1, 2025, 6:32 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 7:16 a.m.

6.9

CVSS4.0

CVE-2025-13810 - jsnjfz WebStack-Guns KaptchaController.java renderPicture path traversal

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The explo…

πŸ“… Published: Dec. 1, 2025, 6:02 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 7:16 a.m.

5.3

CVSS4.0

CVE-2025-13809 - orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection Handl…

πŸ“… Published: Dec. 1, 2025, 5:32 a.m. πŸ”„ Last Modified: Dec. 4, 2025, 8:15 p.m.
Total resulsts: 343048
Page 2259 of 34,305
Β« previous page Β» next page
Filters