8.6
CVE-2025-15472 - TRENDnet TEW-811DRU httpd uapply.cgi setDeviceURL os command injection
A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used…
5.4
CVE-2025-14625 - Quartus® Prime Standard and Quartus® Prime Lite Security Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus P…
5.4
CVE-2025-14614 - Quartus® Prime Standard and Quartus® Prime Lite Security Advisory
Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: …
9.3
CVE-2025-15471 - TRENDnet TEW-713RE formFSrvX os command injection
A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function of the file /goformX/formFSrvX. The manipulation of the argument SZCMD results in os command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The v…
5.4
CVE-2025-14599 - Quartus® Prime Standard and Quartus® Prime Lite Security Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 thro…
5.4
CVE-2025-14612 - Quartus Prime Pro Edition Advisory
Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1.
5.4
CVE-2025-14605 - Quartus Prime Pro Edition Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.
7.1
CVE-2025-31642 - WordPress WPCHURCH plugin <= 2.7.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dasinfomedia WPCHURCH allows Reflected XSS.This issue affects WPCHURCH: from n/a through 2.7.0.
5.3
CVE-2025-31051 - WordPress Plant - Gardening & Houseplants WordPress Theme <= 1.0.0 - Sensitive Data Exposure Vulner…
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EngoTheme Plant - Gardening & Houseplants WordPress Theme allows Retrieve Embedded Sensitive Data.This issue affects Plant - Gardening & Houseplants WordPress Theme: from n/a through 1.0.0.
5.4
CVE-2025-14596 - Quartus Prime Pro Edition Installer Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.