8.7

CVSS4.0

CVE-2025-34118 - Linknat VOS Manager Path Traversal File Disclosure

A path traversal vulnerability exists in Linknat VOS Manager versions prior to 2.1.9.07, including VOS2009 and early VOS3000 builds, that allows unauthenticated remote attackers to read arbitrary files on the server. The vulnerability is accessible via multiple localized subpaths such as '/eng/', 'โ€ฆ

๐Ÿ“… Published: July 16, 2025, 9:03 p.m. ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

9.3

CVSS4.0

CVE-2025-34117 - Netcore / Netis Routers RCE via UDP Port 53413 Backdoor

A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can sendโ€ฆ

๐Ÿ“… Published: July 16, 2025, 9:02 p.m. ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

5.1

CVSS4.0

CVE-2025-6983 - Clickjacking vulnerability on the management web application of TP-LINK Archer C1200

A Clickjackingย vulnerability in TP-Link Archer C1200 web management page allows an attacker to trick users into performing unintended actions via rendered UI layers or frames.This issue affects Archer C1200 <= 1.1.5.

๐Ÿ“… Published: July 16, 2025, 8:10 p.m. ๐Ÿ”„ Last Modified: July 17, 2025, 9:15 p.m.

6.9

CVSS4.0

CVE-2025-6982 - Hardcoded DES Decryption Keys in TP-Link Archer C50 V3/V4/V5

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= 200407 ),ย allows attackers to decrypt the config.xml files.

๐Ÿ“… Published: July 16, 2025, 8:01 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 2:20 p.m.

8.3

CVSS4.0

CVE-2025-53908 - RomM vulnerable to Authenticated Path Traversal

RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the `/api/raw` endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official imโ€ฆ

๐Ÿ“… Published: July 16, 2025, 7:55 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.3

CVSS3.1

CVE-2025-37107 -

An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

๐Ÿ“… Published: July 16, 2025, 5:55 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.3

CVSS3.1

CVE-2025-37106 -

An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

๐Ÿ“… Published: July 16, 2025, 5:53 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.5

CVSS3.1

CVE-2025-36097 - IBM WebSphere Application Server denial of service

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources.

๐Ÿ“… Published: July 16, 2025, 5:44 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 2:25 p.m.

7.5

CVSS3.1

CVE-2025-37105 -

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

๐Ÿ“… Published: July 16, 2025, 5:42 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 3:15 p.m.

7.5

CVSS3.1

CVE-2025-40777 - A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cacโ€ฆ

๐Ÿ“… Published: July 16, 2025, 5:38 p.m. ๐Ÿ”„ Last Modified: July 18, 2025, 2:25 p.m.
Total resulsts: 302416
Page 23 of 30,242
ยซ previous page ยป next page
Filters