8.6

CVSS4.0

CVE-2025-15065 - Data Exposure in Kings Information & Network KESS Enterprise

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared File.…

πŸ“… Published: Dec. 29, 2025, 12:09 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.6

CVSS4.0

CVE-2025-15163 - Tenda WH450 SafeEmailFilter stack-based overflow

A vulnerability was identified in Tenda WH450 1.0.0.18. Affected by this issue is some unknown functionality of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly av…

πŸ“… Published: Dec. 29, 2025, 12:02 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 6:09 a.m.

8.8

CVSS3.1

CVE-2024-30855 -

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/makehtml_list_action.php.

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: Jan. 5, 2026, 10:23 a.m.

9.1

CVSS3.1

CVE-2024-25181 -

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php" file.

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: Jan. 7, 2026, 2:50 p.m.

7.5

CVSS3.1

CVE-2025-66869 -

Buffer overflow vulnerability in function strcat in asan_interceptors.cpp in libming 0.4.8.

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: Jan. 15, 2026, 2:24 a.m.

7.5

CVSS3.1

CVE-2025-66862 - binutils: heap-based buffer over-read in gnu_special() in cplus-dem.c

A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: Jan. 14, 2026, 7:36 p.m.

9.8

CVSS3.1

CVE-2025-68706 -

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf() to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack…

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: Jan. 15, 2026, 2:21 a.m.

6.1

CVSS3.1

CVE-2025-57462 -

Stored cross-site scripting (xss) in machsol machpanel 8.0.32 allows attackers to execute arbitrary web scripts or HTML via a crafted PDF file.

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: Dec. 31, 2025, 8:13 p.m.

9.8

CVSS3.1

CVE-2024-25182 -

givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php.

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: Jan. 5, 2026, 10:23 a.m.

7.6

CVSS3.1

CVE-2025-69195 - Wget2: gnu wget2: memory corruption and crash via filename sanitization logic with attacker-control…

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted U…

πŸ“… Published: Dec. 29, 2025, midnight πŸ”„ Last Modified: March 5, 2026, 8:12 p.m.
Total resulsts: 349182
Page 2390 of 34,919
Β« previous page Β» next page
Filters