6.1

CVSS3.1

CVE-2025-65442 -

DOM-based Cross-Site Scripting (XSS) vulnerability in 201206030 novel V3.5.0 allows remote attackers to execute arbitrary JavaScript code or disclose sensitive information (e.g., user session cookies) via a crafted "wvstest" parameter in the URL or malicious script injection into window.localStoragโ€ฆ

๐Ÿ“… Published: Dec. 29, 2025, midnight ๐Ÿ”„ Last Modified: Dec. 31, 2025, 8:07 p.m.

7.5

CVSS3.1

CVE-2024-25183 -

givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php.

๐Ÿ“… Published: Dec. 29, 2025, midnight ๐Ÿ”„ Last Modified: Jan. 5, 2026, 10:23 a.m.

7.5

CVSS3.1

CVE-2025-66877 -

Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8.

๐Ÿ“… Published: Dec. 29, 2025, midnight ๐Ÿ”„ Last Modified: Jan. 15, 2026, 2:26 a.m.

5.5

CVSS3.1

CVE-2025-66866 - binutils: BinUtils: Denial of Service via crafted PE file

An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

๐Ÿ“… Published: Dec. 29, 2025, midnight ๐Ÿ”„ Last Modified: Jan. 14, 2026, 7:43 p.m.

9.8

CVSS3.1

CVE-2024-27480 -

givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload.

๐Ÿ“… Published: Dec. 29, 2025, midnight ๐Ÿ”„ Last Modified: Jan. 5, 2026, 10:23 a.m.

8.8

CVSS3.1

CVE-2025-69194 - Wget2: arbitrary file write via metalink path traversal in gnu wget2

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potโ€ฆ

๐Ÿ“… Published: Dec. 29, 2025, midnight ๐Ÿ”„ Last Modified: March 5, 2026, 8:09 p.m.

8.6

CVSS4.0

CVE-2025-15162 - Tenda WH450 RouteStatic stack-based overflow

A vulnerability was determined in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/RouteStatic. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicโ€ฆ

๐Ÿ“… Published: Dec. 28, 2025, 11:32 p.m. ๐Ÿ”„ Last Modified: Feb. 24, 2026, 7:17 a.m.

8.6

CVSS4.0

CVE-2025-15161 - Tenda WH450 PPTPUserSetting stack-based overflow

A vulnerability was found in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/PPTPUserSetting. Performing a manipulation of the argument delno results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could bโ€ฆ

๐Ÿ“… Published: Dec. 28, 2025, 11:02 p.m. ๐Ÿ”„ Last Modified: Feb. 24, 2026, 7:16 a.m.

8.6

CVSS4.0

CVE-2025-15160 - Tenda WH450 PPTPServer stack-based overflow

A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/PPTPServer. Such manipulation of the argument ip1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

๐Ÿ“… Published: Dec. 28, 2025, 10:32 p.m. ๐Ÿ”„ Last Modified: Feb. 24, 2026, 6:08 a.m.

5.3

CVSS4.0

CVE-2025-15156 - omec-project UPF PFCP Session Establishment Request messages_session.go handleSessionEstablishmentRโ€ฆ

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messages_session.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may โ€ฆ

๐Ÿ“… Published: Dec. 28, 2025, 10:02 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 2392 of 34,919
ยซ previous page ยป next page
Filters