3.3

CVSS3.1

CVE-2025-55307 -

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query() with a crafted cDIPath parameter (e.g., "/") may cause an out-of-bounds read in internal path-parsing logic, potentially lea…

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 6, 2026, 2:39 p.m.

8.8

CVSS3.1

CVE-2025-56096 -

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restart_modules in file /usr/lib/lua/luci/controller/admin/common.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Dec. 26, 2025, 2:45 p.m.

8.8

CVSS3.1

CVE-2025-56111 -

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the network_set_wan_conf in file /usr/lib/lua/luci/controller/admin/netport.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 7, 2026, 8:27 p.m.

7.8

CVSS3.1

CVE-2025-56124 -

OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Dec. 18, 2025, 2:12 a.m.

8.8

CVSS3.1

CVE-2025-56099 -

OS Command Injection vulnerability in Ruijie RG-YST AP_3.0(1)B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Feb. 11, 2026, 7:39 p.m.

8.8

CVSS3.1

CVE-2025-56106 -

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 26, 2026, 7:59 p.m.

8.8

CVSS3.1

CVE-2025-56092 -

OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 29, 2026, 2:51 p.m.

8.8

CVSS3.1

CVE-2025-56130 -

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0(1)B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the module_update in file /usr/local/lua/dev_config/ace_sw.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Dec. 31, 2025, 1:52 a.m.

8.8

CVSS3.1

CVE-2025-56083 -

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_networkId_merge.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Feb. 11, 2026, 7:39 p.m.

7.5

CVSS3.1

CVE-2025-59802 -

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical…

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Dec. 18, 2025, 9:31 p.m.
Total resulsts: 349182
Page 2667 of 34,919
Β« previous page Β» next page
Filters