4.4

CVSS4.0

CVE-2025-12946 - Improper input validation in NETGEAR Nighthawk routers

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue โ€ฆ

๐Ÿ“… Published: Dec. 9, 2025, 5:02 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 4:57 p.m.

1.1

CVSS4.0

CVE-2025-12945 - Improper input validation in NETGEAR Nighthawk router R7000P

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154.

๐Ÿ“… Published: Dec. 9, 2025, 5:01 p.m. ๐Ÿ”„ Last Modified: Jan. 16, 2026, 9:07 p.m.

5

CVSS4.0

CVE-2025-12941 - Denial of Service Vulnerability in NETGEAR C6220 and C6230

Denial of Service Vulnerability in NETGEARโ€ฏC6220โ€ฏandโ€ฏC6230โ€ฏ(DOCSISยฎ 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users reboot the router.

๐Ÿ“… Published: Dec. 9, 2025, 5:01 p.m. ๐Ÿ”„ Last Modified: Jan. 16, 2026, 9:13 p.m.

5.3

CVSS3.1

CVE-2022-46845 - WordPress Slider a SlidersPack plugin <= 2.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Essential Plugin Slider a SlidersPack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider a SlidersPack: from n/a before 2.3.

๐Ÿ“… Published: Dec. 9, 2025, 4:42 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.3

CVSS3.1

CVE-2022-47425 - WordPress ARMember โ€“ Membership Plugin, Content Restriction, Member Levels, User Profile & User sigโ€ฆ

Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10.

๐Ÿ“… Published: Dec. 9, 2025, 4:41 p.m. ๐Ÿ”„ Last Modified: Jan. 30, 2026, 7:36 p.m.

4.3

CVSS3.1

CVE-2023-22675 - WordPress WP Fast Cache plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Taylor Hawkes WP Fast Cache allows Cross Site Request Forgery.This issue affects WP Fast Cache: from n/a through 1.5.

๐Ÿ“… Published: Dec. 9, 2025, 4:41 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.4

CVSS3.1

CVE-2023-23729 - WordPress Spectra โ€“ WordPress Gutenberg Blocks plugin <= 2.3.0 - Contributor+ reCAPTCHA Settings Chโ€ฆ

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.

๐Ÿ“… Published: Dec. 9, 2025, 4:40 p.m. ๐Ÿ”„ Last Modified: April 28, 2026, 7:19 p.m.

7.8

CVSS3.1

CVE-2025-13662 -

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.

๐Ÿ“… Published: Dec. 9, 2025, 4:05 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 4:57 p.m.

7.1

CVSS3.1

CVE-2025-13661 -

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.

๐Ÿ“… Published: Dec. 9, 2025, 4:01 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 4:57 p.m.

8.8

CVSS3.1

CVE-2025-13659 -

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required.

๐Ÿ“… Published: Dec. 9, 2025, 3:59 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 4:57 p.m.
Total resulsts: 349182
Page 2715 of 34,919
ยซ previous page ยป next page
Filters