8.7
CVE-2025-0658 - Automated Logic and Carrier Zone Controllers malformed packets denial of service
A vulnerability in Automated Logic and Carrier's Zone ControllerΒ via BACnet protocol causes the device to crash. The device enters a fault state; after a reset, a second packet can leave it permanently unresponsive until a manual power cycle is performed.
7.0
CVE-2025-13699 - MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors mayβ¦
6.9
CVE-2025-66361 -
An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.
8.5
CVE-2025-66359 -
An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.
6.9
CVE-2025-66360 -
An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.
0.0
CVE-2025-13760 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
3.6
CVE-2025-66040 - Spotipy has a XSS vulnerability in OAuth callback server
Spotipy is a Python library for the Spotify Web API. Prior to version 2.25.2, there is a cross-site scripting (XSS) vulnerability in the OAuth callback server that allows for JavaScript injection through the unsanitized error parameter. Attackers can execute arbitrary JavaScript in the user's browsβ¦
7.5
CVE-2025-64344 - Suricata is vulnerable to a stack overflow from unbounded stack allocation in LuaPushStringBuffer
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected whβ¦
7.5
CVE-2025-64330 - Suricata is vulnerable to a heap buffer overflow on verdict
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires tβ¦
7.5
CVE-2025-64331 - Suricata is vulnerable to a stack overflow on large file transfers with http-body-printable
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow can occur on large HTTP file transfers if the user has increased the HTTP response body limit and enabled the lβ¦