7.1

CVSS3.1

CVE-2025-48510 -

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.

πŸ“… Published: Nov. 24, 2025, 8:56 p.m. πŸ”„ Last Modified: Nov. 26, 2025, 6:47 p.m.

8

CVSS3.1

CVE-2025-52538 -

Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in loss of confidentiality or availability.

πŸ“… Published: Nov. 24, 2025, 8:38 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.3

CVSS3.1

CVE-2025-0003 -

Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-Free condition potentially resulting in loss of confidentiality or availability

πŸ“… Published: Nov. 24, 2025, 8:36 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.7

CVSS3.1

CVE-2025-0007 -

Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate privileges from user space to kernel space, potentially compromising confidentiality, integrity, and/or availability.

πŸ“… Published: Nov. 24, 2025, 8:35 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.3

CVSS4.0

CVE-2023-7330 - Ruijie Networks NBR Routers Unauthenticated Arbitrary File Upload via fileupload.php

Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of fi…

πŸ“… Published: Nov. 24, 2025, 8:31 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.7

CVSS4.0

CVE-2024-14007 - TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated…

πŸ“… Published: Nov. 24, 2025, 8:31 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.3

CVSS4.0

CVE-2018-25126 - TVT NVMS-9000 Hard-coded API Credentials & Command Injection

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a fixed vendor credent…

πŸ“… Published: Nov. 24, 2025, 8:30 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.9

CVSS3.1

CVE-2025-36150 - IBM Concert Information Disclosure

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

πŸ“… Published: Nov. 24, 2025, 8:29 p.m. πŸ”„ Last Modified: Dec. 1, 2025, 3:51 p.m.

7.3

CVSS3.1

CVE-2025-0005 -

Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash or denial of service.

πŸ“… Published: Nov. 24, 2025, 7:45 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.3

CVSS3.1

CVE-2025-52539 -

A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface (AXI), potentially resulting in loss of confidentiality, integrity, and/or availability.

πŸ“… Published: Nov. 24, 2025, 7:42 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 2915 of 34,919
Β« previous page Β» next page
Filters