8.7

CVSS4.0

CVE-2025-12596 - Tenda AC23 saveParentControlInfo buffer overflow

A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclos…

πŸ“… Published: Nov. 2, 2025, 10:32 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 6:21 a.m.

8.7

CVSS4.0

CVE-2025-12595 - Tenda AC23 SetVirtualServerCfg formSetVirtualSer buffer overflow

A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCfg. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the pu…

πŸ“… Published: Nov. 2, 2025, 10:02 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 7:16 a.m.

5.1

CVSS4.0

CVE-2025-12594 - code-projects Simple Online Hotel Reservation System add_account.php sql injection

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/add_account.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been release…

πŸ“… Published: Nov. 2, 2025, 8:32 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 7:16 a.m.

5.1

CVSS4.0

CVE-2025-12593 - code-projects Simple Online Hotel Reservation System Photo edit_room.php unrestricted upload

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/edit_room.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely. …

πŸ“… Published: Nov. 2, 2025, 5:15 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 6:20 a.m.

8

CVSS3.1

CVE-2025-10622 - Foreman: os command injection via ct_location and fcct_location parameters

A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.

πŸ“… Published: Nov. 1, 2025, 11:59 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

2.3

CVSS4.0

CVE-2025-12603 - /etc/timezone can be Arbitrarily Written

/etc/timezone can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Nov. 1, 2025, 6:56 p.m. πŸ”„ Last Modified: Nov. 7, 2025, 6:40 p.m.

2.3

CVSS4.0

CVE-2025-12602 - /etc/avahi/services/z9.service can be Arbitrarily Written

/etc/avahi/services/z9.service can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Nov. 1, 2025, 6:54 p.m. πŸ”„ Last Modified: Nov. 7, 2025, 6:41 p.m.

10

CVSS4.0

CVE-2025-12601 - Denial of Service Due to SlowLoris

Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Nov. 1, 2025, 6:49 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 3:09 p.m.

10

CVSS4.0

CVE-2025-12600 - Web UI Malfunction

Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Nov. 1, 2025, 6:48 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:47 p.m.

10

CVSS4.0

CVE-2025-12599 - Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000)

Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

πŸ“… Published: Nov. 1, 2025, 6:39 p.m. πŸ”„ Last Modified: Nov. 10, 2025, 2:47 p.m.
Total resulsts: 346536
Page 2919 of 34,654
Β« previous page Β» next page
Filters