9.8

CVSS3.1

CVE-2025-11007 - CE21 Suite 2.2.1 - 2.3.1 - Missing Authorization to Unauthenticated Privilege Escalation via Plugin…

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wp_ajax_nopriv_ce21_single_sign_on_save_api_settings AJAX action in versions 2.2.1 to 2.3.1. This makes it possible for unauthenticated attackers to update the plugin's …

πŸ“… Published: Nov. 4, 2025, 3:26 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.3

CVSS3.1

CVE-2025-12070 - ViaAds <= 2.1.2 - Cross-Site Request Forgery to API Key Update

The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.2. This is due to missing nonce validation on the `ViaAds_pluginHandler` function. This makes it possible for unauthenticated attackers to modify the plugin's API key and cookie con…

πŸ“… Published: Nov. 4, 2025, 3:26 a.m. πŸ”„ Last Modified: April 22, 2026, 9:30 p.m.

6.5

CVSS3.1

CVE-2025-47370 - Reachable Assertion in BT Controller

Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Nov. 5, 2025, 5:16 p.m.

7.8

CVSS3.1

CVE-2025-47368 - Buffer Over-read in DSP Service

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

7.8

CVSS3.1

CVE-2025-47367 - Out-of-bounds Write in WinBlast Driver

Memory corruption while accessing a buffer during IOCTL processing.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

7.8

CVSS3.1

CVE-2025-47365 - Integer Overflow or Wraparound in Automotive Platform

Memory corruption while processing large input data from a remote source via a communication interface.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

6.1

CVSS3.1

CVE-2025-47362 - Buffer Over-read in Automotive Software platform based on QNX

Information disclosure while processing message from client with invalid payload.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Nov. 5, 2025, 5:17 p.m.

7.8

CVSS3.1

CVE-2025-47361 - Improper Validation of Array Index in Automotive Software platform based on QNX

Memory corruption when triggering a subsystem crash with an out-of-range identifier.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

7.8

CVSS3.1

CVE-2025-47360 - Stack-based Buffer Overflow in Automotive Software platform based on QNX

Memory corruption while processing client message during device management.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

8

CVSS3.1

CVE-2025-47357 - Missing Authentication for Critical Function in SMSS

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.

πŸ“… Published: Nov. 4, 2025, 3:19 a.m. πŸ”„ Last Modified: Nov. 5, 2025, 5:22 p.m.
Total resulsts: 349182
Page 3162 of 34,919
Β« previous page Β» next page
Filters