7.5

CVSS3.1

CVE-2025-55780 -

A null pointer dereference occurs in the function break_word_for_overflow_wrap() in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fz_html_split_flow() to split a FLOW_WORD node, but does not check if node->next is valid before accessing node->next->overflow…

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Oct. 8, 2025, 6:04 p.m.

6.5

CVSS3.1

CVE-2025-45326 -

An issue in PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1 allows remote attackers to execute arbitrary code via the submit_size.php component.

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Oct. 17, 2025, 3:11 p.m.

7.1

CVSS3.1

CVE-2025-39869 - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map Fix a critical memory allocation bug in edma_setup_from_hw() where queue_priority_map was allocated with insufficient memory. The code declared queue_priority…

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Jan. 20, 2026, 8:41 p.m.

5.5

CVSS3.1

CVE-2025-39867 - netfilter: nft_set_pipapo: fix null deref for empty set

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: fix null deref for empty set Blamed commit broke the check for a null scratch map: - if (unlikely(!m || !*raw_cpu_ptr(m->scratch))) + if (unlikely(!raw_cpu_ptr(m->scratch))) This should have been…

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Sept. 23, 2025, 4:03 p.m.

5.5

CVSS3.1

CVE-2025-39876 - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() The function of_phy_find_device may return NULL, so we need to take care before dereferencing phy_dev.

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Jan. 20, 2026, 8:33 p.m.

7.5

CVSS3.1

CVE-2025-56394 -

Free5gc 4.0.1 is vulnerable to Buffer Overflow. The AMF incorrectly validates the 5GS mobile identity, resulting in slice reference overflow.

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Oct. 8, 2025, 5:56 p.m.

6.1

CVSS3.1

CVE-2025-56304 -

Cross-site scripting (XSS) vulnerability in YzmCMS thru 7.3 via the referer header in the register page.

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Oct. 8, 2025, 6:09 p.m.

5.3

CVSS3.1

CVE-2025-56146 -

Indian Bank IndSMART Android App 3.8.1 is vulnerable to Missing SSL Certificate Validation in NuWebViewActivity.

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2025-51005 -

A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible denial of service.

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Oct. 8, 2025, 5:54 p.m.

6.5

CVSS3.1

CVE-2025-29084 -

SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the Upgrade.php file.

πŸ“… Published: Sept. 23, 2025, midnight πŸ”„ Last Modified: Sept. 25, 2025, 4:09 p.m.
Total resulsts: 349182
Page 3715 of 34,919
Β« previous page Β» next page
Filters