8.5
CVE-2025-57776 - Out Of Bounds Write to invalid address when parsing a DSB file with Digilent DASYLab
There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially cr…
8.5
CVE-2025-57774 - Out Of Bounds Write of invalid data when parsing a DSB file with Digilent DASYLab
There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted …
8.5
CVE-2025-9189 - Out Of Bounds Write when parsing a DSB file with Digilent DASYLab
There is an out of bounds write vulnerability due to improper bounds checking resulting in a large destination address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a spe…
6.3
CVE-2025-9828 - Tenda CP6 uhttp sub_2B7D04 risky encryption
A vulnerability was determined in Tenda CP6 11.10.00.243. The affected element is the function sub_2B7D04 of the component uhttp. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. This attack is characterized by high complexity. The exploitabilit…
9.4
CVE-2025-9696 - Use of Hard-coded Credentials in SunPower PVS6
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the att…
8.6
CVE-2025-2413 - OTP Bypass in Akinsoft's ProKuafor
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor allows Authentication Bypass.This issue affects ProKuafor: from s1.02.08 before v1.02.08.
4.7
CVE-2025-0670 - IDOR in Akinsoft's ProKuafor
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows Resource Leak Exposure.This issue affects ProKuafor: from s1.02.07 before v1.02.08.
4.3
CVE-2024-12974 - XSS in Akinsoft's ProKuaför
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft ProKuaför allows Cross-Site Scripting (XSS).This issue affects ProKuaför: from s1.02.07 before v1.02.08.
8.2
CVE-2024-58259 - Rancher affected by unauthenticated Denial of Service
A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated) and authenticated API endpoints. This allows a malicious user to exploit this by sending excessively large payloads, which are fully loaded into me…
8.6
CVE-2025-2414 - OTP Bypass in Akinsoft's OctoCloud
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass.This issue affects OctoCloud: from s1.09.03 before v1.11.01.