4.8
CVE-2025-8837 - JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the publicβ¦
4.6
CVE-2025-8661 - Stored Cross-Site Scripting in Symantec PGP Encryption 11.0.1
A stored Cross-Site Scripting vulnerability (XSS) occurs when the server does not properly validate or encode the data entered by the user.
4.8
CVE-2025-8836 - JasPer JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion
A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been discloβ¦
8.6
CVE-2025-8747 - Keras safe_mode bypass allows arbitrary code execution when loading a malicious model.
A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.
5.6
CVE-2025-8660 - Privilege Escalation in Symantec PGP Encryption 11.0.1
Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed.
4.8
CVE-2025-8835 - JasPer Image Color Space Conversion jas_image.c jas_image_chclrspc null pointer dereference
A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible to launch the attacβ¦
4.8
CVE-2025-8834 - JCG Link-net LW-N915R Wireless Basic Settings basic.asp cross site scripting
A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack remβ¦
8.7
CVE-2025-8833 - Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 langSwitchBack stack-based overflow
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwitchBack of the file /goform/langSwitchBack. The manipulation of the argument langSelectionOnly leads to stack-based buffer overflow. The attack may be iβ¦
4.3
CVE-2025-7965 - CBX Restaurant Booking <= 1.2.1 - Plugin Reset via CSRF
The CBX Restaurant Booking WordPress plugin through 1.2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
8.7
CVE-2025-8832 - Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setDMZ stack-based overflow
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function setDMZ of the file /goform/setDMZ. The manipulation of the argument DMZIPAddress leads to stack-based buffer overflow. The attack can be initiated remoβ¦