9.3

CVSS4.0

CVE-2025-48890 -

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execu…

πŸ“… Published: June 24, 2025, 4:37 a.m. πŸ”„ Last Modified: June 26, 2025, 6:58 p.m.

9.3

CVSS4.0

CVE-2025-43879 -

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execut…

πŸ“… Published: June 24, 2025, 4:37 a.m. πŸ”„ Last Modified: June 26, 2025, 7:25 p.m.

4.8

CVSS4.0

CVE-2025-43877 -

WRC-1167GHBK2-S contains a stored cross-site scripting vulnerability in WebGUI. If exploited, an arbitrary script may be executed on the web browser of the user who accessed WebGUI of the product.

πŸ“… Published: June 24, 2025, 4:37 a.m. πŸ”„ Last Modified: June 26, 2025, 6:58 p.m.

8.7

CVSS4.0

CVE-2025-41427 -

WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Connection Diagnostics page. If a remote authenticated attacker sends a specially crafted request to the affected product, an arbitrary …

πŸ“… Published: June 24, 2025, 4:37 a.m. πŸ”„ Last Modified: July 13, 2025, 9:48 p.m.

5.3

CVSS4.0

CVE-2025-36519 -

Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, and WRC-1167GS2H-B. If a specially crafted file is uploaded by a remote authenticated attacker, arbit…

πŸ“… Published: June 24, 2025, 4:36 a.m. πŸ”„ Last Modified: Feb. 3, 2026, 8:16 a.m.

0.0

CVE-2025-53017 -

Reason: This candidate was issued in error.

πŸ“… Published: June 24, 2025, 3:50 a.m. πŸ”„ Last Modified: June 30, 2025, 4:15 p.m.

0.0

CVE-2025-53001 -

Reason: This candidate was issued in error.

πŸ“… Published: June 24, 2025, 3:50 a.m. πŸ”„ Last Modified: June 30, 2025, 4:15 p.m.

6.3

CVSS3.1

CVE-2025-47943 - Gogs stored XSS in PDF renderer

Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting (XSS) vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated componen…

πŸ“… Published: June 24, 2025, 3:48 a.m. πŸ”„ Last Modified: July 30, 2025, 6:15 p.m.

10

CVSS3.1

CVE-2024-56731 - Gogs deletion of internal files allows remote command execution

Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance …

πŸ“… Published: June 24, 2025, 3:37 a.m. πŸ”„ Last Modified: Aug. 21, 2025, 8:43 p.m.

8.6

CVSS3.1

CVE-2025-52566 - llama.cpp tokenizer signed vs. unsigned heap overflow

llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation (llama_vocab::tokenize) (src/llama-vocab.cpp:3036) resulting in unintended behavior in tokens copying size comparison. Allowing h…

πŸ“… Published: June 24, 2025, 3:21 a.m. πŸ”„ Last Modified: Aug. 27, 2025, 2:01 p.m.
Total resulsts: 343926
Page 4379 of 34,393
Β« previous page Β» next page
Filters