7.4
CVE-2025-8472 - Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the taβ¦
7.5
CVE-2023-32256 - Kernel: ksmbd race issue from smb2 close and logoff with multichannel
A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue.
6.4
CVE-2025-33118 - IBM QRadar SIEM cross-site scripting
IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessiβ¦
4.6
CVE-2025-48074 - OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance dβ¦
0.0
CVE-2013-10056 -
This CVE has the been REJECTED and will not be published by the CNA.
5.1
CVE-2025-41376 - CRLF Injection in Limesurvey
CRLF Injection vulnerability in Limesurvey v2.65.1+170522. Β This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via '/index.php/survey/index/sid/<SID>/token/fwyfw%0d%0aCookie:%20POC'.
9.3
CVE-2025-41375 - SQL Injection in Limesurvey
SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token'Β parameter in '/index.php'Β endpoint.
8.7
CVE-2025-41374 - SQL injection vulnerability in Gandia Integra Total
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/β¦
8.7
CVE-2025-41373 - SQL injection vulnerability in Gandia Integra Total
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/β¦
8.7
CVE-2025-41372 - SQL injection vulnerability in Gandia Integra Total
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/β¦