5.3
CVE-2025-2329 - High traffic causes corrupt SPI packets in OpenThread leading to denial of service
In high traffic environments, a Silicon Labs OpenThread RCP (see impacted versions) fails to clear the SPI transmit buffer and may send a corrupt packet over SPI to its host,Β causing the host to reset the RCP which results in a denial of service.
6.9
CVE-2025-34136 - Commvault CommServe Web Server Unauthenticated SQL Injection
An SQL injection vulnerability exists in Commvault 11.32.0 - 11.32.93, 11.36.0 - 11.36.51, and 11.38.0 - 11.38.19 Web Server component that allows a remote, unauthenticated attacker to perform SQL Injection. The vulnerability impacts systems where the CommServe and Web Server roles are installed. Oβ¦
6
CVE-2025-3873 - Buffer overflow in Si91x crypto APIs
The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application. sl_si91x_aes sl_si91x_gcm sl_si91x_ccm sl_si91x_sha
8.7
CVE-2025-8160 - Tenda AC20 httpd SetSysTimeCfg buffer overflow
A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The explβ¦
8.7
CVE-2025-8159 - D-Link DIR-513 HTTP POST Request formLanguageChange stack-based overflow
A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to stack-based buffer overflow. The atβ¦
5.3
CVE-2025-8158 - PHPGurukul Login and User Management System yesterday-reg-users.php sql injection
A vulnerability was found in PHPGurukul Login and User Management System 3.3. It has been declared as critical. This vulnerability affects unknown code of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The eβ¦
5.3
CVE-2025-8157 - PHPGurukul User Registration & Login and User Management lastthirtyays-reg-users.php sql injection
A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3. It has been classified as critical. This affects an unknown part of the file /admin/lastthirtyays-reg-users.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attaβ¦
5.3
CVE-2025-8156 - PHPGurukul User Registration & Login and User Management lastsevendays-reg-users.php sql injection
A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/lastsevendays-reg-users.php. The manipulation of the argument ID leads to sql injection. The attack may be laβ¦
5.1
CVE-2025-8155 - D-Link DCS-6010L Management Application vb.htm cross site scripting
A vulnerability has been found in D-Link DCS-6010L 1.15.03 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /vb.htm of the component Management Application. The manipulation of the argument paratest leads to cross site scripting. The attack can bβ¦
6.1
CVE-2025-5254 - Stored XSS in Kron Technologies' Kron PAM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS.This issue affects Kron PAM: before 3.7.