6.3

CVSS3.1

CVE-2025-5692 - Lead Form Data Collection to CRM <= 3.1 - Missing Authorization to Authenticated (Subscriber+) Many…

The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ~/includes/LB_admin_ajax.php file in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with Subscrib…

πŸ“… Published: July 2, 2025, 2:03 a.m. πŸ”„ Last Modified: April 22, 2026, 5:15 p.m.

5.5

CVSS3.1

CVE-2025-38093 - arm64: dts: qcom: x1e80100: Add GPU cooling

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches high temperatures. With certain high GPU loads it is possible to reach the critical hardware shutdown t…

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: Nov. 20, 2025, 9:53 p.m.

5.5

CVSS3.1

CVE-2025-38092 - ksmbd: use list_first_entry_or_null for opinfo_get_list()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use list_first_entry_or_null for opinfo_get_list() The list_first_entry() macro never returns NULL. If the list is empty then it returns an invalid pointer. Use list_first_entry_or_null() to check if the list is empty.

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: Nov. 20, 2025, 9:58 p.m.

7.8

CVSS3.1

CVE-2025-38091 - drm/amd/display: check stream id dml21 wrapper to get plane_id

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check stream id dml21 wrapper to get plane_id [Why & How] Fix a false positive warning which occurs due to lack of correct checks when querying plane_id in DML21. This fixes the warning when performing a mode1 re…

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: Nov. 20, 2025, 10:07 p.m.

9.8

CVSS3.1

CVE-2025-45813 -

ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials.

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: Oct. 10, 2025, 7:41 p.m.

5

CVSS3.1

CVE-2025-52925 -

In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812.

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

3.7

CVSS3.1

CVE-2025-7039 - Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()

A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipul…

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2025-45814 -

Missing authentication checks in the query.fcgi endpoint of NS3000 v8.1.1.125110 , v7.2.8.124852 , and v7.x and NS2000 v7.02.08 allows attackers to execute a session hijacking attack.

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: Oct. 10, 2025, 7:45 p.m.

5.3

CVSS3.1

CVE-2025-45424 -

Incorrect access control in Xinference before v1.4.0 allows attackers to access the Web GUI without authentication.

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: Oct. 18, 2025, 1:40 a.m.

6.5

CVSS3.1

CVE-2025-45029 -

WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENT_LENGTH variable at /cgi-bin/upload.cgi.

πŸ“… Published: July 2, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 346120
Page 4516 of 34,612
Β« previous page Β» next page
Filters