9.8

CVSS3.1

CVE-2025-50213 - Apache Airflow Providers Snowflake: Potential SQL injection in CopyFromExternalStageToSnowflakeOper…

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added in CopyFromExternalStageToSnowflake…

📅 Published: June 24, 2025, 7:06 a.m. 🔄 Last Modified: July 11, 2025, 6:36 p.m.

8.2

CVSS3.1

CVE-2025-2962 - Infinite loop in dns_copy_qname

A denial-of-service issue in the dns implemenation could cause an infinite loop.

📅 Published: June 24, 2025, 5:32 a.m. 🔄 Last Modified: Oct. 30, 2025, 3:50 p.m.

9.3

CVSS4.0

CVE-2025-48890 -

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execu…

📅 Published: June 24, 2025, 4:37 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

9.3

CVSS4.0

CVE-2025-43879 -

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execut…

📅 Published: June 24, 2025, 4:37 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

4.8

CVSS4.0

CVE-2025-43877 -

WRC-1167GHBK2-S contains a stored cross-site scripting vulnerability in WebGUI. If exploited, an arbitrary script may be executed on the web browser of the user who accessed WebGUI of the product.

📅 Published: June 24, 2025, 4:37 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

8.7

CVSS4.0

CVE-2025-41427 -

WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Connection Diagnostics page. If a remote authenticated attacker sends a specially crafted request to the affected product, an arbitrary …

📅 Published: June 24, 2025, 4:37 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS4.0

CVE-2025-36519 -

Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, and WRC-1167GS2H-B. If a specially crafted file is uploaded by a remote authenticated attacker, arbit…

📅 Published: June 24, 2025, 4:36 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-53017 -

Reason: This candidate was issued in error.

📅 Published: June 24, 2025, 3:50 a.m. 🔄 Last Modified: June 30, 2025, 4:15 p.m.

0.0

CVE-2025-53001 -

Reason: This candidate was issued in error.

📅 Published: June 24, 2025, 3:50 a.m. 🔄 Last Modified: June 30, 2025, 4:15 p.m.

6.3

CVSS3.1

CVE-2025-47943 - Gogs stored XSS in PDF renderer

Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting (XSS) vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated componen…

📅 Published: June 24, 2025, 3:48 a.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 4904 of 34,919
« previous page » next page
Filters