8.7
CVE-2025-4344 - D-Link DIR-600L formLogin buffer overflow
A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no loβ¦
6.4
CVE-2025-3782 - Cision Block <= 4.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The Cision Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βidβ parameter in all versions up to, and including, 4.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and aboβ¦
7.5
CVE-2025-2011 - Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection via 's' Parameter
The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the βs' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes β¦
7.1
CVE-2025-46762 - Apache Parquet Java: Potential malicious code execution from trusted packages in the parquet-avro mβ¦
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be execuβ¦
3.3
CVE-2025-25052 - arkcompiler_ets_runtime has a buffer overflow vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.
3.3
CVE-2025-27241 - multimedia_av_codec has a NULL pointer dereference vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
3.3
CVE-2025-27248 - ai_neural_network_runtime has a NULL pointer dereference vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
3.3
CVE-2025-22886 - distributeddatamgr_udmf has a memory leak vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
3.8
CVE-2025-27132 - arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
8.7
CVE-2025-4343 - D-Link DIR-600L formEasySetupWizard buffer overflow
A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. This vulnerability only affects products thaβ¦