8.8
CVE-2025-2766 - 70mai A510 Use of Default Password Authentication Bypass Vulnerability
70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of 70mai A510. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default cโฆ
8.8
CVE-2025-3485 - Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementatioโฆ
7.8
CVE-2025-5481 - Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target muโฆ
7.8
CVE-2025-5480 - Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Action1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploiโฆ
7.3
CVE-2025-5474 - 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability
2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker must first obtain the ability to execute low-privileged code on the target systemโฆ
8.8
CVE-2025-5473 - GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability
GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malโฆ
8.7
CVE-2025-5795 - Tenda AC5 AdvSetLanip fromadvsetlanip buffer overflow
A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15.03.06.47. This affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has beโฆ
8.7
CVE-2025-5794 - Tenda AC5 setPptpUserList formSetPPTPUserList buffer overflow
A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be launched remotely. The exploiโฆ
8.7
CVE-2025-5793 - TOTOLINK EX1200T HTTP POST Request formPortFw buffer overflow
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possible โฆ
8.7
CVE-2025-5792 - TOTOLINK EX1200T HTTP POST Request formWlanRedirect buffer overflow
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer oveโฆ