7.7

CVSS3.1

CVE-2025-32808 -

W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their quiz performance into the backend, because only client-side access control exists.

๐Ÿ“… Published: April 11, 2025, midnight ๐Ÿ”„ Last Modified: Oct. 30, 2025, 6:59 p.m.

6.4

CVSS3.1

CVE-2025-32809 -

W. W. Norton InQuizitive through 2025-04-08 allows students to conduct stored XSS attacks against educators via a bonus description, feedback.choice_fb[], or question_id.

๐Ÿ“… Published: April 11, 2025, midnight ๐Ÿ”„ Last Modified: Oct. 30, 2025, 6:59 p.m.

3.1

CVSS3.1

CVE-2025-32816 -

CodeLit CourseLit before 0.57.5 allows Parameter Tampering via a payment plan associated with the wrong entity.

๐Ÿ“… Published: April 11, 2025, midnight ๐Ÿ”„ Last Modified: April 11, 2025, 4:03 p.m.

6.2

CVSS3.1

CVE-2025-29918 - Suricata pcre: negated pcr can cause infinite loop

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in โ€ฆ

๐Ÿ“… Published: April 10, 2025, 9:02 p.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 8:18 p.m.

6.2

CVSS3.1

CVE-2025-29917 - Suricata decode_base64: signature can do large memory allocation

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decode_base64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per tโ€ฆ

๐Ÿ“… Published: April 10, 2025, 9 p.m. ๐Ÿ”„ Last Modified: May 29, 2025, 3:48 p.m.

6.2

CVSS3.1

CVE-2025-29916 - Suricata datasets: ruleset declared settings can lead to resource starvation

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the `hashsize` to use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can โ€ฆ

๐Ÿ“… Published: April 10, 2025, 8:03 p.m. ๐Ÿ”„ Last Modified: May 29, 2025, 3:48 p.m.

7.5

CVSS3.1

CVE-2025-29915 - Suricata af-packet: defrag option can lead to truncated packets affecting visibility

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is basโ€ฆ

๐Ÿ“… Published: April 10, 2025, 7:51 p.m. ๐Ÿ”„ Last Modified: May 29, 2025, 3:47 p.m.

7.2

CVSS3.1

CVE-2025-23010 -

An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths.

๐Ÿ“… Published: April 10, 2025, 6:57 p.m. ๐Ÿ”„ Last Modified: July 12, 2025, 3:26 p.m.

7.2

CVSS3.1

CVE-2025-23009 -

A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.

๐Ÿ“… Published: April 10, 2025, 6:55 p.m. ๐Ÿ”„ Last Modified: July 13, 2025, 11:07 a.m.

7.2

CVSS3.1

CVE-2025-23008 -

An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations.

๐Ÿ“… Published: April 10, 2025, 6:55 p.m. ๐Ÿ”„ Last Modified: July 12, 2025, 3:26 p.m.
Total resulsts: 342251
Page 5221 of 34,226
ยซ previous page ยป next page
Filters