7.8
CVE-2025-1330 - IBM CICS TX code execution
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1Β could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function.
7.8
CVE-2025-1329 - IBM CICS TX code execution
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function.
0.0
CVE-2025-4475 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
4.6
CVE-2025-46833 - Programs/P73_SimplePythonEncryption.py has weak cryptographic key
Programs/P73_SimplePythonEncryption.py illustrates a simple Python encryption example using the RSA Algorithm. In versions prior to commit 6ce60b1, an attacker may be able to decrypt the data using brute force attacks and because of this the whole application can be impacted. This issue has been paβ¦
2
CVE-2025-46812 - Trix vulnerable to Cross-site Scripting on copy & paste
Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the usβ¦
3.7
CVE-2025-46712 - Erlang/OTP SSH Has Strict KEX Violations
Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. Thisβ¦
4.2
CVE-2025-46336 - Rack session gets restored after deletion
Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a loβ¦
7.5
CVE-2024-9448 - On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will caβ¦
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the β¦
4.9
CVE-2025-27695 -
Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by Spoofing vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.
9.1
CVE-2024-12378 - On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec ageβ¦
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.