9.3
CVE-2025-15010 - Tenda WH450 SafeUrlFilter stack-based overflow
A vulnerability has been found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of the file /goform/SafeUrlFilter. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the publβ¦
4
CVE-2025-59301 - Modbus/TCP Dos Vulnerability in DVP15MC11T
Delta Electronics DVP15MC11TΒ lacks proper validation of the modbus/tcp packets and can lead to denial of service.
5.3
CVE-2025-15009 - liweiyi ChestnutCMS Filename upload FilenameUtils.getExtension unrestricted upload
A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched β¦
6.9
CVE-2025-15008 - Tenda WH450 HTTP Request L7Port stack-based overflow
A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public aβ¦
9.3
CVE-2025-15007 - Tenda WH450 HTTP Request L7Im stack-based overflow
A security vulnerability has been detected in Tenda WH450 1.0.0.18. Affected by this issue is some unknown functionality of the file /goform/L7Im of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. β¦
9.3
CVE-2025-15006 - Tenda WH450 HTTP Request CheckTools stack-based overflow
A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated remoteβ¦
6.3
CVE-2025-15005 - CouchCMS reCAPTCHA config.example.php hard-coded key
A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument K_RECAPTCHA_SITE_KEY/K_RECAPTCHA_SECRET_KEY results in use of hard-coded cryptographic key . It is poβ¦
5.3
CVE-2025-15004 - DedeCMS freelist_main.php sql injection
A vulnerability was identified in DedeCMS up to 5.7.118. This impacts an unknown function of the file /freelist_main.php. The manipulation of the argument orderby leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
6.1
CVE-2024-25812 -
MyNET up to v26.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the src parameter.
7.5
CVE-2025-63664 -
Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.