8.7
CVE-2025-9393 - Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 addStaProfile stack-based overflow
A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaProfile of the file /goform/addStaProfile. Performing manipulation of the argument profile_name/Ssid/wep_kβ¦
8.7
CVE-2025-9392 - Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 qosClassifier stack-based overflow
A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument dir/sFromPort/sToPort/dFromPoβ¦
5.3
CVE-2025-9391 - Bjskzy Zhiyou ERP com.artery.workflow.ServiceImpl getFieldValue sql injection
A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument sql causes sql injection. The attack may be initiated remotely. The exploit has been made availablβ¦
4.8
CVE-2025-9390 - vim xxd xxd.c main buffer overflow
A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exβ¦
4.8
CVE-2025-9389 - vim memmove-vec-unaligned-erms.S __memmove_avx_unaligned_erms memory corruption
A vulnerability was identified in vim 9.1.0000. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. Some users are β¦
5.1
CVE-2025-9388 - Scada-LTS watch_list.shtm cross site scripting
A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function of the file watch_list.shtm. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utiβ¦
5.3
CVE-2025-9387 - DCN DCME-720 Web Management Backend ip_block.php os command injection
A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate tβ¦
4.8
CVE-2025-9386 - appneta tcpreplay tcprewrite get.c get_l2len_protocol use after free
A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public andβ¦
4.8
CVE-2025-9385 - appneta tcpreplay tcprewrite edit_packet.c fix_ipv6_checksums use after free
A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be usedβ¦
4.8
CVE-2025-9384 - appneta tcpreplay parse_args.c tcpedit_post_args null pointer dereference
A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading β¦