7.5

CVSS3.1

CVE-2025-65891 -

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice (DoS) by invoking flow.cuda.get_device_properties() with an invalid or negative device index.

๐Ÿ“… Published: Jan. 28, 2026, midnight ๐Ÿ”„ Last Modified: Feb. 3, 2026, 5:55 p.m.

7.7

CVSS3.1

CVE-2022-40619 -

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. This affects R6230 before โ€ฆ

๐Ÿ“… Published: Jan. 28, 2026, midnight ๐Ÿ”„ Last Modified: March 9, 2026, 2:43 p.m.

6.5

CVSS3.1

CVE-2025-71005 -

A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

๐Ÿ“… Published: Jan. 28, 2026, midnight ๐Ÿ”„ Last Modified: Feb. 3, 2026, 4:07 p.m.

7.5

CVSS3.1

CVE-2025-71007 -

An input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

๐Ÿ“… Published: Jan. 28, 2026, midnight ๐Ÿ”„ Last Modified: Feb. 3, 2026, 4:06 p.m.

6.5

CVSS3.1

CVE-2025-71006 -

A floating point exception (FPE) in the oneflow.reshape component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

๐Ÿ“… Published: Jan. 28, 2026, midnight ๐Ÿ”„ Last Modified: Feb. 3, 2026, 4:07 p.m.

7.5

CVSS3.1

CVE-2025-65890 -

A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) by calling flow.cuda.synchronize() with an invalid or out-of-range GPU device index.

๐Ÿ“… Published: Jan. 28, 2026, midnight ๐Ÿ”„ Last Modified: Feb. 3, 2026, 5:55 p.m.

9.1

CVSS3.1

CVE-2026-24838 - DotNetNuke.Core Vulnerable to Stored XSS via Module Title

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, module title supports richtext which could include scripts that would execute in certain scenarios. Versions 9.13.10 and 10.2.0 contain a fix for the โ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 11:58 p.m. ๐Ÿ”„ Last Modified: Feb. 4, 2026, 8:10 p.m.

7.7

CVSS3.1

CVE-2026-24837 - DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a module friendly name could include scripts that will run during some module operations in the Persona Bar. Versions 9.1โ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 11:53 p.m. ๐Ÿ”„ Last Modified: Feb. 4, 2026, 8:11 p.m.

7.7

CVSS3.1

CVE-2026-24836 - DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed. Vโ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 11:51 p.m. ๐Ÿ”„ Last Modified: Feb. 4, 2026, 8:11 p.m.

7.7

CVSS3.1

CVE-2026-24833 - DotNetNuke.Core Vulnerable to Stored XSS in Module Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, a module could install with richtext in its description field which could contain scripts that will run for user in the Persona Bar. Versions 9.13.10 aโ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 11:49 p.m. ๐Ÿ”„ Last Modified: Feb. 4, 2026, 8:12 p.m.
Total resulsts: 344986
Page 1503 of 34,499
ยซ previous page ยป next page
Filters