7.5

CVSS4.0

CVE-2025-2172 -

Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames

πŸ“… Published: June 23, 2025, 2:01 p.m. πŸ”„ Last Modified: June 23, 2025, 5:53 p.m.

8.8

CVSS4.0

CVE-2025-2171 -

Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 do not enforce rate limiting on password reset attempts, allowing adversaries to brute force guess the 6-digit password reset PIN

πŸ“… Published: June 23, 2025, 2:01 p.m. πŸ”„ Last Modified: June 23, 2025, 5:42 p.m.

0.0

CVE-2025-52542 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: June 23, 2025, 1:23 p.m. πŸ”„ Last Modified: June 23, 2025, 2:15 p.m.

10

CVSS3.1

CVE-2025-6512 - Scripts within reports executable on BRAIN2 Server

On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights.

πŸ“… Published: June 23, 2025, 12:48 p.m. πŸ”„ Last Modified: June 23, 2025, 1:22 p.m.

9.3

CVSS3.1

CVE-2025-6513 - BRAIN2 Configuration file for database access not sufficiently secured

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.

πŸ“… Published: June 23, 2025, 12:37 p.m. πŸ”„ Last Modified: June 23, 2025, 1:25 p.m.

9.6

CVSS3.1

CVE-2024-45347 - Mi Connect Service APP protocol flaws lead to unauthorized access

An unauthorized access vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to Unauthorized access to the victim’s device.

πŸ“… Published: June 23, 2025, 9:34 a.m. πŸ”„ Last Modified: June 23, 2025, 12:03 p.m.

7.4

CVSS3.1

CVE-2025-27387 - OPPPO Clone Phone uses weak WPA passphrase as only means of security

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure.

πŸ“… Published: June 23, 2025, 9:28 a.m. πŸ”„ Last Modified: June 23, 2025, 12:14 p.m.

9.4

CVSS4.0

CVE-2025-52935 - Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly (src/redis/lua/struct modules). This vulnerability is associated with program files lua_struct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18.

πŸ“… Published: June 23, 2025, 9:27 a.m. πŸ”„ Last Modified: June 23, 2025, 12:29 p.m.

9.4

CVSS4.0

CVE-2025-52939 - Potential heap-buffer overflow vulnerability in NotepadNext

Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects NotepadNext: through v0.11.

πŸ“… Published: June 23, 2025, 9:26 a.m. πŸ”„ Last Modified: June 23, 2025, 12:34 p.m.

5.1

CVSS4.0

CVE-2025-52938 - Potential heap-based buffer over-read vulnerability in NotepadNext

Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-r…

πŸ“… Published: June 23, 2025, 9:26 a.m. πŸ”„ Last Modified: June 23, 2025, 12:36 p.m.
Total resulsts: 299121
Page 2 of 29,913
Β« previous page Β» next page
Filters