9.8

CVSS3.1

CVE-2025-45987 -

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain multiple command injection vulnerabilities via the dns1 and dns2 parameters in the bs_SetDNSInfo …

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: July 10, 2025, 12:16 p.m.

9.8

CVSS3.1

CVE-2025-45986 -

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 werediscovered to contain a command injection vulnerability via the mac parameter in the bs_SetMacBlack function.

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: July 23, 2025, 8:32 p.m.

9.8

CVSS3.1

CVE-2025-45984 -

Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0 and BL-X26_DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub_45B238 fu…

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: July 10, 2025, 12:15 p.m.

9.1

CVSS3.1

CVE-2025-28384 -

An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal.

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: Oct. 27, 2025, 4:15 p.m.

7.5

CVSS3.1

CVE-2025-28382 -

An issue in the openc3-api/tables endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal.

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: Oct. 27, 2025, 4:15 p.m.

7.5

CVSS3.1

CVE-2025-28381 -

A credential leak in OpenC3 COSMOS before v6.0.2 allows attackers to access service credentials as environment variables stored in all containers.

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: Oct. 27, 2025, 4:15 p.m.

6.1

CVSS3.1

CVE-2025-28380 -

A cross-site scripting (XSS) vulnerability in OpenC3 COSMOS before v6.0.2 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter.

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: Oct. 27, 2025, 3:15 p.m.

3.7

CVSS3.1

CVE-2025-6052 - Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstr…

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written …

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: Nov. 7, 2025, 12:42 a.m.

9.8

CVSS3.1

CVE-2025-46060 -

Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: June 24, 2025, 9:51 a.m.

9.8

CVSS3.1

CVE-2025-28386 -

A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file.

πŸ“… Published: June 13, 2025, midnight πŸ”„ Last Modified: June 24, 2025, 9:51 a.m.
Total resulsts: 349182
Page 5039 of 34,919
Β« previous page Β» next page
Filters