7.8

CVSS3.1

CVE-2021-47669 - can: vxcan: vxcan_xmit: fix use after free bug

In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the canfd_frame cfd which aliases skb memory is accessed after the netif_rx_ni().

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: May 4, 2025, 7:15 a.m.

7.8

CVSS3.1

CVE-2021-47668 - can: dev: can_restart: fix use after free bug

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: stats->rx_bytes += cf-…

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: May 4, 2025, 7:15 a.m.

8.4

CVSS3.1

CVE-2024-55211 -

An issue in Think Router Tk-Rt-Wr135G V3.0.2-X000 allows attackers to bypass authentication via a crafted cookie.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 25, 2025, 4:31 p.m.

3.3

CVSS3.1

CVE-2021-47671 - can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb previously allocated by a…

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: May 4, 2025, 7:15 a.m.

6.2

CVSS3.1

CVE-2025-29316 -

An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information. NOTE: the Supplier disputes the Print Job Watermark Bypass claim because the watermark is added by hooking into the OS printing mechanism, and thus…

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: May 5, 2025, 6:15 p.m.

6.1

CVSS3.1

CVE-2025-29015 -

Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting (XSS) via the name parameter in /admin/pages_account.php.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 21, 2025, 6:30 p.m.

7.5

CVSS3.1

CVE-2025-25454 -

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanSpeed2.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 22, 2025, 4:41 p.m.

6.5

CVSS3.1

CVE-2025-29449 -

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the link identification function.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 25, 2025, 4:28 p.m.

7.6

CVSS3.1

CVE-2025-29457 -

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 24, 2025, 2:13 p.m.

8.1

CVSS3.1

CVE-2025-43715 -

Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition.…

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: June 23, 2025, 7:31 p.m.
Total resulsts: 344144
Page 5254 of 34,415
Β« previous page Β» next page
Filters