8.4

CVSS4.0

CVE-2025-4098 - Out-of-bounds Read in Horner Automation Cscape

Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape.

πŸ“… Published: May 8, 2025, 5:45 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.4

CVSS3.1

CVE-2025-30101 -

Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.

πŸ“… Published: May 8, 2025, 5:44 p.m. πŸ”„ Last Modified: May 16, 2025, 3:38 p.m.

5.5

CVSS3.1

CVE-2025-30102 -

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

πŸ“… Published: May 8, 2025, 5:40 p.m. πŸ”„ Last Modified: May 16, 2025, 3:38 p.m.

7.2

CVSS3.1

CVE-2024-13009 - Eclipse Jetty GZIP buffer release

In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.

πŸ“… Published: May 8, 2025, 5:29 p.m. πŸ”„ Last Modified: July 31, 2025, 4:31 p.m.

0.0

CVE-2025-4436 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: May 8, 2025, 3:30 p.m. πŸ”„ Last Modified: May 20, 2025, 11:15 p.m.

0.0

CVE-2025-4132 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: May 8, 2025, 3:10 p.m. πŸ”„ Last Modified: May 12, 2025, 9:15 a.m.

5.9

CVSS3.1

CVE-2025-4207 - PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails…

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 1…

πŸ“… Published: May 8, 2025, 2:22 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.7

CVSS4.0

CVE-2024-6648 - Path Traversal in AP Page Builder

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'product_item_path' within the 'config' JSON file, allowing them to read any file on the system.

πŸ“… Published: May 8, 2025, 12:16 p.m. πŸ”„ Last Modified: May 13, 2025, 6:28 p.m.

6.3

CVSS4.0

CVE-2025-3506 - Potentially senitive path exposed via unauthenticated http route

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets.

πŸ“… Published: May 8, 2025, 11:24 a.m. πŸ”„ Last Modified: Aug. 25, 2025, 2:51 p.m.

6.1

CVSS3.1

CVE-2025-2806 - tagDiv Composer <= 5.3 - Reflected Cross-Site Scripting via 'data'

The tagDiv Composer plugin for WordPress, used by the Newspaper theme, is vulnerable to Reflected Cross-Site Scripting via the β€˜data’ parameter in all versions up to, and including, 5.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers …

πŸ“… Published: May 8, 2025, 11:23 a.m. πŸ”„ Last Modified: April 21, 2026, 9 p.m.
Total resulsts: 347438
Page 5316 of 34,744
Β« previous page Β» next page
Filters