CVE-2024-58251 - BusyBox Netstat Terminal Escape Sequence Injection Denial of Service
CVE ID : CVE-2024-58251
Published : April 23, 2025, 6:16 p.m. | 2 hours, 25 minutes ago
Description : In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-58251
Published : April 23, 2025, 6:16 p.m. | 2 hours, 25 minutes ago
Description : In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3673 - Apache HTTP Server Remote Code Execution Vulnerability
CVE ID : CVE-2025-3673
Published : April 23, 2025, 7:16 p.m. | 1 hour, 25 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-3092.. Reason: This candidate is a reservation duplicate of CVE-2023-3092. Notes: All CVE users should reference CVE-2023-3092. instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3673
Published : April 23, 2025, 7:16 p.m. | 1 hour, 25 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-3092.. Reason: This candidate is a reservation duplicate of CVE-2023-3092. Notes: All CVE users should reference CVE-2023-3092. instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28169 - BYD QIN PLUS DM-i Dilink OS Unencrypted Broadcast Vulnerability
CVE ID : CVE-2025-28169
Published : April 23, 2025, 8:15 p.m. | 26 minutes ago
Description : BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud server unencrypted, allowing attackers to execute a man-in-the-middle attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28169
Published : April 23, 2025, 8:15 p.m. | 26 minutes ago
Description : BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud server unencrypted, allowing attackers to execute a man-in-the-middle attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32818 - SonicWall SonicOS SSLVPN Null Pointer Dereference DoS
CVE ID : CVE-2025-32818
Published : April 23, 2025, 8:15 p.m. | 26 minutes ago
Description : A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32818
Published : April 23, 2025, 8:15 p.m. | 26 minutes ago
Description : A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46397 - "Fig2Dev Bezier Spline Code Execution Vulnerability"
CVE ID : CVE-2025-46397
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46397
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46398 - Fig2Dev Stack Overflow Vulnerability
CVE ID : CVE-2025-46398
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via read_objects function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46398
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via read_objects function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46399 - Fig2Dev Genge Itp Spline Segmentation Fault
CVE ID : CVE-2025-46399
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via genge_itp_spline function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46399
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via genge_itp_spline function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46400 - Fig2dev ArcObject Segmentation Fault Vulnerability
CVE ID : CVE-2025-46400
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via read_arcobject function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46400
Published : April 23, 2025, 9:15 p.m. | 3 hours, 26 minutes ago
Description : Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via read_arcobject function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-22351 - IBM InfoSphere Information Server Authentication Session Impersonation
CVE ID : CVE-2024-22351
Published : April 23, 2025, 11:15 p.m. | 1 hour, 26 minutes ago
Description : IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-22351
Published : April 23, 2025, 11:15 p.m. | 1 hour, 26 minutes ago
Description : IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25045 - IBM InfoSphere Information Server Information Disclosure
CVE ID : CVE-2025-25045
Published : April 23, 2025, 11:15 p.m. | 1 hour, 26 minutes ago
Description : IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request. This information could be used in further attacks against the system.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25045
Published : April 23, 2025, 11:15 p.m. | 1 hour, 26 minutes ago
Description : IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request. This information could be used in further attacks against the system.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25046 - IBM InfoSphere Information Server DataStage Flow Designer Information Disclosure
CVE ID : CVE-2025-25046
Published : April 23, 2025, 11:15 p.m. | 1 hour, 26 minutes ago
Description : IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25046
Published : April 23, 2025, 11:15 p.m. | 1 hour, 26 minutes ago
Description : IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27580 - NIH BRICS Privilege Escalation and Account Compromise Vulnerability
CVE ID : CVE-2025-27580
Published : April 24, 2025, 12:15 a.m. | 26 minutes ago
Description : NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) and thus allows unauthenticated users with a Common Access Card (CAC) to escalate privileges and compromise any account, including administrators.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27580
Published : April 24, 2025, 12:15 a.m. | 26 minutes ago
Description : NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) and thus allows unauthenticated users with a Common Access Card (CAC) to escalate privileges and compromise any account, including administrators.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27581 - NIH BRICS Unauthenticated Access to InET Module
CVE ID : CVE-2025-27581
Published : April 24, 2025, 12:15 a.m. | 26 minutes ago
Description : NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27581
Published : April 24, 2025, 12:15 a.m. | 26 minutes ago
Description : NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46417 - Apache Picklescan SSL Exfiltration Vulnerability
CVE ID : CVE-2025-46417
Published : April 24, 2025, 1:15 a.m. | 3 hours, 26 minutes ago
Description : The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserialization.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46417
Published : April 24, 2025, 1:15 a.m. | 3 hours, 26 minutes ago
Description : The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserialization.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46419 - Westermo WeOS Reboot Remote Command Execution Vulnerability
CVE ID : CVE-2025-46419
Published : April 24, 2025, 1:15 a.m. | 3 hours, 26 minutes ago
Description : Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46419
Published : April 24, 2025, 1:15 a.m. | 3 hours, 26 minutes ago
Description : Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1976 - Brocade Fabric OS Root Privilege Escalation
CVE ID : CVE-2025-1976
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-1976
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46374 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-46374
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46374
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46375 - Apache Struts Deserialization Vulnerability
CVE ID : CVE-2025-46375
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46375
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46376 - Cisco Webex Meeting Server Authentication Bypass
CVE ID : CVE-2025-46376
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46376
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46377 - Apache HTTP Server Arbitrary File Upload Vulnerability
CVE ID : CVE-2025-46377
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46377
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46378 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-46378
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46378
Published : April 24, 2025, 3:15 a.m. | 1 hour, 26 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...