CVE-2024-42646 - NanoMQ Denial of Service (DoS) Vulnerability
CVE ID : CVE-2024-42646
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-42646
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-42648 - NanoMQ MQTT Heap Overflow Denial of Service
CVE ID : CVE-2024-42648
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-42648
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-42649 - NanoMQ Memory Leak Denial of Service Vulnerability
CVE ID : CVE-2024-42649
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-42649
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51650 - FoxCMS Remote Code Execution (RCE)
CVE ID : CVE-2025-51650
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51650
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51651 - Mccms File Download Vulnerability
CVE ID : CVE-2025-51651
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51651
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51652 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51652
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51652
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51653 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51653
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51653
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51654 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51654
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51654
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51655 - SemCms v5.0 was discovered to contain a SQL inject
CVE ID : CVE-2025-51655
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51655
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51656 - SemCms SQL Injection
CVE ID : CVE-2025-51656
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51656
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51657 - SemCms SQL Injection
CVE ID : CVE-2025-51657
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51657
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51658 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51658
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51658
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51659 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51659
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51659
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51660 - SemCms SQL Injection
CVE ID : CVE-2025-51660
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Products.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51660
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Products.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7625 - YiJiuSmile kkFileViewOfficeEdit Remote Path Traversal Vulnerability
CVE ID : CVE-2025-7625
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A vulnerability, which was classified as critical, was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. Affected is the function Download of the file /download. The manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7625
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A vulnerability, which was classified as critical, was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. Affected is the function Download of the file /download. The manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7626 - YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability
CVE ID : CVE-2025-7626
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A vulnerability has been found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this vulnerability is the function onlinePreview of the file /onlinePreview. The manipulation of the argument url leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7626
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A vulnerability has been found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this vulnerability is the function onlinePreview of the file /onlinePreview. The manipulation of the argument url leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52363 - Tenda CP3 Pro Root Password Hash Hardcoded Vulnerability
CVE ID : CVE-2025-52363
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file and /etc/passwd-. An attacker with access to the firmware image can extract and attempt to crack the root password hash, potentially obtaining administrative access
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52363
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file and /etc/passwd-. An attacker with access to the firmware image can extract and attempt to crack the root password hash, potentially obtaining administrative access
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53014 - ImageMagick Heap Buffer Overflow Vulnerability
CVE ID : CVE-2025-53014
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs (`%%`). Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53014
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs (`%%`). Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7627 - YiJiuSmile kkFileViewOfficeEdit Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-7627
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this issue is the function fileUpload of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7627
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this issue is the function fileUpload of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7628 - YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability
CVE ID : CVE-2025-7628
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. It has been classified as critical. This affects the function deleteFile of the file /deleteFile. The manipulation of the argument fileName leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7628
Published : July 14, 2025, 6:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. It has been classified as critical. This affects the function deleteFile of the file /deleteFile. The manipulation of the argument fileName leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53015 - ImageMagick XMP File Conversion Infinite Lines Vulnerability
CVE ID : CVE-2025-53015
Published : July 14, 2025, 8:15 p.m. | 42 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53015
Published : July 14, 2025, 8:15 p.m. | 42 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...