CVE-2025-40769 - SINEC Traffic Analyzer Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-40769
Published : Aug. 12, 2025, 12:15 p.m. | 2 hours, 23 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could allow an attacker to execute unauthorized scripts, potentially leading to cross-site scripting attacks.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40769
Published : Aug. 12, 2025, 12:15 p.m. | 2 hours, 23 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could allow an attacker to execute unauthorized scripts, potentially leading to cross-site scripting attacks.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40770 - SINEC Traffic Analyzer Man-in-the-Middle Vulnerability
CVE ID : CVE-2025-40770
Published : Aug. 12, 2025, 12:15 p.m. | 2 hours, 23 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40770
Published : Aug. 12, 2025, 12:15 p.m. | 2 hours, 23 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43735 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)
CVE ID : CVE-2025-43735
Published : Aug. 12, 2025, 1:15 p.m. | 1 hour, 23 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the google_gadget.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43735
Published : Aug. 12, 2025, 1:15 p.m. | 1 hour, 23 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the google_gadget.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22830 - APTIOV BIOS Race Condition Vulnerability
CVE ID : CVE-2025-22830
Published : Aug. 12, 2025, 2:15 p.m. | 23 minutes ago
Description : APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. A successful exploitation of this vulnerability may lead to resource exhaustion and impact Confidentiality, Integrity, and Availability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22830
Published : Aug. 12, 2025, 2:15 p.m. | 23 minutes ago
Description : APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. A successful exploitation of this vulnerability may lead to resource exhaustion and impact Confidentiality, Integrity, and Availability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22834 - AMI APTIOV BIOS Improper Initialization Vulnerability
CVE ID : CVE-2025-22834
Published : Aug. 12, 2025, 2:15 p.m. | 23 minutes ago
Description : AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22834
Published : Aug. 12, 2025, 2:15 p.m. | 23 minutes ago
Description : AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53733 - Microsoft Office Word Integer Overflow Remote Code Execution Vulnerability
CVE ID : CVE-2025-53733
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53733
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53734 - Microsoft Office Visio Use-After-Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-53734
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53734
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53735 - Microsoft Office Excel Use-After-Free Vulnerability
CVE ID : CVE-2025-53735
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53735
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53736 - Microsoft Office Word Buffer Over-Read Information Disclosure
CVE ID : CVE-2025-53736
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53736
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53737 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-53737
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53737
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53738 - Microsoft Office Word Use After Free Code Execution Vulnerability
CVE ID : CVE-2025-53738
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53738
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53739 - Microsoft Office Excel Type Confusion Code Execution Vulnerability
CVE ID : CVE-2025-53739
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53739
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53740 - Microsoft Office Use-After-Free Code Execution Vulnerability
CVE ID : CVE-2025-53740
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53740
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53741 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-53741
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53741
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53759 - Microsoft Office Excel Uninitialized Resource Code Execution Vulnerability
CVE ID : CVE-2025-53759
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53759
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53760 - Microsoft Office SharePoint SSRF
CVE ID : CVE-2025-53760
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53760
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53761 - Microsoft Office PowerPoint Use-After-Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-53761
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53761
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53765 - Azure Stack Information Disclosure Vulnerability
CVE ID : CVE-2025-53765
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53765
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53766 - Windows GDI+ Heap-based Buffer Overflow
CVE ID : CVE-2025-53766
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53766
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53769 - Windows Security App Path Traversal Vulnerability
CVE ID : CVE-2025-53769
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53769
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53772 - Web Deploy Untrusted Data Deserialization Code Execution Vulnerability
CVE ID : CVE-2025-53772
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53772
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...