CVE-2025-13303 - code-projects Courier Management System search-edit.php sql injection
CVE ID : CVE-2025-13303
Published : Nov. 17, 2025, 10:15 p.m. | 3 hours, 25 minutes ago
Description : A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13303
Published : Nov. 17, 2025, 10:15 p.m. | 3 hours, 25 minutes ago
Description : A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-64766 - NixOS has hardcoded credentials in Onlyoffice module
CVE ID : CVE-2025-64766
Published : Nov. 17, 2025, 10:15 p.m. | 3 hours, 25 minutes ago
Description : NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protect its file cache. An attacker with knowledge of an existing revision ID could use this secret to obtain a document. In practice, an arbitrary revision ID should be hard to obtain. The primary impact is likely the access to known documents from users with expired access. This issue was resolved in NixOS unstable version 25.11 and version 25.05.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-64766
Published : Nov. 17, 2025, 10:15 p.m. | 3 hours, 25 minutes ago
Description : NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protect its file cache. An attacker with knowledge of an existing revision ID could use this secret to obtain a document. In practice, an arbitrary revision ID should be hard to obtain. The primary impact is likely the access to known documents from users with expired access. This issue was resolved in NixOS unstable version 25.11 and version 25.05.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13223 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability
CVE ID : CVE-2025-13223
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13223
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13224 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability
CVE ID : CVE-2025-13224
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13224
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13304 - D-Link DWR-M920/DWR-M921/DWR-M960/DWR-M961/DIR-825M formPingDiagnosticRun buffer overflow
CVE ID : CVE-2025-13304
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13304
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13305 - D-Link DWR-M920/DWR-M921/DWR-M960/DIR-822K/DIR-825M formTracerouteDiagnosticRun buffer overflow
CVE ID : CVE-2025-13305
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13305
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31361 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability
CVE ID : CVE-2025-31361
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31361
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31649 - Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability
CVE ID : CVE-2025-31649
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31649
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32089 - Dell ControlVault3 CvManager_SBI buffer overflow vulnerability
CVE ID : CVE-2025-32089
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32089
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36460 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36460
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 2 (`WBIO_USH_GET_IDENTITY`) with `4 <= ReceiveBuferSize < 80` This will lead to an out-of-bound write of up to 75 bytes. These can be either null-bytes or potentially attacker controlled data if another vulnerability is leveraged to place attacked-controlled data as Identity inside the database.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36460
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 2 (`WBIO_USH_GET_IDENTITY`) with `4 <= ReceiveBuferSize < 80` This will lead to an out-of-bound write of up to 75 bytes. These can be either null-bytes or potentially attacker controlled data if another vulnerability is leveraged to place attacked-controlled data as Identity inside the database.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36461 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36461
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 0 (`WBIO_USH_GET_TEMPLATE`) and with either `0 < ReceiveBuferSize < 4` and/or `0 < SendBufferSize < 76`. The former will lead to an out-of-bound write of up to 3 bytes and the latter will trigger an out-of-bound read of up to 75 bytes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36461
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 0 (`WBIO_USH_GET_TEMPLATE`) and with either `0 < ReceiveBuferSize < 4` and/or `0 < SendBufferSize < 76`. The former will lead to an out-of-bound write of up to 3 bytes and the latter will trigger an out-of-bound read of up to 75 bytes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36462 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36462
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 3 (`WBIO_USH_CREATE_CHALLENGE`) and with `0 < ReceiveBuferSize < 4`. Up to three null-bytes will be written past the end of the `ReceiveBuffer`.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36462
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 3 (`WBIO_USH_CREATE_CHALLENGE`) and with `0 < ReceiveBuferSize < 4`. Up to three null-bytes will be written past the end of the `ReceiveBuffer`.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36463 - Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
CVE ID : CVE-2025-36463
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 4 (`WBIO_USH_ADD_RECORD`) and with `0 < SendBufferSize < 104`. A various amount of bytes can be read ouf of bound past the end the `SendBuffer`. The constraints surrounding this exploitation are pretty tough and may make the exploitation of this vulnerability less likely or limited to a Denial of Services.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36463
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 4 (`WBIO_USH_ADD_RECORD`) and with `0 < SendBufferSize < 104`. A various amount of bytes can be read ouf of bound past the end the `SendBuffer`. The constraints surrounding this exploitation are pretty tough and may make the exploitation of this vulnerability less likely or limited to a Denial of Services.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36553 - Dell ControlVault3 CvManager buffer overflow vulnerability
CVE ID : CVE-2025-36553
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36553
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7711 - Classified Listing – Classified ads & Business Directory Plugin <= 5.0.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Listing Description
CVE ID : CVE-2025-7711
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : The The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7711
Published : Nov. 17, 2025, 11:15 p.m. | 2 hours, 25 minutes ago
Description : The The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13226 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13226
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13226
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13227 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13227
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13227
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13228 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13228
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13228
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13229 - Google Chrome V8 Type Confusion Heap Corruption
CVE ID : CVE-2025-13229
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13229
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13230 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability
CVE ID : CVE-2025-13230
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13230
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13306 - D-Link DWR-M920/DWR-M921/DIR-822K/DIR-825M formDebugDiagnosticRun system command injection
CVE ID : CVE-2025-13306
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13306
Published : Nov. 18, 2025, 12:15 a.m. | 1 hour, 25 minutes ago
Description : A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...