CVE-2025-66360 - Logpoint Access Control Policy Privilege Escalation Vulnerability
CVE ID : CVE-2025-66360
Published : Nov. 28, 2025, 12:15 a.m. | 57 minutes ago
Description : An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-66360
Published : Nov. 28, 2025, 12:15 a.m. | 57 minutes ago
Description : An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-66361 - Logpoint Exposes Sensitive Information
CVE ID : CVE-2025-66361
Published : Nov. 28, 2025, 12:15 a.m. | 57 minutes ago
Description : An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-66361
Published : Nov. 28, 2025, 12:15 a.m. | 57 minutes ago
Description : An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58294 - Cisco Print Module Information Disclosure
CVE ID : CVE-2025-58294
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58294
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58303 - Adobe Screen Recorder Use-After-Free Vulnerability
CVE ID : CVE-2025-58303
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58303
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58307 - Apache Screen Recording Framework Use-After-Free
CVE ID : CVE-2025-58307
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58307
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58309 - Apache Startup Recovery Unauthenticated Remote Code Execution and Information Disclosure
CVE ID : CVE-2025-58309
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the startup recovery module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58309
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the startup recovery module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58310 - Apache Distributed Component Permission Control Bypass
CVE ID : CVE-2025-58310
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58310
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58312 - Apache App Lock Unauthenticated Access Vulnerability
CVE ID : CVE-2025-58312
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58312
Published : Nov. 28, 2025, 3:15 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58314 - Cisco Component Driver Memory Corruption Vulnerability
CVE ID : CVE-2025-58314
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58314
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58315 - Aruba Wi-Fi Module Permission Control Vulnerability
CVE ID : CVE-2025-58315
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58315
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58316 - "Realtek Video Service Denial of Service Vulnerability"
CVE ID : CVE-2025-58316
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : DoS vulnerability in the video-related system service module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58316
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : DoS vulnerability in the video-related system service module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-64311 - Notepad Permission Control Vulnerability (Confidentiality)
CVE ID : CVE-2025-64311
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-64311
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-64313 - "Microsoft Office DoS Vulnerability"
CVE ID : CVE-2025-64313
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-64313
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-64314 - Cisco Memory Management Permission Control Vulnerability
CVE ID : CVE-2025-64314
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-64314
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-64315 - Apache File Manager Configuration Defect Remote File Inclusion Vulnerability
CVE ID : CVE-2025-64315
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Configuration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data confidentiality and integrity.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-64315
Published : Nov. 28, 2025, 3:16 a.m. | 1 hour, 57 minutes ago
Description : Configuration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data confidentiality and integrity.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13737 - Nextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social Login
CVE ID : CVE-2025-13737
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink the user's social login via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13737
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink the user's social login via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58302 - "Acme Settings Module Unsecured Configuration"
CVE ID : CVE-2025-58302
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58302
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58304 - Apache File Manager Unauthorized Access Vulnerability
CVE ID : CVE-2025-58304
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58304
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58305 - Gallery App Authentication Bypass
CVE ID : CVE-2025-58305
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58305
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58308 - Apache Call Module Authentication Bypass Vulnerability
CVE ID : CVE-2025-58308
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58308
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58311 - "USB Driver Uninitialized Free Memory UAF Vulnerability"
CVE ID : CVE-2025-58311
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58311
Published : Nov. 28, 2025, 4:16 a.m. | 57 minutes ago
Description : UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...