CVE-2025-48863 - Apache HTTP Server Cross-Site Scripting
CVE ID : CVE-2025-48863
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Rejected reason: This CVE id was assigned but later discarded.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48863
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Rejected reason: This CVE id was assigned but later discarded.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48864 - Apache HTTP Server Cross-Site Scripting
CVE ID : CVE-2025-48864
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Rejected reason: This CVE id was assigned but later discarded.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48864
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Rejected reason: This CVE id was assigned but later discarded.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50526 - Netgear EX8000 Command Injection
CVE ID : CVE-2025-50526
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50526
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65865 - eProsima Fast-DDS Integer Overflow Denial of Service
CVE ID : CVE-2025-65865
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : An integer overflow in eProsima Fast-DDS v3.3 allows attackers to cause a Denial of Service (DoS) via a crafted input.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65865
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : An integer overflow in eProsima Fast-DDS v3.3 allows attackers to cause a Denial of Service (DoS) via a crafted input.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67108 - eProsima Fast-DDS Data Validation Vulnerability
CVE ID : CVE-2025-67108
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67108
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67109 - Eclipse Cyclone DDS Certificate Verification Bypass
CVE ID : CVE-2025-67109
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67109
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67111 - OpenDDS DDS Integer Overflow Denial of Service
CVE ID : CVE-2025-67111
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service (DoS) via a crafted message.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67111
Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago
Description : An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service (DoS) via a crafted message.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-57521 - RuoYi SQL Injection Remote Code Execution
CVE ID : CVE-2024-57521
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.java.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-57521
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.java.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29228 - Linksys E5600 Command Injection Vulnerability
CVE ID : CVE-2025-29228
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29228
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29229 - Linksys E5600 Remote Command Injection Weakness
CVE ID : CVE-2025-29229
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29229
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33222 - NVIDIA Isaac Launchable Hard-Coded Credential Disclosure
CVE ID : CVE-2025-33222
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-33222
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33223 - NVIDIA Isaac Launchable Privilege Escalation Vulnerability
CVE ID : CVE-2025-33223
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-33223
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33224 - NVIDIA Isaac Launchable Privilege Escalation Vulnerability
CVE ID : CVE-2025-33224
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-33224
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65410 - GNU Unrtf Stack Overflow Denial of Service
CVE ID : CVE-2025-65410
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65410
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65713 - Home Assistant Core Directory Traversal
CVE ID : CVE-2025-65713
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65713
Published : Dec. 23, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13074 - Apache Server Header Information Disclosure
CVE ID : CVE-2025-13074
Published : Dec. 23, 2025, 6:15 p.m. | 43 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13074
Published : Dec. 23, 2025, 6:15 p.m. | 43 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51511 - Cadmium CMS File Upload Vulnerability
CVE ID : CVE-2025-51511
Published : Dec. 23, 2025, 6:15 p.m. | 43 minutes ago
Description : Cadmium CMS v.0.4.9 has a background arbitrary file upload vulnerability in /admin/content/filemanager/uploads.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51511
Published : Dec. 23, 2025, 6:15 p.m. | 43 minutes ago
Description : Cadmium CMS v.0.4.9 has a background arbitrary file upload vulnerability in /admin/content/filemanager/uploads.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14489 - RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-14489
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27658.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14489
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27658.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14490 - RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-14490
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27659.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14490
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27659.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14491 - RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-14491
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27660.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14491
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27660.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14492 - RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-14492
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27668.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14492
Published : Dec. 23, 2025, 10:15 p.m. | 44 minutes ago
Description : RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27668.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...