🚨 CVE-2024-42412
Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser.

🎖@cveNotify

🚨 CVE-2025-43853
The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface (WASI) and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink following vulnerability. On WAMR running in Windows, creating a symlink pointing outside of the preopened directory and subsequently opening it with create flag will create a file on host outside of the sandbox. If the symlink points to an existing host file, it's also possible to open it and read its content. Version 2.3.0 fixes the issue.

🎖@cveNotify

🚨 CVE-2025-32962
Flask-AppBuilder is an application development framework built on top of Flask. Versions prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests. Flask-AppBuilder 4.6.2 introduced the `FAB_SAFE_REDIRECT_HOSTS` configuration variable, which allows administrators to explicitly define which domains are considered safe for redirection. As a workaround, use a reverse proxy to enforce trusted host headers.

🎖@cveNotify

🚨 CVE-2025-56869
Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in backend/src/applications/files/services/files-manager.service.ts.

🎖@cveNotify

🚨 CVE-2025-57296
Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. When handling the list and vlanId parameters, the sub_ADBC0 helper function concatenates these user-supplied values into nvram set system commands using doSystemCmd, without validating or sanitizing special characters (e.g., ;, ", #). An unauthenticated or authenticated attacker can exploit this by submitting a crafted POST request, leading to arbitrary system command execution on the affected device.

🎖@cveNotify

🚨 CVE-2025-10721
A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

🎖@cveNotify

🚨 CVE-2025-10722
A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of the component com.dw.android.mukbee. The manipulation results in improper export of android application components. The attack must be initiated from a local position. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

🎖@cveNotify

🚨 CVE-2025-48703
CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.

🎖@cveNotify

🚨 CVE-2022-45688
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.

🎖@cveNotify

🚨 CVE-2023-5072
Denial of Service in JSON-Java versions up to and including 20230618.  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.

🎖@cveNotify

🚨 CVE-2024-35838
In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: fix potential sta-link leak

When a station is allocated, links are added but not
set to valid yet (e.g. during connection to an AP MLD),
we might remove the station without ever marking links
valid, and leak them. Fix that.

🎖@cveNotify

🚨 CVE-2023-52682
In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to wait on block writeback for post_read case

If inode is compressed, but not encrypted, it missed to call
f2fs_wait_on_block_writeback() to wait for GCed page writeback
in IPU write path.

Thread A GC-Thread
- f2fs_gc
- do_garbage_collect
- gc_data_segment
- move_data_block
- f2fs_submit_page_write
migrate normal cluster's block via
meta_inode's page cache
- f2fs_write_single_data_page
- f2fs_do_write_data_page
- f2fs_inplace_write_data
- f2fs_submit_page_bio

IRQ
- f2fs_read_end_io
IRQ
old data overrides new data due to
out-of-order GC and common IO.
- f2fs_read_end_io

🎖@cveNotify

🚨 CVE-2023-52688
In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: fix the error handler of rfkill config

When the core rfkill config throws error, it should free the
allocated resources. Currently it is not freeing the core pdev
create resources. Avoid this issue by calling the core pdev
destroy in the error handler of core rfkill config.

Found this issue in the code review and it is compile tested only.

🎖@cveNotify

🚨 CVE-2023-52695
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check writeback connectors in create_validate_stream_for_sink

[WHY & HOW]
This is to check connector type to avoid
unhandled null pointer for writeback connectors.

🎖@cveNotify

🚨 CVE-2014-0755
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.

🎖@cveNotify

🚨 CVE-2014-0759
Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

🎖@cveNotify

🚨 CVE-2014-0763
An attacker using SQL injection may use arguments to construct queries
without proper sanitization. The DBVisitor.dll is exposed through SOAP
interfaces, and the exposed functions are vulnerable to SOAP injection.
This may allow unexpected SQL action and access to records in the table
of the software database or execution of arbitrary code.

🎖@cveNotify

🚨 CVE-2014-0764
By providing an overly long string to the NodeName parameter, an
attacker may be able to overflow the static stack buffer. The attacker
may then execute code on the target device remotely.

🎖@cveNotify

🚨 CVE-2014-0761
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

🎖@cveNotify

🚨 CVE-2014-0762
The CG Automation Software DNP3 driver, used in the ePAQ-9410 Substation
Gateway products, does not validate input correctly. An attacker could
cause the software to go into an infinite loop, causing the process to
crash. The system must be restarted manually to clear the condition.

🎖@cveNotify

🚨 CVE-2024-57965
In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability.

🎖@cveNotify