Lucene search
K

37 matches found

NVD
NVD
added 14 hours ago7 views

CVE-2026-8919

Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...

7.2CVSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/27 3:3 p.m.16 views

CVE-2025-59368

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security...

6CVSS6.7AI score0.00363EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 8:15 a.m.7 views

CVE-2025-59372

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on...

6.9CVSS0.00567EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 7:30 a.m.6 views

EUVD-2025-199558

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...

7.5CVSS6.5AI score0.00735EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/25 7:27 a.m.8 views

EUVD-2025-199586

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware...

9.2CVSS6.5AI score0.15404EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/25 7:27 a.m.7 views

CVE-2025-59366

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware...

9.2CVSS6.7AI score0.15404EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.10 views

PT-2025-47993

Name of the Vulnerable Software and Affected Versions ASUS Router WebDAV affected versions not specified Description A path traversal issue exists in WebDAV, potentially allowing remote attackers without authentication to compromise the integrity of the device. The issue may allow unauthorized...

8.2CVSS6.7AI score0.00641EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2025/11/19 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-12912

An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

7.2CVSS5.9AI score0.01238EPSS
In wildExploits1References2
OSV
OSV
added 2025/11/13 3:16 a.m.5 views

CVE-2025-59367

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...

9.8CVSS5.8AI score0.00862EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 2:9 a.m.5 views

EUVD-2025-150354

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...

9.3CVSS6.8AI score0.00862EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/13 2:9 a.m.12 views

CVE-2025-59367

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...

9.3CVSS0.00862EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/13 2:9 a.m.3 views

CVE-2025-59367

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...

9.3CVSS7AI score0.00862EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 6:2 a.m.15 views

CVE-2025-9338

The connected PT-Security advisory for PT-2025-45177 confirms a vulnerability in AsIO3.sys involving improper restriction of operations within a memory buffer, enabling local privilege escalation if a specially crafted process is executed. It identifies AsIO3.sys as the affected driver and notes ...

7.3CVSS6.3AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/13 12:31 p.m.7 views

EUVD-2025-34060

A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash BSOD or other potentially undefined execution. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory f...

6.8CVSS7AI score0.00138EPSS
Exploits0References2
NVD
NVD
added 2025/10/13 10:15 a.m.6 views

CVE-2025-9337

A null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash BSOD. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information...

6.8CVSS0.00124EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/13 9:24 a.m.9 views

CVE-2025-9337

A null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash BSOD. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information...

6.8CVSS0.00124EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-51315

Malicious code in bioql PyPI...

7.2CVSS8.8AI score0.00983EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51221

Malicious code in bioql PyPI...

8.4CVSS6.6AI score0.00157EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-14316

Malicious code in bioql PyPI...

8.2CVSS7.7AI score0.00268EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-51187

Malicious code in bioql PyPI...

7.2CVSS8.8AI score0.01238EPSS
Exploits1References1
Rows per page
Query Builder