Lucene search
K

185 matches found

RedhatCVE
RedhatCVE
added 2025/05/01 2:22 a.m.13 views

CVE-2025-24206

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication polic...

7.7CVSS7.3AI score0.00343EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/01 2:22 a.m.12 views

CVE-2025-24270

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information...

5.7CVSS7.3AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/30 8:48 p.m.30 views

CVE-2025-30422

A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...

0.00569EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/30 8:48 p.m.8 views

CVE-2025-30422

A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination...

6AI score0.00569EPSS
Exploits1References1
CVE
CVE
added 2025/04/30 8:48 p.m.93 views

CVE-2025-30422

CVE-2025-30422 is a buffer overflow vulnerability in Apple’s AirPlay ecosystem (AirPlay audio SDK, AirPlay video SDK, and CarPlay Communication Plug-in). The issue, exploited by improper input handling, could allow an attacker on the same local network to trigger an unexpected application termina...

6.5CVSS7.5AI score0.00569EPSS
Exploits1References1Affected Software3
CVE
CVE
added 2025/04/30 8:48 p.m.363 views

CVE-2025-24132

CVE-2025-24132 affects Apple AirPlay SDKs (AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126) and the CarPlay plug‑in (R18.1). The issue is described as a memory handling vulnerability that can cause an application to terminate when exploited from the local network. Public connected documents ...

6.5CVSS7.4AI score0.03125EPSS
Exploits4References1Affected Software3
Vulnrichment
Vulnrichment
added 2025/04/29 2:5 a.m.6 views

CVE-2025-31197

The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination...

7.3AI score0.00253EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/04/29 2:5 a.m.20 views

CVE-2025-31197

The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination...

0.00253EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/04/29 2:5 a.m.19 views

CVE-2025-24206

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication polic...

0.00343EPSS
Exploits0References7
CVE
CVE
added 2025/04/29 2:5 a.m.65 views

CVE-2025-24251

CVE-2025-24251 affects multiple Apple OS releases (macOS Sequoia 15.4; macOS Ventura 13.7.5; macOS Sonoma 14.7.5; iOS 18.4/iPadOS 18.4; tvOS 18.4; watchOS 11.4; visionOS 2.4). The flaw enables a local‑network attacker to cause an unexpected termination of an app due to improved checks implemented...

6.5CVSS7.3AI score0.00326EPSS
Exploits0References8Affected Software6
Vulnrichment
Vulnrichment
added 2025/04/29 2:5 a.m.6 views

CVE-2025-24251

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, watchOS 11.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination...

4.2AI score0.00326EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/04/22 12:31 a.m.19 views

CVE-2025-3854 H3C GR-3000AX HTTP POST Request aspForm Edit_List_SSID buffer overflow

A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/EditListSSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argume...

8.6CVSS0.0049EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/04/16 1:32 a.m.23 views

CVE-2025-3545

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/setLanguage of the component HTTP POST Request Handler. T...

8.6CVSS7.4AI score0.01167EPSS
Exploits0References1
NVD
NVD
added 2025/04/14 2:15 a.m.22 views

CVE-2025-3546

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POS...

8.6CVSS0.01719EPSS
Exploits0References6
CVE
CVE
added 2025/04/14 1:31 a.m.82 views

CVE-2025-3546

The CVE-2025-3546 entry concerns H3C Magic NX15, NX30 Pro, NX400, R3010, and BE18000 up to V100R014. Affects the function FCGI_CheckStringIfContainsSemicolon in the HTTP POST Request Handler’s /api/wizard/getLanguage. Root cause is command injection via this function, with exploitation feasible o...

8.6CVSS8.2AI score0.01719EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2025/04/13 11:31 p.m.81 views

CVE-2025-3542

CVE-2025-3542 affects H3C Magic NX15, Magic NX400 and Magic R3010 (up to V100R014). Vulnerability lies in FCGI_WizardProtoProcess of the HTTP POST Request Handler at /api/wizard/getsyncpppoecfg, enabling command injection. Exploitation requires local-network access. Multiple sources confirm the i...

8.6CVSS8.1AI score0.01167EPSS
Exploits0References6
NVD
NVD
added 2025/04/13 7:15 p.m.20 views

CVE-2025-3538

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function authasp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within th...

8.8CVSS0.10325EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/13 6:31 p.m.29 views

CVE-2025-3538 D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function authasp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within th...

8.8CVSS0.10325EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/04/13 12:0 a.m.7 views

PT-2025-16190 · H3C · H3C Magic Nx15 +3

Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 Description: A critical vulnerability was found in the H3C Magic NX series,...

8.6CVSS7.9AI score0.01167EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2025/04/07 1:0 a.m.13 views

CVE-2025-3329 Consumer Comanda Mobile Restaurant Order cleartext transmission

A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3.2/15.0.0.8. This affects an unknown part of the component Restaurant Order Handler. The manipulation of the argument Login/Password leads to cleartext transmission of sensitive information. The attack...

3.1CVSS6.6AI score0.00302EPSS
Exploits1References4
Rows per page
Query Builder