Lucene search
K

25168 matches found

NVD
NVD
added 2025/12/04 10:15 p.m.6 views

CVE-2025-12196

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...

8.6CVSS0.0051EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/04 9:47 p.m.19 views

CVE-2025-13939 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Gateway Wireless Controller

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Gateway Wireless Controller module allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 u...

4.8CVSS0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/04 9:47 p.m.2 views

CVE-2025-13938 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...

4.8CVSS5.8AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/04 9:45 p.m.21 views

CVE-2025-13936 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...

4.8CVSS0.00151EPSS
Exploits0References1
CVE
CVE
added 2025/12/04 9:43 p.m.15 views

CVE-2025-12195

CVE-2025-12195 describes an out-of-bounds write vulnerability in the WatchGuard Fireware OS CLI. An authenticated privileged user can trigger arbitrary code execution by sending specially crafted IPSec configuration CLI commands. Affected versions span Fireware OS 11.0–11.12.4+541730, 12.0–12.11....

8.6CVSS6.9AI score0.00567EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/04 8:16 p.m.7 views

CVE-2025-29269

ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...

9.8CVSS0.02292EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/12/04 4:8 p.m.4 views

CVE-2025-40264

In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrbparams in case of OS2BMC beinsertvlaninpkt is called with the wrbparams argument being NULL at besendpkttobmc call site. This may lead to dereferencing a NULL pointer when processing a workaround for specific...

5.2AI score0.00182EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/04 12:11 a.m.13 views

CVE-2025-65843

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...

7.7CVSS6.6AI score0.00238EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/04 12:0 a.m.23 views

CVE-2025-29269

ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...

0.02292EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.3 views

Loaded Commerce 操作系统命令注入漏洞

Loaded Commerce is an open source e-commerce platform from Loaded Commerce, Inc. An operating system command injection vulnerability exists in Loaded Commerce version 6.6, which stems from a client-side template injection vulnerability that could lead to code execution on the server via search...

6.9CVSS8AI score0.00407EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.4 views

PT-2025-49166

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 WatchGuard Fireware OS versions 12.6 through 12.11.2 Description A stack-based buffer overflow exists in the certificate request command of WatchGuard Fireware OS. An authenticated...

7.5CVSS7.7AI score0.00236EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.1 views

Photon OS 5.0: Cups PHSA-2025-5.0-0697

An update of the cups package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0697. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.7CVSS6.7AI score0.00409EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2025/12/03 8:16 p.m.2 views

CVE-2025-12385

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References4
NVD
NVD
added 2025/12/03 7:15 p.m.3 views

CVE-2025-66208

Collabora Online - Built-in CODE Server richdocumentscode provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE OS Command Injection in richdocumentscode proxy. Users of Nextclou...

9.8CVSS0.00948EPSS
Exploits0References1
NVD
NVD
added 2025/12/03 5:15 p.m.2 views

CVE-2025-65841

Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...

6.2CVSS0.00213EPSS
Exploits1References3
NVD
NVD
added 2025/12/03 5:15 p.m.3 views

CVE-2025-65843

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...

7.7CVSS0.00238EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/12/03 12:25 a.m.2 views

SUSE CVE-2025-13634

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. Chromium security severity: Medium...

4.4CVSS6.2AI score0.00136EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.5 views

PT-2025-48993

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 Description An issue with path handling exists due to insufficient validation. Restoring a maliciously crafted backup file may lead to modification of protected system files. Early...

5.5CVSS5.6AI score0.00475EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-13721

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security...

7.5CVSS5.6AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2025/12/02 1:15 p.m.7 views

CVE-2025-11787

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS', 'CheckPing' and 'TraceRoute' functions...

8.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder