CVE-2025-8205

A vulnerability, which was classified as problematic, has been found in Comodo Dragon up to 134.0.6998.179. Affected by this issue is some unknown functionality of the component IP DNS Leakage Detector. The manipulation leads to cleartext transmission of sensitive information. The attack may be...

CVE-2025-8204

A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179. Affected by this vulnerability is an unknown functionality of the component HSTS Handler. The manipulation leads to security check for standard. The attack can be launched remotely. The complexity of an...

CVE-2025-8204

CVE-2025-8204 affects Comodo Dragon up to version 134.0.6998.179, targeting the HSTS Handler component. The issue involves an insufficient security check in the HSTS Handler, enabling remote exploitation with high attack complexity. Publicly disclosed exploit information exists, and the vendor wa...

CVE-2025-8182 Tenda AC18 Samba smb.conf weak password

A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the file /etcro/smb.conf of the component Samba. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an atta...

CVE-2025-8182 Tenda AC18 Samba smb.conf weak password

A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the file /etcro/smb.conf of the component Samba. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an atta...

CVE-2025-32429

creationtimestamp| type| source ---|---|--- 2025-07-25 17:19:37+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/45351 2025-07-25 21:00:04+00:00| published-proof-of-concept| Telegram/pWh9oXm1NWWZEdeLjOyDfp59yY5k-322VAVSQFlsbZDzP-c 2025-07-26 08:08:26+00:00| published-proof-of-concept...

CVE-2025-7882

A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as problematic. This issue affects some unknown processing of the component Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack can only be initiated...

SUSE-SU-2025:02427-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 - CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the...

CVE-2025-7882 Mercusys MW301R Login excessive authentication

A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as problematic. This issue affects some unknown processing of the component Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack can only be initiated...

CVE-2025-7789

Summary of CVE-2025-7789 : The issue affects the xxl-job framework (versions up to 3.1.1). The vulnerable component is the makeToken function in IndexController.java (Token Generation). The root cause is password hashing with insufficient computational effort, enabling a remote attack; exploitati...

HTMLParser quadratic complexity when processing malformed inputs

...

Security update for python311

This update for python311 fixes the following issues: CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:02358-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705...

CVE-2025-7577

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather...

CVE-2025-7579 chinese-poetry server.js redos

A vulnerability was found in chinese-poetry 0.1. It has been rated as problematic. This issue affects some unknown processing of the file rank/server.js. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to th...

CVE-2025-7579

Summary: CVE-2025-7579 affects chinese-poetry 0.1, with a vulnerability in the processing of rank/server.js that leads to inefficient regular expression complexity (a redos-type issue). The issue can be triggered remotely and the exploit has been publicly disclosed. Multiple sources (Red Hat, NVD...

CVE-2025-7577

CVE-2025-7577 affects Teledyne FLIR FB-Series O and FLIR FH-Series ID, version 1.3.2.16. The root cause is a hard-coded password that enables a remote attack. Documented impact indicates potential exposure of credentials and partial confidentiality impact, with attack vector over the network and ...

chinese-poetry 安全漏洞

chinese-poetry is chinese-poetry open source a database of ancient Chinese poems. A security vulnerability exists in chinese-poetry version 0.1, which stems from an insufficient regular expression complexity due to a misbehavior in the file rank/server.js...

PT-2025-29429 · Pypi · Chinese-Poetry

Name of the Vulnerable Software and Affected Versions: chinese-poetry version 0.1 Description: A problematic issue exists due to inefficient regular expression complexity in the processing of the file rank/server.js. This issue can be initiated remotely. The exploit for this issue has been public...

CVE-2025-7453

A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the component JSON Web Token Handler. The manipulation with the input 123 leads to use of hard-coded...