12 matches found
EUVD-2025-204381
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This...
EUVD-2025-203430
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...
EUVD-2025-201247
Waveshare RS232/485 TO WIFI ETH B Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to transmit Administrator credentials in plaintext...
EUVD-2025-199834
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
EUVD-2025-198239
EUVD-2025-198239...
EUVD-2025-145782
Malicious code in charlottelee npm...
EUVD-2025-96042
Malicious code in ogi-dradag64-breki npm...
EUVD-2025-88789
Malicious code in sinta-tahu91-miaww npm...
EUVD-2025-90283
Malicious code in lutfi-lapis42-miaww npm...
EUVD-2025-39764
Malicious code in erick-kue74-sluey npm...
EUVD-2025-37624
The WP Global Screen Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing nonce validation on the updatewpglobalscreenoptions action handler. This makes it possible for unauthenticated attackers to modify global...
EUVD-2025-37684
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An attacker with physical access may be able to access contacts from the lock screen...