2214 matches found
CVE-2025-3542
CVE-2025-3542 affects H3C Magic NX15, Magic NX400 and Magic R3010 (up to V100R014). Vulnerability lies in FCGI_WizardProtoProcess of the HTTP POST Request Handler at /api/wizard/getsyncpppoecfg, enabling command injection. Exploitation requires local-network access. Multiple sources confirm the i...
CVE-2025-3538
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function authasp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within th...
CVE-2025-3538 D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function authasp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within th...
PT-2025-16190 · H3C · H3C Magic Nx15 +3
Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 Description: A critical vulnerability was found in the H3C Magic NX series,...
CVE-2025-26651
Exposed dangerous method or function in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
CVE-2025-29794
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
CVE-2025-27481
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network...
CVE-2025-27491
Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network...
CVE-2025-30651
CVE-2025-30651 affects Juniper Networks Junos OS and Junos OS Evolved. A Buffer Access with Incorrect Length Value in the routing protocol daemon (rpd) can be triggered by a specific ICMPv6 packet to an interface configured with protocol router-advertisement, causing rpd to crash and restart and ...
PT-2025-15851 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S9 Junos OS versions 22.2 prior to 22.2R3-S5 Junos OS versions 22.4 prior to 22.4R3-S4 Junos OS versions 23.2 prior to 23.2R2-S3 Junos OS versions 23.4 prior to 23.4R2-S3 Junos OS versions 24.2 prior to...
(Pwn2Own) Samsung Galaxy S24 Quick Share Insufficient UI Warning Arbitrary File Write Vulnerability
This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Samsung Galaxy S24. An attacker must first obtain the ability to perform activities on the target device. The specific flaw exists within the Quick Share application. The user interface fai...
Juniper Junos OS Vulnerability (JSA96466)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96466 advisory. - An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3...
Juniper Junos OS Vulnerability (JSA96471)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96471 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an...
Juniper Junos OS Vulnerability (JSA96470)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96470 advisory. - An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an...
CVE-2025-27740
Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network...
CVE-2025-27487
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network...
CVE-2025-27481
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network...
CVE-2025-27473
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network...
CVE-2025-27472
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...
CVE-2025-27470
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network...