Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:CERT C Secure Coding Standard (2008) Chapter 10 - Input Output (FIO)
Category ID:743
Vulnerability Mapping:Prohibited
Status:Obsolete
DetailsContent HistoryObserved CVE ExamplesReports
30260Vulnerabilities found

CVE-2025-39961
Assigner-kernel.org
ShareView Details
Assigner-kernel.org
CVSS Score-4.7||MEDIUM
EPSS-0.02% / 4.02%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 12:13
Updated-26 Feb, 2026 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iommu/amd/pgtbl: Fix possible race while increase page table level

In the Linux kernel, the following vulnerability has been resolved: iommu/amd/pgtbl: Fix possible race while increase page table level The AMD IOMMU host page table implementation supports dynamic page table levels (up to 6 levels), starting with a 3-level configuration that expands based on IOVA address. The kernel maintains a root pointer and current page table level to enable proper page table walks in alloc_pte()/fetch_pte() operations. The IOMMU IOVA allocator initially starts with 32-bit address and onces its exhuasted it switches to 64-bit address (max address is determined based on IOMMU and device DMA capability). To support larger IOVA, AMD IOMMU driver increases page table level. But in unmap path (iommu_v1_unmap_pages()), fetch_pte() reads pgtable->[root/mode] without lock. So its possible that in exteme corner case, when increase_address_space() is updating pgtable->[root/mode], fetch_pte() reads wrong page table level (pgtable->mode). It does compare the value with level encoded in page table and returns NULL. This will result is iommu_unmap ops to fail and upper layer may retry/log WARN_ON. CPU 0 CPU 1 ------ ------ map pages unmap pages alloc_pte() -> increase_address_space() iommu_v1_unmap_pages() -> fetch_pte() pgtable->root = pte (new root value) READ pgtable->[mode/root] Reads new root, old mode Updates mode (pgtable->mode += 1) Since Page table level updates are infrequent and already synchronized with a spinlock, implement seqcount to enable lock-free read operations on the read path.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-7526
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.14% / 78.27%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 05:23
Updated-09 Oct, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

Action-Not Available
Vendor-wptravelengine
Product-WP Travel Engine – Tour Booking Plugin – Tour Operator Software
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11528
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 03:02
Updated-24 Feb, 2026 | 06:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC7 saveAutoQos stack-based overflow

A vulnerability was identified in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/saveAutoQos. The manipulation of the argument enable leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac7_firmwareac7AC7
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11527
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 02:32
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC7 fast_setting_pppoe_set stack-based overflow

A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fast_setting_pppoe_set. Executing a manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac7_firmwareac7AC7
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11526
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.77%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 02:32
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC7 WifiMacFilterSet stack-based overflow

A vulnerability was found in Tenda AC7 15.03.06.44. The affected element is an unknown function of the file /goform/WifiMacFilterSet. Performing a manipulation of the argument wifi_chkHz results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac7_firmwareac7AC7
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11525
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.77%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 01:32
Updated-24 Feb, 2026 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC7 SetUpnpCfg stack-based overflow

A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac7_firmwareac7AC7
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11524
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 01:02
Updated-24 Feb, 2026 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC7 SetDDNSCfg stack-based overflow

A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac7_firmwareac7AC7
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-61913
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.90% / 75.45%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 22:43
Updated-20 Oct, 2025 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Flowise is vulnerable to arbitrary file read, arbitrary file write

Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability.

Action-Not Available
Vendor-flowiseaiFlowiseAI
Product-flowiseFlowise
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11535
Assigner-MongoDB, Inc.
ShareView Details
Assigner-MongoDB, Inc.
CVSS Score-8.8||HIGH
EPSS-0.03% / 6.63%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 22:07
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MongoDB Connector for BI installation MSI leave ACLs unset on custom installation directories

MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24.

Action-Not Available
Vendor-MongoDB, Inc.
Product-MongoDB Connector for BI
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-11495
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 9.85%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 20:02
Updated-24 Feb, 2026 | 06:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2025-11494
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 9.85%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 19:32
Updated-24 Feb, 2026 | 06:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds

A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-11489
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-2||LOW
EPSS-0.03% / 9.65%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 18:02
Updated-12 Dec, 2025 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
wonderwhy-er DesktopCommanderMCP filesystem.ts isPathAllowed symlink

A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This vulnerability affects the function isPathAllowed of the file src/tools/filesystem.ts. The manipulation leads to symlink following. The attack can only be performed from a local environment. The attack's complexity is rated as high. It is stated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The vendor explains: "Our restriction features are designed as guardrails for LLMs to help them stay closer to what users want, rather than hardened security boundaries. (...) For users where security is a top priority, we continue to recommend using Desktop Commander with Docker, which provides actual isolation. (...) We'll keep this issue open for future consideration if we receive more user demand for improved restrictions." This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-wonderwhy-erwonderwhy-er
Product-desktopcommandermcpDesktopCommanderMCP
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2025-42701
Assigner-CrowdStrike Holdings, Inc.
ShareView Details
Assigner-CrowdStrike Holdings, Inc.
CVSS Score-5.6||MEDIUM
EPSS-0.02% / 5.56%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 17:18
Updated-08 Oct, 2025 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CrowdStrike Falcon Sensor for Windows Race Condition

A race condition exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility (LTV) sensors. There is no indication of exploitation of these issues in the wild. Our threat hunting and intelligence team are actively monitoring for exploitation and we maintain visibility into any such attempts. The Falcon sensor for Mac, the Falcon sensor for Linux and the Falcon sensor for Legacy Systems are not impacted by this. CrowdStrike was made aware of this issue through our HackerOne bug bounty program. It was discovered by Cong Cheng and responsibly disclosed.

Action-Not Available
Vendor-CrowdStrike
Product-Falcon sensor for Windows
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2025-11444
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.22% / 44.60%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 08:02
Updated-24 Feb, 2026 | 06:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK N600R HTTP Request cstecgi.cgi setWiFiBasicConfig buffer overflow

A security vulnerability has been detected in TOTOLINK N600R up to 4.3.0cu.7866_B20220506. This impacts the function setWiFiBasicConfig of the file /cgi-bin/cstecgi.cgi of the component HTTP Request Handler. Such manipulation of the argument wepkey leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-n600rn600r_firmwareN600R
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11423
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-0.31% / 53.75%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 02:02
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda CH22 SafeEmailFilter formSafeEmailFilter memory corruption

A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. Performing a manipulation of the argument page results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ch22ch22_firmwareCH22
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-11418
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-0.42% / 61.90%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 00:02
Updated-24 Feb, 2026 | 06:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda CH22 HTTP Request AdvSetWrlsafeset formWrlsafeset stack-based overflow

A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1. This issue affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP Request Handler. The manipulation of the argument mit_ssid_index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ch22ch22_firmwareCH22
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11414
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 9.85%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 22:32
Updated-24 Feb, 2026 | 06:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-11413
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 9.27%
||
7 Day CHG-0.00%
Published-07 Oct, 2025 | 22:02
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds

A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-11412
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 9.85%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 22:02
Updated-24 Feb, 2026 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-11408
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.07% / 20.53%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 20:32
Updated-19 Nov, 2025 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7001 MINI dbsrv.asp buffer overflow

A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7001mini-8gdi-7001mini-8g_firmwareDI-7001 MINI
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11462
Assigner-Amazon
ShareView Details
Assigner-Amazon
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 11.80%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 19:44
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client

Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a symlink from a client log file to a privileged location. On log rotation, this could lead to code execution with root privileges if the user made crafted API calls which injected arbitrary code into the log file. We recommend users upgrade to AWS VPN Client for macOS 5.2.1 or the latest version.

Action-Not Available
Vendor-AWS
Product-Client VPN
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-43889
Assigner-Dell
ShareView Details
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 37.93%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 18:37
Updated-14 Oct, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-43934
Assigner-Dell
ShareView Details
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.04% / 11.15%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 18:30
Updated-14 Oct, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-36156
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-7.4||HIGH
EPSS-0.03% / 6.93%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 17:36
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM InfoSphere Data Replication VSAM for z/OS Remote Source code execution

IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with access to the files storing CECSUB or CECRM on the container could overflow the buffer and execute arbitrary code on the system.

Action-Not Available
Vendor-IBM Corporation
Product-infosphere_data_replication_vsam_for_z\/os_remote_sourceInfoSphere Data Replication VSAM for z/OS Remote Source
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-48826
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.11% / 29.93%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 13:55
Updated-03 Nov, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability.

Action-Not Available
Vendor-planetPlanet
Product-wgr-500wgr-500_firmwareWGR-500
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2025-40889
Assigner-Nozomi Networks Inc.
ShareView Details
Assigner-Nozomi Networks Inc.
CVSS Score-7.2||HIGH
EPSS-0.10% / 27.20%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 12:37
Updated-09 Oct, 2025 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0

A path traversal vulnerability was discovered in the Time Machine functionality due to missing validation of two input parameters. An authenticated user with limited privileges, by issuing a specifically-crafted request, can potentially alter the structure and content of files in the /data folder, and/or affect their availability.

Action-Not Available
Vendor-nozominetworksNozomi Networks
Product-guardiancmcGuardianCMC
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-3718
Assigner-Nozomi Networks Inc.
ShareView Details
Assigner-Nozomi Networks Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.06% / 17.70%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 12:33
Updated-09 Oct, 2025 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Client-side path traversal in Guardian/CMC before 25.2.0

A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can craft a malicious URL which, if visited by an authenticated victim, leads to a Cross-Site Scripting (XSS) attack.

Action-Not Available
Vendor-nozominetworksNozomi Networks
Product-guardiancmcGuardianCMC
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11389
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 11:32
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC15 saveAutoQos stack-based overflow

A security flaw has been discovered in Tenda AC15 15.03.05.18. Affected is an unknown function of the file /goform/saveAutoQos. Performing a manipulation of the argument enable results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15ac15_firmwareAC15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11388
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 11:02
Updated-24 Feb, 2026 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC15 setNotUpgrade stack-based overflow

A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15_firmwareac15AC15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11387
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 10:32
Updated-24 Feb, 2026 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC15 fast_setting_pppoe_set stack-based overflow

A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fast_setting_pppoe_set. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15_firmwareac15AC15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11386
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 10:02
Updated-24 Feb, 2026 | 06:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC15 POST Parameter SetDDNSCfg stack-based overflow

A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15_firmwareac15AC15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11385
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.77%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 09:32
Updated-24 Feb, 2026 | 06:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC20 fast_setting_wifi_set sscanf buffer overflow

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac20_firmwareac20AC20
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11356
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 07:02
Updated-24 Feb, 2026 | 06:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC23 SetStaticRouteCfg sscanf buffer overflow

A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac23ac23_firmwareAC23
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11355
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.33%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 06:32
Updated-08 Jan, 2026 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UTT 1250GW aspChangeChannel strcpy buffer overflow

A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Affected by this vulnerability is the function strcpy of the file /goform/aspChangeChannel. The manipulation of the argument pvid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-uttUTT
Product-1250gw1250gw_firmware1250GW
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-10162
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.80%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 06:00
Updated-08 Oct, 2025 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OrderConvo < 14 - Unauthenticated Arbitrary File Read

The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files via a path traversal attack

Action-Not Available
Vendor-Unknown
Product-Admin and Customer Messages After Order for WooCommerce: OrderConvo
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11339
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.18% / 39.76%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 16:32
Updated-19 Nov, 2025 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7100G C1 jhttpd hi_block.asp sub_4BD4F8 buffer overflow

A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7100g_c1_firmwaredi-7100g_c1DI-7100G C1
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11338
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.20% / 41.94%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 16:02
Updated-19 Nov, 2025 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7100G C1 jhttpd login.cgi sub_4C0990 buffer overflow

A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7100g_c1_firmwaredi-7100g_c1DI-7100G C1
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11337
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.20%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 13:32
Updated-06 Oct, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Four-Faith Water Conservancy Informatization Platform download.do;othersusrlogout.do path traversal

A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. This affects an unknown part of the file /aloneReport/index.do/../../aloneReport/download.do;othersusrlogout.do. Performing manipulation of the argument fileName results in path traversal. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Four-Faith
Product-Water Conservancy Informatization Platform
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11336
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 26.20%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 13:02
Updated-06 Oct, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Four-Faith Water Conservancy Informatization Platform download.do;otherlogout.do path traversal

A security vulnerability has been detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. Affected by this issue is some unknown functionality of the file /stAlarmConfigure/index.do/../../aloneReport/download.do;otherlogout.do. Such manipulation of the argument fileName leads to path traversal. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Four-Faith
Product-Water Conservancy Informatization Platform
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11328
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 08:32
Updated-24 Feb, 2026 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC18 SetDDNSCfg stack-based overflow

A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac18ac18_firmwareAC18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11327
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 08:02
Updated-24 Feb, 2026 | 06:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC18 SetUpnpCfg stack-based overflow

A security vulnerability has been detected in Tenda AC18 15.03.05.19(6318). This vulnerability affects unknown code of the file /goform/SetUpnpCfg. The manipulation of the argument upnpEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac18ac18_firmwareAC18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11326
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 07:32
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC18 WifiMacFilterSet stack-based overflow

A weakness has been identified in Tenda AC18 15.03.05.19(6318). This affects an unknown part of the file /goform/WifiMacFilterSet. Executing a manipulation of the argument wifi_chkHz can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac18ac18_firmwareAC18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-58591
Assigner-SICK AG
ShareView Details
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 25.04%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 07:07
Updated-27 Jan, 2026 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path Traversal

A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.

Action-Not Available
Vendor-SICK AG
Product-logistic_diagnostic_analyticspackage_analyticstire_analyticsbaggage_analyticsPackage AnalyticsTire AnalyticsLogistic Diagnostic AnalyticsBaggage Analytics
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-58590
Assigner-SICK AG
ShareView Details
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 25.04%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 07:06
Updated-27 Jan, 2026 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path traversal

It's possible to brute force folders and files, what can be used by an attacker to steal sensitve information.

Action-Not Available
Vendor-SICK AG
Product-logistic_diagnostic_analyticspackage_analyticstire_analyticsbaggage_analyticsPackage AnalyticsTire AnalyticsLogistic Diagnostic AnalyticsBaggage Analytics
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11325
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 07:02
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC18 fast_setting_pppoe_set stack-based overflow

A security flaw has been discovered in Tenda AC18 15.03.05.19(6318). Affected by this issue is some unknown functionality of the file /goform/fast_setting_pppoe_set. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac18ac18_firmwareAC18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11324
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 06:32
Updated-24 Feb, 2026 | 06:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC18 setNotUpgrade stack-based overflow

A vulnerability was identified in Tenda AC18 15.03.05.19(6318). Affected by this vulnerability is an unknown functionality of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac18ac18_firmwareAC18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-11323
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 06:02
Updated-08 Jan, 2026 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UTT 1250GW formUserStatusRemark strcpy buffer overflow

A vulnerability was determined in UTT 1250GW up to v2v3.2.2-200710. Affected is the function strcpy of the file /goform/formUserStatusRemark. This manipulation of the argument Username causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-uttUTT
Product-1250gw1250gw_firmware1250GW
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-60969
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.31% / 53.80%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 00:00
Updated-10 Oct, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information.

Action-Not Available
Vendor-endruntechnologiesn/a
Product-sonoma_d12_firmwaresonoma_d12n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-11305
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-05 Oct, 2025 | 21:32
Updated-08 Jan, 2026 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UTT HiPER 840G formTaskEdit strcpy buffer overflow

A vulnerability has been found in UTT HiPER 840G up to 3.1.1-190328. Affected by this issue is the function strcpy of the file /goform/formTaskEdit. The manipulation of the argument txtMin2 leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-uttUTT
Product-840g840g_firmwareHiPER 840G
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11302
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-05 Oct, 2025 | 20:02
Updated-24 Feb, 2026 | 06:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Belkin F9K1015 formWpsStart buffer overflow

A security vulnerability has been detected in Belkin F9K1015 1.00.10. This impacts an unknown function of the file /goform/formWpsStart. Such manipulation of the argument pinCode leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Belkin International, Inc.
Product-f9k1015f9k1015_firmwareF9K1015
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-11301
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.16% / 37.11%
||
7 Day CHG~0.00%
Published-05 Oct, 2025 | 19:32
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Belkin F9K1015 formWlanSetupWPS buffer overflow

A weakness has been identified in Belkin F9K1015 1.00.10. This affects an unknown function of the file /goform/formWlanSetupWPS. This manipulation of the argument webpage causes buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Belkin International, Inc.
Product-f9k1015_firmwaref9k1015F9K1015
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • ...
  • 31
  • 32
  • 33
  • ...
  • 605
  • 606
  • Next