Skip to main content
CVE-2024-49842 HIGH This Week

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware +173
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45554 HIGH PATCH This Week

Memory corruption during concurrent SSR execution due to race condition on the global maps list. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware +18
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-45565 HIGH PATCH This Week

Memory corruption when blob structure is modified by user-space after kernel verification. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sdm429w Firmware Snapdragon 429 Mobile Firmware Wcn3620 Firmware Wcn3660b Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-46584 HIGH This Week

Vulnerability of improper authentication logic implementation in the file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Harmonyos
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21459 HIGH PATCH This Week

Transient DOS while parsing per STA profile in ML IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +119
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-49847 HIGH This Week

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 7800 Firmware Qca6574au Firmware Qca6584au Firmware +43
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-2802 HIGH This Week

The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE WordPress Code Injection PHP
NVD
CVSS 3.1
7.3
EPSS
1.4%
CVE-2025-0853 HIGH This Week

The PGS Core plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'save_header_builder' function in all versions up to, and including, 5.8.0 due to insufficient. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi PHP
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-2898 HIGH This Week

IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Maximo Application Suite
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-46585 HIGH This Week

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability. Rated high severity (CVSS 7.5). No vendor patch available.

Memory Corruption Buffer Overflow Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-0856 HIGH This Week

The PGS Core plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Authentication Bypass PHP
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2025-46762 HIGH PATCH This Week

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache RCE Parquet Red Hat
NVD
CVSS 4.0
7.1
EPSS
0.4%
CVE-2025-46820 HIGH This Week

phpgt/Dom provides access to modern DOM APIs. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
7.1
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy