Skip to main content
CVE-2025-44896 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44894 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44891 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44883 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44882 CRITICAL POC THREAT Act Now

A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Command Injection Wl Wn579a3 Firmware
NVD
CVSS 3.1
9.8
EPSS
13.0%
CVE-2025-44880 CRITICAL POC THREAT Act Now

A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Command Injection Wl Wn579a3 Firmware
NVD
CVSS 3.1
9.8
EPSS
13.0%
CVE-2025-4997 HIGH This Month

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.2%
CVE-2025-44887 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44886 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44884 CRITICAL POC Act Now

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Wgs 804Hpt Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-44881 CRITICAL POC THREAT Act Now

A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

RCE Command Injection Code Injection Wl Wn579a3 Firmware
NVD
CVSS 3.1
9.8
EPSS
13.0%
CVE-2025-4996 MEDIUM Monitor

A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-47290 HIGH PATCH This Month

containerd is a container runtime. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Containerd Red Hat Suse
NVD GitHub
CVSS 4.0
7.6
EPSS
0.1%
CVE-2025-4364 HIGH This Month

The affected products could allow an unauthenticated attacker to access system information that could enable further access to sensitive files and obtain administrative credentials. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-48391 HIGH This Month

In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Youtrack
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-47854 MEDIUM Monitor

In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Teamcity
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-47853 MEDIUM Monitor

In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian XSS Teamcity
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-47852 MEDIUM Monitor

In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Teamcity
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-47851 MEDIUM Monitor

In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Teamcity
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-47850 MEDIUM Monitor

In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Youtrack
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-47277 CRITICAL POC PATCH Act Now

vLLM, an inference and serving engine for large language models (LLMs), has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the `PyNcclPipe` KV cache transfer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization Vllm Pytorch AI / ML Red Hat
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2025-46725 HIGH PATCH This Month

Langroid is a Python framework to build large language model (LLM)-powered applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Python Langroid
NVD GitHub
CVSS 4.0
8.1
EPSS
0.4%
CVE-2025-46724 CRITICAL POC PATCH GHSA Act Now

Langroid is a Python framework to build large language model (LLM)-powered applications. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Python Langroid
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-37991 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix double SIGFPE crash Camm noticed that on parisc a SIGFPE exception will crash an application with a second SIGFPE in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-37990 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() The function brcmf_usb_dl_writeimage() calls the function. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Linux Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37989 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition, which was traced to a memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37988 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNT_TREE_BENEATH handling by do_move_mount() Normally do_lock_mount(path, _) is locking a mountpoint. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2025-37987 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: pds_core: Prevent possible adminq overflow/stuck condition The pds_core's adminq is protected by the adminq_lock, which prevents. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Linux Linux Kernel Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37986 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Invalidate USB device pointers on partner unregistration To avoid using invalid USB device pointers after a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-37985 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: USB: wdm: close race between wdm_open and wdm_wwan_port_stop Clearing WDM_WWAN_IN_USE must be the last action or we can open a. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Race Condition Linux Kernel Debian Linux +2
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2025-37984 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37983 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: qibfs: fix _another_ leak failure to allocate inode => leaked dentry... Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Linux Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37982 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in wl1251_tx_work The skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails with a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37981 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use is_kdump_kernel() to check for kdump The smartpqi driver checks the reset_devices variable to determine whether. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-37979 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix sc7280 lpass potential buffer overflow Case values introduced in commit 5f78e1fb7a3e ("ASoC: qcom: Add driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux Linux Kernel Debian Linux +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-37978 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: block: integrity: Do not call set_page_dirty_lock() Placing multiple protection information buffers inside the same page can lead. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-37977 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set If dma-coherent property isn't set then descriptors are. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Samsung Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-37976 Awaiting Data

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD
CVE-2025-37975 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows rel[j] to access one element past the end of the. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-37974 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpci_create_device() error return The zpci_create_device() function returns an error pointer that. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-37973 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation Currently during the multi-link element. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-37971 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2_dev Commit 42a2f6664e18 ("staging: vc04_services: Move global g_state to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-37970 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo Prevent st_lsm6dsx_read_fifo from falling in an infinite loop in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37969 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo Prevent st_lsm6dsx_read_tagged_fifo from falling in an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37967 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix deadlock This patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock functions to the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Debian Linux Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-37965 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix invalid context error in dml helper [Why] "BUG: sleeping function called from invalid context" error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Amd Linux Information Disclosure Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-48018 HIGH This Month

An authenticated user can modify application state data. Rated high severity (CVSS 7.5). No vendor patch available.

Deserialization
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-48017 CRITICAL This Week

Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
9.0
EPSS
0.4%
CVE-2025-48016 MEDIUM Monitor

OpenFlow discovery protocol can exhaust resources because it is not rate limited. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-48015 LOW Monitor

Failed login response could be different depending on whether the username was local or central. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
3.7
EPSS
0.2%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy