Skip to main content
CVE-2025-52918 MEDIUM PATCH This Month

CVE-2025-52918 is a security vulnerability (CVSS 5.0). Remediation should follow standard vulnerability management procedures.

Authentication Bypass
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2025-52917 MEDIUM PATCH This Month

The Yealink RPS API before 2025-05-26 lacks rate limiting, potentially enabling information disclosure via excessive requests.

Information Disclosure Denial Of Service
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-3629 MEDIUM This Month

CVE-2025-3629 is a security vulnerability (CVSS 4.3) that allows an authenticated user. Remediation should follow standard vulnerability management procedures.

Information Disclosure IBM Infosphere Information Server
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-52919 MEDIUM PATCH This Month

A security vulnerability in Yealink RPS (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-6217 LOW Monitor

PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of PEAK-System Driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the PCANFD_ADD_FILTERS IOCTL. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-24161.

RCE Information Disclosure
NVD
CVSS 3.1
2.5
EPSS
0.0%
CVE-2025-52916 LOW PATCH Monitor

A remote code execution vulnerability (CVSS 2.2). Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.1
2.2
EPSS
0.0%
CVE-2025-52556 PATCH Monitor

rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to version 1.0.3, there is a flaw in the timestamp response signature verification logic. In particular, chain verification is performed against the TSR's embedded certificates up to the trusted root(s), but fails to verify the TSR's own signature against the timestamping leaf certificates. Consequently, vulnerable versions perform insufficient signature validation to properly consider a TSR verified, as the attacker can introduce any TSR signature so long as the embedded leaf chains up to some root TSA. This issue has been patched in version 1.0.3. There is no workaround for this issue.

Information Disclosure Python
NVD GitHub
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy