Skip to main content
CVE-2025-8651 MEDIUM This Month

Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8650 MEDIUM This Month

Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8649 MEDIUM This Month

Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8648 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8647 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8646 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8645 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8644 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8643 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8642 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8641 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8640 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8639 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8638 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8637 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8636 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8635 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8634 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8633 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8632 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8631 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8630 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8629 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-8628 MEDIUM This Month

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2025-6259 MEDIUM This Month

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-54623 MEDIUM This Month

Out-of-bounds read vulnerability in the devicemanager module. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Harmonyos
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-54622 HIGH This Month

Binding authentication bypass vulnerability in the devicemanager module. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Harmonyos
NVD
CVSS 3.1
8.3
EPSS
0.0%
CVE-2025-54621 MEDIUM This Month

Iterator failure issue in the WantAgent module. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-54606 HIGH This Month

Status verification vulnerability in the lock screen module. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-54879 MEDIUM PATCH This Month

Mastodon is a free, open-source social network server based on ActivityPub Mastodon which facilitates LDAP configuration for authentication. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Mastodon
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-54876 MEDIUM This Month

The Janssen Project is an open-source identity and access management (IAM) platform. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-54873 LOW PATCH Monitor

RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
2.7
EPSS
0.1%
CVE-2025-54872 HIGH This Month

onion-site-template is a complete, scalable tor hidden service self-hosting sample. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-54869 MEDIUM PATCH This Month

FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service PHP
NVD GitHub
CVSS 4.0
6.0
EPSS
0.1%
CVE-2025-54801 HIGH PATCH This Month

Fiber is an Express inspired web framework written in Go. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Fiber Suse
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-54594 CRITICAL This Week

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Node.js
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-54571 MEDIUM POC PATCH This Week

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Nginx Apache XSS Modsecurity Red Hat +1
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-54124 HIGH POC PATCH This Month

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Xwiki
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy