Skip to main content
CVE-2025-60892 MEDIUM This Month

An issue in Raspberry Pi Imager version 1.9.6 for Windows, affecting its OS customization feature. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-45663 MEDIUM POC This Week

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netsurf
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-29699 MEDIUM POC This Week

NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Netsurf
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-51317 MEDIUM POC This Week

An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Netsurf
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the.

Denial Of Service Linux Linux Kernel
NVD
EPSS
0.1%
CVE-2025-48397 HIGH This Month

The privileged user could log in without sufficient credentials after enabling an application protocol. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-48396 HIGH This Month

Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload RCE
NVD
CVSS 3.1
8.3
EPSS
0.1%
CVE-2025-12622 HIGH This Month

A vulnerability was determined in Tenda AC10 16.03.10.13. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Ac10 Firmware
NVD VulDB
CVSS 4.0
7.4
EPSS
0.1%
CVE-2025-12619 HIGH This Month

A vulnerability was found in Tenda A15 15.13.07.13. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tenda Buffer Overflow A15 Firmware
NVD VulDB
CVSS 4.0
7.4
EPSS
0.1%
CVE-2025-12618 HIGH This Month

A vulnerability has been found in Tenda AC8 16.03.34.06. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tenda Buffer Overflow Ac8 Firmware
NVD VulDB
CVSS 4.0
7.4
EPSS
0.2%
CVE-2025-12503 HIGH This Month

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-12611 HIGH POC This Month

A vulnerability was identified in Tenda AC21 16.03.08.16. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac21 Firmware
NVD GitHub VulDB
CVSS 4.0
7.4
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy