CVE Alert: CVE-2025-1048
Vulnerability Summary: CVE-2025-1048 Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
Vulnerabilities
CVE Alert: CVE-2025-45429
Vulnerability Summary: CVE-2025-45429 In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart,...
CVE Alert: CVE-2025-1047
Vulnerability Summary: CVE-2025-1047 Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote...
CVE Alert: CVE-2025-46394
Vulnerability Summary: CVE-2025-46394 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through...
CVE Alert: CVE-2025-1049
Vulnerability Summary: CVE-2025-1049 Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-1521
Vulnerability Summary: CVE-2025-1521 PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information...
CVE Alert: CVE-2025-1520
Vulnerability Summary: CVE-2025-1520 PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-1522
Vulnerability Summary: CVE-2025-1522 PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information...
CVE Alert: CVE-2025-1046
Vulnerability Summary: CVE-2025-1046 Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
CVE Alert: CVE-2025-1045
Vulnerability Summary: CVE-2025-1045 Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote...
CVE Alert: CVE-2025-2768
Vulnerability Summary: CVE-2025-2768 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...
CVE Alert: CVE-2025-29526
Vulnerability Summary: CVE-2025-29526 A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations Platform v5.147.1.2 allows...
CVE Alert: CVE-2025-2760
Vulnerability Summary: CVE-2025-2760 GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
CVE Alert: CVE-2025-2769
Vulnerability Summary: CVE-2025-2769 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...
CVE Alert: CVE-2025-1050
Vulnerability Summary: CVE-2025-1050 Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary...
CVE Alert: CVE-2025-2767
Vulnerability Summary: CVE-2025-2767 Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
CVE Alert: CVE-2025-2765
Vulnerability Summary: CVE-2025-2765 CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication...
CVE Alert: CVE-2025-2762
Vulnerability Summary: CVE-2025-2762 CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...
CVE Alert: CVE-2025-2763
Vulnerability Summary: CVE-2025-2763 CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to...
CVE Alert: CVE-2025-2764
Vulnerability Summary: CVE-2025-2764 CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to...
CVE Alert: CVE-2025-3900
Vulnerability Summary: CVE-2025-3900 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Colorbox allows Cross-Site Scripting...
CVE Alert: CVE-2025-3902
Vulnerability Summary: CVE-2025-3902 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Class allows Cross-Site...
CVE Alert: CVE-2025-2773
Vulnerability Summary: CVE-2025-2773 BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers...
CVE Alert: CVE-2025-3901
Vulnerability Summary: CVE-2025-3901 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Bootstrap Site Alert allows...
