Total
537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49489 | 2025-07-03 | N/A | 5.4 MEDIUM | ||
| Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (con_mgr components) allows Resource Leak Exposure. This vulnerability is associated with program files con_mgr/dialer_task.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. | |||||
| CVE-2024-12661 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2025-07-02 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-6140 | 1 Gabime | 1 Spdlog | 2025-07-02 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scoped_padder in the library include/spdlog/pattern_formatter-inl.h. The manipulation leads to resource consumption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Upgrading to version 1.15.2 is able to address this issue. The identifier of the patch is 10320184df1eb4638e253a34b1eb44ce78954094. It is recommended to upgrade the affected component. | |||||
| CVE-2025-6274 | 1 Webassembly | 1 Wabt | 2025-07-02 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the function OnDataCount of the file src/interp/binary-reader-interp.cc. The manipulation leads to resource consumption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. A similar issue reported during the same timeframe was disputed by the code maintainer because it might not affect "real world wasm programs". Therefore, this entry might get disputed as well in the future. | |||||
| CVE-2025-6817 | 1 Hdfgroup | 1 Hdf5 | 2025-07-01 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5C__load_entry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6530 | 2025-06-26 | 4.3 MEDIUM | 4.8 MEDIUM | ||
| A vulnerability was found in 70mai M300 up to 20250611. It has been classified as problematic. This affects an unknown part of the file demo.sh of the component Telnet Service. The manipulation leads to denial of service. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-6401 | 1 Totolink | 2 N300rh, N300rh Firmware | 2025-06-25 | 2.3 LOW | 3.5 LOW |
| A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-57493 | 1 Redox-os | 1 Redox | 2025-06-25 | N/A | 5.5 MEDIUM |
| An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the setsockopt function. | |||||
| CVE-2024-27527 | 1 Wasm3 Project | 1 Wasm3 | 2025-06-24 | N/A | 7.5 HIGH |
| wasm3 139076a is vulnerable to Denial of Service (DoS). | |||||
| CVE-2025-4867 | 1 Tenda | 2 A15, A15 Firmware | 2025-06-24 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as problematic. Affected by this vulnerability is the function formArpNerworkSet of the file /goform/ArpNerworkSet. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6496 | 2025-06-23 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1925 | 1 Open5gs | 1 Open5gs | 2025-06-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amf_nsmf_pdusession_handle_update_sm_context of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. This vulnerability allows a single UE to crash the AMF, resulting in the complete loss of mobility and session management services and causing a network-wide outage. All registered UEs will lose connectivity, and new registrations will be blocked until the AMF is restarted, leading to a high availability impact. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-25899 | 1 Tp-link | 2 Tl-wr841nd V11, Tl-wr841nd V11 Firmware | 2025-06-20 | N/A | 3.5 LOW |
| A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter at /userRpm/WanDynamicIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | |||||
| CVE-2024-3652 | 1 Libreswan | 1 Libreswan | 2025-06-17 | N/A | 6.5 MEDIUM |
| The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected. | |||||
| CVE-2025-5935 | 2025-06-12 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function common_register_state of the file src/mme/emm-sm.c of the component AMF/MME. The manipulation of the argument ran_ue_id leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 62cb99755243c9c38e4c060c5d8d0e158fe8cdd5. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2023-34969 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Dbus | 2025-06-09 | N/A | 6.5 MEDIUM |
| D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6. | |||||
| CVE-2025-1373 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The patch is identified as 43be8d07281caca2e88bfd8ee2333633e1fb1a13. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-4749 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-06-03 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This vulnerability affects the function sub_4983B0 of the file /H5/backup.asp?opt=reset of the component Factory Reset Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5404 | 2025-06-02 | 2.9 LOW | 4.3 MEDIUM | ||
| A vulnerability classified as problematic was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This vulnerability affects unknown code of the file /search.php of the component GET Parameter Handler. The manipulation of the argument Search leads to denial of service. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-5324 | 2025-05-30 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub_140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||