Total
386 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27853 | 3 Cisco, Ieee, Ietf | 308 Catalyst 3650-12x48fd-e, Catalyst 3650-12x48fd-l, Catalyst 3650-12x48fd-s and 305 more | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. | |||||
| CVE-2025-1104 | 1 Dlink | 2 Dhp-w310av, Dhp-w310av Firmware | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authentication bypass by spoofing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2021-27862 | 2 Ieee, Ietf | 2 Ieee 802.2, P802.1q | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers). | |||||
| CVE-2021-27861 | 2 Ieee, Ietf | 2 Ieee 802.2, P802.1q | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers) | |||||
| CVE-2021-27854 | 2 Ieee, Ietf | 2 Ieee 802.2, P802.1q | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse. | |||||
| CVE-2025-3875 | 2025-05-16 | N/A | 7.5 HIGH | ||
| Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1. | |||||
| CVE-2025-3909 | 2025-05-16 | N/A | 6.5 MEDIUM | ||
| Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1. | |||||
| CVE-2025-48027 | 2025-05-16 | N/A | 5.4 MEDIUM | ||
| The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary controls DNS resolution for pginaloginserver. | |||||
| CVE-2024-22520 | 1 Dronetag | 1 Drone Scanner | 2025-05-15 | N/A | 8.2 HIGH |
| An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones via transmission of crafted data packets. | |||||
| CVE-2024-13685 | 1 Wpase | 1 Admin And Site Enhancements | 2025-05-14 | N/A | 5.3 MEDIUM |
| The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10. | |||||
| CVE-2024-25595 | 1 Wmpudev | 1 Defender Security | 2025-05-13 | N/A | 5.3 MEDIUM |
| Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1. | |||||
| CVE-2024-31008 | 1 Wuzhicms | 1 Wuzhicms | 2025-05-13 | N/A | 6.5 MEDIUM |
| An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file. | |||||
| CVE-2025-24091 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-12 | N/A | 5.5 MEDIUM |
| An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service. | |||||
| CVE-2025-28128 | 1 Mytel | 1 Telecom Online Account System | 2025-05-12 | N/A | 7.0 HIGH |
| An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request. | |||||
| CVE-2025-27695 | 2025-05-12 | N/A | 4.9 MEDIUM | ||
| Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by Spoofing vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure. | |||||
| CVE-2022-42983 | 1 Anji-plus | 1 Aj-report | 2025-05-10 | N/A | 8.8 HIGH |
| anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens. | |||||
| CVE-2024-58126 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-58127 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2025-31170 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-58125 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||