Total
307489 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-7094 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2025-07-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument submit-url-ok leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-7133 | 1 Codeastro | 1 Online Movie Ticket Booking System | 2025-07-09 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7141 | 1 Mayurik | 1 Best Salon Management System | 2025-07-09 | 3.3 LOW | 2.4 LOW |
| A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /panel/edit_plan.php of the component Update Staff Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-20681 | 2 Mediatek, Openwrt | 7 Mt6890, Mt7615, Mt7622 and 4 more | 2025-07-09 | N/A | 9.8 CRITICAL |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416936; Issue ID: MSV-3446. | |||||
| CVE-2025-20682 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | N/A | 9.8 CRITICAL |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416937; Issue ID: MSV-3445. | |||||
| CVE-2025-20683 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | N/A | 9.8 CRITICAL |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444. | |||||
| CVE-2025-20684 | 1 Mediatek | 4 Mt7615, Mt7622, Mt7663 and 1 more | 2025-07-09 | N/A | 9.8 CRITICAL |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422. | |||||
| CVE-2025-20685 | 2 Mediatek, Openwrt | 7 Mt6890, Mt7915, Mt7916 and 4 more | 2025-07-09 | N/A | 8.8 HIGH |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416226; Issue ID: MSV-3409. | |||||
| CVE-2025-20686 | 2 Mediatek, Openwrt | 7 Mt6890, Mt7915, Mt7916 and 4 more | 2025-07-09 | N/A | 8.8 HIGH |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404. | |||||
| CVE-2025-20688 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | N/A | 5.5 MEDIUM |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480. | |||||
| CVE-2025-20689 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | N/A | 5.5 MEDIUM |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418048; Issue ID: MSV-3479. | |||||
| CVE-2025-20690 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | N/A | 5.5 MEDIUM |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418038; Issue ID: MSV-3478. | |||||
| CVE-2025-20691 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | N/A | 5.5 MEDIUM |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477. | |||||
| CVE-2025-20692 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | N/A | 5.5 MEDIUM |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476. | |||||
| CVE-2025-20693 | 4 Google, Linuxfoundation, Mediatek and 1 more | 26 Android, Yocto, Mt2737 and 23 more | 2025-07-09 | N/A | 6.5 MEDIUM |
| In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421. | |||||
| CVE-2025-28229 | 1 Orban | 2 Optimod 5950, Optimod 5950 Firmware | 2025-07-09 | N/A | 9.8 CRITICAL |
| Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows attackers to bypass authentication and gain Administrator privileges. | |||||
| CVE-2025-7158 | 1 Phpgurukul | 1 Zoo Management System | 2025-07-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-normal-ticket.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7159 | 1 Phpgurukul | 1 Zoo Management System | 2025-07-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/manage-animals.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-28230 | 1 Jmbroadcast | 2 Jmb0150, Jmb0150 Firmware | 2025-07-09 | N/A | 9.1 CRITICAL |
| Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access hardcoded administrator credentials. | |||||
| CVE-2025-7160 | 1 Phpgurukul | 1 Zoo Management System | 2025-07-09 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. This affects an unknown part of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||