CVE ID : CVE-2025-6391
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : Brocade ASCG before 3.3.0 logs JSON
Web Tokens (JWT) in log files. An attacker with access to the log files
can withdraw the unencrypted tokens with security implications, such as
unauthorized access, session hijacking, and information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7762
Published : July 17, 2025, 10:15 p.m. | 4 hours, 14 minutes ago
Description : A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7758
Published : July 17, 2025, 10:15 p.m. | 4 hours, 14 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748_B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7397
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : A vulnerability in the ascgshell, of
Brocade ASCG before 3.3.0 stores any command executed in the Command
Line Interface (CLI) in plain text within the command history. A local
authenticated user that can access sensitive information like passwords
within the CLI history leading to unauthorized access and potential data
breaches.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7398
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7759
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0. This affects an unknown part of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. The manipulation of the argument Source leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1c5e49b0818037452148e0f8ff69ed04cb8fefdc. It is recommended to apply a patch to fix this issue.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7764
Published : July 17, 2025, 11:15 p.m. | 2 hours, 7 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /admin/deletedoctorclinic.php. The manipulation of the argument clinic leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7763
Published : July 17, 2025, 11:15 p.m. | 2 hours, 7 minutes ago
Description : A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue. Multiple endpoints are affected.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6185
Published : July 18, 2025, 12:15 a.m. | 1 hour, 7 minutes ago
Description : Leviton AcquiSuite and Energy Monitoring Hub
are susceptible to a cross-site scripting vulnerability, allowing
an attacker to craft a malicious payload in URL parameters, which would
execute in a client browser when accessed by a user, steal session
tokens, and control the service.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7765
Published : July 17, 2025, 11:15 p.m. | 2 hours, 7 minutes ago
Description : A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addmanagerclinic.php. The manipulation of the argument clinic leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-13972
Published : July 17, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-42209
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-23267
Published : July 17, 2025, 8:15 p.m. | 29 minutes ago
Description : NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-23266
Published : July 17, 2025, 8:15 p.m. | 29 minutes ago
Description : NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1729
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-0886
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1700
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the software.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-23270
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive information via a side channel vulnerability. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-2818
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol adopted by Motorola Smart Connect Android Application that could allow a nearby attacker within the Bluetooth interaction range to intercept files when transferred to a device not paired in Smart Connect.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3753
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : A code execution vulnerability has been identified in the Robot Operating System (ROS) ‘rosbag’ tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the ‘rosbag filter’ command. This flaw enables attackers to craft and execute arbitrary Python code.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…