Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2025-8813 A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This vulnerability affects the function changeLanguage of the file src/main/java/co/yiiu/pybbs/controller/front... | 3.5 | LOW | — | 0 |
| CVE-2025-8814 A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function setCookie of the file src/main/java/co/yiiu/pybbs/util/CookieUtil.java. The manipula... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-8815 A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. It has been classified as critical. Affected is an unknown function of the file /index of the component Shiro C... | 7.3 | HIGH | — | 0 |
| CVE-2025-55624 An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access internal functions or access non-public components. | 5.3 | MEDIUM | — | 0 |
| CVE-2025-8816 A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the ar... | 8.8 | HIGH | — | 0 |
| CVE-2025-8817 A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setLan of the file /goform/setLan. The manipu... | 8.8 | HIGH | — | 0 |
| CVE-2025-8818 A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setDFSSetting of the file /goform/setLan. The manipul... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8819 A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument sta... | 8.8 | HIGH | — | 0 |
| CVE-2025-8820 A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function wirelessBasic of the file /goform/wirelessBasic. The... | 8.8 | HIGH | — | 0 |
| CVE-2025-8821 A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function RP_setBasic of the file /goform/RP_setBasic. The manipulatio... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8822 A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function algDisable of the file /goform/setOpMode. The manipulation of the a... | 8.8 | HIGH | — | 0 |
| CVE-2025-8823 A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setDeviceName of the file /goform/setDeviceName. T... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8824 A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setRIP of the file /goform/setRIP. The manipulation o... | 8.8 | HIGH | — | 0 |
| CVE-2025-8825 A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function RP_setBasicAuto of the file /goform/RP_setBasicAuto. The manipulat... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8826 A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function um_rp_autochannel of the file /goform/RP_setBasicAut... | 8.8 | HIGH | — | 0 |
| CVE-2025-8827 A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function um_inspect_cross_band of the file /goform/RP_setBasicAuto. The ma... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8828 A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function ipv6cmd of the file /goform/setIpv6. The manipulation of the argume... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8829 A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function um_red of the file /goform/RP_setBasicAuto. T... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8830 A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function sub_3517C of the file /goform/setWan. The manipulatio... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8831 A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation... | 8.8 | HIGH | — | 0 |
| CVE-2025-55631 Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to manage users' sessions system wide instead of an account-by-account basis, potentially lea... | 4.0 | MEDIUM | — | 0 |
| CVE-2025-8832 A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function setDMZ of the file /goform/setDMZ. The manipulation ... | 8.8 | HIGH | — | 0 |
| CVE-2025-8833 A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwitchBack of the file /goform/langSwitchBack. The manip... | 8.8 | HIGH | — | 0 |
| CVE-2025-8835 A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Convers... | 3.3 | LOW | — | 0 |
| CVE-2025-8660 Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-8661 A stored Cross-Site Scripting vulnerability (XSS) occurs when the server does not properly validate or encode the data entered by the user. | 6.1 | MEDIUM | — | 0 |
| CVE-2025-7642 The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7.0 to 1.1.9. This is due to the plugin not properly verifying a user's identity prior to logging them in... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-8836 A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation l... | 3.3 | LOW | — | 0 |
| CVE-2025-8837 A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to u... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-8838 A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Int... | 7.3 | HIGH | — | 0 |
| CVE-2025-8839 A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorizat... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8840 A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to i... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-55409 FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. This allows attackers to execute arbitrary code. | 8.8 | HIGH | — | 0 |
| CVE-2025-8841 A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-8842 A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to b... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-8843 A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is ... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-8844 A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference... | 3.3 | LOW | — | 0 |
| CVE-2025-8672 MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local use... | 7.8 | HIGH | — | 0 |
| CVE-2025-8845 A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-8846 A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-8847 A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeCo... | 3.5 | LOW | — | 0 |
| CVE-2025-8852 A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to informati... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-53187 Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability ma... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-7677 A denial-of-service (DoS) attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects... | 5.9 | MEDIUM | — | 0 |
| CVE-2025-7679 The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT | 8.1 | HIGH | — | 0 |
| CVE-2025-55574 Cross Site Scripting vulnerability in docmost v.0.21.0 and before allows an attacker to execute arbitrary code | 6.1 | MEDIUM | — | 0 |
| CVE-2025-7839 The Restore Permanently delete Post or Page Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce v... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-7841 The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19. This is due to missing or... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-7842 The Silencesoft RSS Reader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.6. This is due to missing or incorrect nonce validation on the 'sil_... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-7957 The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘author_link_target’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitiza... | 6.4 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.