[CVE-2025-2691: HIGH] Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism. https://lnkd.in/eZ28zwMv
CVE Find
Computer- und Netzwerksicherheit
Neuchâtel, NE 181 Follower:innen
World Stay Ahead of Threats: Your Ultimate CVE Directory
Info
CVEfind.com is an innovative platform offering a comprehensive database of critical vulnerabilities. Updated in real time, it is an essential tool for cybersecurity experts to manage threats and strengthen IT security. By integrating the CVE, CPE, CWE and CAPEC standards, it provides professionals with a comprehensive and reliable tool for assessing, treating and remedying risks in real time, to guarantee optimum cybersecurity. Each vulnerability is accompanied by full details: description, severity score, and severity classification. This enables experts to make informed decisions and react quickly to protect their systems.
- Website
-
www.cvefind.com
Externer Link zu CVE Find
- Branche
- Computer- und Netzwerksicherheit
- Größe
- 2–10 Beschäftigte
- Hauptsitz
- Neuchâtel, NE
- Art
- Privatunternehmen
Orte
-
Primär
Wegbeschreibung
Rue du Puits Godet 10
Neuchâtel, NE 2000, CH
Updates
-
[CVE-2025-2621: CRITICAL] Critical cyber security vulnerability found in D-Link DAP-1620 1.03! Vulnerability in check_dws_cookie can lead to stack-based buffer overflow. Attack possible remotely on unsupported products. Exploit disclosed publicly. https://lnkd.in/e4xmaZzc
-
-
[CVE-2025-2620: CRITICAL] Critical vulnerability found in D-Link DAP-1620 1.03's Authentication Handler component can allow remote stack-based buffer overflow attacks due to a disclosed exploit. Products no longer supported are impacted. https://lnkd.in/ehcKeMhy
-
-
[CVE-2025-2619: CRITICAL] Critical vulnerability discovered in D-Link DAP-1620 1.03 Cookie Handler component. Potential for remote stack-based buffer overflow attack. Impact limited to outdated products. Keep systems updated for cyber security. https://lnkd.in/e3b3d_86
-
-
[CVE-2025-2618: CRITICAL] Critical vulnerability discovered in D-Link DAP-1620 1.03 with potential remote attack through heap-based buffer overflow in the Path Handler component. Users with unsupported products are at risk. https://lnkd.in/er_zNq4j
-
-
[CVE-2025-2303: HIGH] Warning: WordPress plugin Block Logic has a critical security flaw allowing RCE attacks in versions up to 1.0.8. Attackers with Contributor access can exploit this. Update plugin immediately to stay secure. https://lnkd.in/ed-ZEnG5
-
-
[CVE-2025-0724: HIGH] WordPress Plugin ProfileGrid, up to version 5.9.4.5, is susceptible to PHP Object Injection, allowing authorized attackers to inject PHP Objects. The exploit requires potential POP chains from other installed plugins or themes for serious impact. https://lnkd.in/eKPUXufy
-
-
[CVE-2025-30472: CRITICAL] Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. https://lnkd.in/exahpVtD
-
-
[CVE-2023-43029: CRITICAL] IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment. https://lnkd.in/ee3gGkRB
-
-
[CVE-2025-29927: CRITICAL] Update Next.js to versions 14.2.25 or 15.2.3 to fix a vulnerability allowing bypass of authorization checks in middleware. Block requests with the x-middleware-subrequest header for added security. Keep your web app safe from cyber threats. https://lnkd.in/e2VQ2EtF
-