24h | 7d | 30d

CVE-2025-68929

Overview

  • frappe
  • frappe
29 Dec 2025
Published
29 Dec 2025
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
Pending
KEV

Description

Frappe is a full-stack web application framework. Prior to versions 14.99.6 and 15.88.1, an authenticated user with specific permissions could be tricked into accessing a specially crafted link. This could lead to a malicious template being executed on the server, resulting in remote code execution. Versions 14.99.6 and 15.88.1 fix the issue. No known workarounds are available.

Statistics

  • 1 Post
Last activity: 19 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐Ÿ”ด CVE-2025-68929 - Critical (9)

Frappe is a full-stack web application framework. Prior to versions 14.99.6 and 15.88.1, an authenticated user with specific permissions could be tricked into accessing a specially crafted link. This could lead to a malicious template being execut...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 19h ago

CVE-2025-15358

Overview

  • Delta Electronics
  • DVP-12SE11T
30 Dec 2025
Published
30 Dec 2025
Updated
CVSS v3.1
HIGH (7.5)
EPSS
Pending
KEV

Description

DVP-12SE11T - Denial of Service Vulnerability

Statistics

  • 1 Post
Last activity: 1 hour ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2025-15358 - High (7.5)

DVP-12SE11T - Denial of Service Vulnerability

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 1h ago

CVE-2025-15230

Overview

  • Tenda
  • M3
30 Dec 2025
Published
30 Dec 2025
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV

Description

A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2025-15230 - High (8.8)

A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. R...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 3h ago

CVE-2025-15215

Overview

  • Tenda
  • AC10U
30 Dec 2025
Published
30 Dec 2025
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV

Description

A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Statistics

  • 1 Post
Last activity: 7 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2025-15215 - High (8.8)

A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buff...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 7h ago

CVE-2025-55061

Overview

  • Priority
  • Web
29 Dec 2025
Published
29 Dec 2025
Updated
CVSS v3.1
HIGH (8.8)
EPSS
Pending
KEV

Description

CWE-434 Unrestricted Upload of File with Dangerous Type

Statistics

  • 1 Post
Last activity: 16 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2025-55061 - High (8.8)

CWE-434 Unrestricted Upload of File with Dangerous Type

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 16h ago

CVE-2019-5591

Overview

  • Fortinet
  • Fortinet FortiOS
14 Aug 2020
Published
21 Oct 2025
Updated
CVSS
Pending
EPSS
49.18%
KEV

Description

A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.

Statistics

  • 1 Post
Last activity: 19 hours ago

Bluesky

Profile picture
CyberHub @cyberhub.blog
๐Ÿ“Œ Critical FortiOS Vulnerability (CVE-2019-5591) Actively Exploited to Bypass 2FA on FortiGate Firewalls https://www.cyberhub.blog/article/17360-critical-fortios-vulnerability-cve-2019-5591-actively-exploited-to-bypass-2fa-on-fortigate-firewalls
  • 0
  • 0
  • 0
  • 19h ago

CVE-2025-67108

Overview

  • Pending
23 Dec 2025
Published
23 Dec 2025
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

Statistics

  • 1 Post
Last activity: 8 hours ago

Bluesky

Profile picture
ใ‚ฑใ‚ค | ๅ‰ฏๆฅญWebใƒฉใ‚คใ‚ฟใƒผ๐Ÿ“– @keiwork35.bsky.social
ใ€็ทŠๆ€ฅใ€‘CVE-2025-67108 ใฎ่„†ๅผฑๆ€งใซ้–ขใ™ใ‚‹ๆณจๆ„ๅ–š่ตท ่„†ๅผฑๆ€งใฎๆฆ‚่ฆ eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections. ้ …็›ฎ ๅ†…ๅฎน CVE็•ชๅท CVE-2025-67108 ๅ…ฌ้–‹ๆ—ฅ 2025-12-23T16:16:22Z ๅฏพ่ฑกๆฉŸๅ™จ - - ็จฎๅˆฅ - CVSS 10.0 ๅ‚่€ƒๆƒ…ๅ ฑ cve@mitre.org: cve@mitre.org:โ€ฆ
  • 0
  • 0
  • 0
  • 8h ago

CVE-2025-14282

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
Last activity: 17 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Technical deep dive: #Debian's DSA 6086-1 for Dropbear (CVE-2025-14282). This isn't just a patch alert. It's a case study in memory safety flaws in lightweight SSH daemons and a springboard for discussing. Read more: ๐Ÿ‘‰ tinyurl.com/5ued5eyp #Security
  • 0
  • 0
  • 0
  • 17h ago

CVE-2025-68877

Overview

  • CedCommerce
  • CedCommerce Integration for Good Market
  • ced-good-market-integration
29 Dec 2025
Published
29 Dec 2025
Updated
CVSS v3.1
HIGH (7.5)
EPSS
Pending
KEV

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CedCommerce CedCommerce Integration for Good Market allows PHP Local File Inclusion.This issue affects CedCommerce Integration for Good Market: from n/a through 1.0.6.

Statistics

  • 1 Post
Last activity: 18 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2025-68877 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CedCommerce CedCommerce Integration for Good Market allows PHP Local File Inclusion.This issue affects CedCommerce Integration...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 18h ago

CVE-2025-58185

Overview

  • Go standard library
  • encoding/asn1
  • encoding/asn1
29 Oct 2025
Published
04 Nov 2025
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion.

Statistics

  • 1 Post
Last activity: Last hour

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Technical deep dive: CVE-2025-58185 isn't just another CVE. It's a memory exhaustion flaw in Go's encoding/asn1, affecting the Chroma syntax highlighter. Read more:๐Ÿ‘‰ tinyurl.com/bddrrb9j #Fedora #Security
  • 0
  • 0
  • 0
  • Last hour
Showing 31 to 40 of 62 CVEs