24h | 7d | 30d

CVE-2025-59719

Overview

  • Fortinet
  • FortiWeb
09 Dec 2025
Published
10 Dec 2025
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.07%
KEV

Description

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

Statistics

  • 2 Posts
Last activity: 4 hours ago

Bluesky

Profile picture
Giovanni Popolizio @giovanni-popolizio.bsky.social
Fortinet CVE-2025-59718 e CVE-2025-59719. CISA docet. Quando entra in gioco CISA, la vulnerabilità smette di essere solo tecnica Nel precedente articolo abbiamo visto come le vulnerabilità CVE-2025-59718... www.aiutocomputerhelp.it?p=16474 #CVE_2025_59718 #CVE_2025_59719 #FortiCloud_SSO #fortinet
  • 0
  • 0
  • 0
  • 4h ago
Profile picture
Giovanni Popolizio @giovanni-popolizio.bsky.social
‌Fortinet CVE-2025-59718 e CVE-2025-59719 Fortinet, su su , puoi farcela ! Negli ultimi mesi il nome Fortinet è tornato più volte al centro delle cronache di sicurezza, e non per motivi rassicuranti. www.aiutocomputerhelp.it?p=16411 #Cybersecurity #fortinet #hacking #Vulnerabilità
  • 0
  • 0
  • 0
  • 4h ago

CVE-2025-14299

Overview

  • TP-Link Systems Inc.
  • Tapo C200 V3
20 Dec 2025
Published
22 Dec 2025
Updated
CVSS v4.0
HIGH (7.1)
EPSS
0.06%
KEV

Description

The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and resulting in denial-of-service (DoS).

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 12 hours ago

Fediverse

Profile picture
Santa Caws @cR0w

TP-Link

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cc: @Dio9sys @da_667

  • 1
  • 3
  • 0
  • 12h ago

CVE-2025-14300

Overview

  • TP-Link Systems Inc.
  • Tapo C200 V3
20 Dec 2025
Published
22 Dec 2025
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.04%
KEV

Description

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service (DoS).

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 12 hours ago

Fediverse

Profile picture
Santa Caws @cR0w

TP-Link

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cc: @Dio9sys @da_667

  • 1
  • 3
  • 0
  • 12h ago

CVE-2025-8065

Overview

  • TP-Link Systems Inc.
  • Tapo C200 V3
20 Dec 2025
Published
22 Dec 2025
Updated
CVSS v4.0
HIGH (7.1)
EPSS
0.02%
KEV

Description

A buffer overflow vulnerability exists in the ONVIF XML parser of Tapo C200 V3. An unauthenticated attacker on the same local network segment can send specially crafted SOAP XML requests, causing memory overflow and device crash, resulting in denial-of-service (DoS).

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 12 hours ago

Fediverse

Profile picture
Santa Caws @cR0w

TP-Link

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cc: @Dio9sys @da_667

  • 1
  • 3
  • 0
  • 12h ago
Showing 31 to 34 of 34 CVEs