NA - CVE-2025-1019 - The z-order of the browser windows could be...
The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox
NA - CVE-2025-1020 - Memory safety bugs present in Firefox 134 and...
Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited...
NA - CVE-2024-23690 - The end-of-life Netgear FVS336Gv2 and FVS336Gv3...
The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as...
NA - CVE-2024-9643 - The Four-Faith F3x36 router using firmware...
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the...
NA - CVE-2024-9644 - The Four-Faith F3x36 router using firmware...
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative...
NA - CVE-2025-0825 - cpp-httplib version v0.17.3 through v0.18.3...
cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further...
NA - CVE-2025-22206 - A SQL injection vulnerability in the JS Jobs...
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor'...
NA - CVE-2025-22641 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prem Tiwari FM Notification Bar allows Stored XSS. This issue affects FM Notification...
NA - CVE-2025-22642 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RTO GmbH Dynamic Conditions allows Stored XSS. This issue affects Dynamic Conditions:...
NA - CVE-2025-22643 - Missing Authorization vulnerability in...
Missing Authorization vulnerability in FameThemes OnePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OnePress: from n/a through 2.3.11.