NA - CVE-2025-53620 - @builder.io/qwik-city is the meta-framework for...
@builder.io/qwik-city is the meta-framework for Qwik. When a Qwik Server Action QRL is executed it dynamically load the file containing the symbol. When an invalid qfunc is sent, the server does...
NA - CVE-2025-52357 - Cross-Site Scripting (XSS) vulnerability exists...
Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router (firmware V2.2.14), allowing an authenticated attacker to execute arbitrary...
NA - CVE-2025-53624 - The Docusaurus gists plugin adds a page to your...
The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing...
NA - CVE-2025-6376 - A remote
code execution security issue exists...
A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation...
NA - CVE-2025-6377 - A remote
code execution security issue exists...
A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation...
Medium - CVE-2025-1112 - IBM OpenPages with Watson 8.3 and 9.0 could...
IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.
Medium - CVE-2025-2670 - IBM OpenPages 9.0 is vulnerable to information...
IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An...
NA - CVE-2025-52364 - Insecure Permissions vulnerability in Tenda CP3...
Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service (telnetd) by default at boot via the initialization script /etc/init.d/eth.sh. This allows remote...
NA - CVE-2025-53546 - Folo organizes feeds content into one timeline....
Folo organizes feeds content into one timeline. Using pull_request_target on .github/workflows/auto-fix-lint-format-commit.yml can be exploited by attackers, since untrusted code can be executed...
NA - CVE-2025-7204 - In ConnectWise PSA versions older than 2025.9,...
In ConnectWise PSA versions older than 2025.9, a vulnerability exists where authenticated users could gain access to sensitive user information. Specific API requests were found to return an overly...