Latest CVE Feed
-
5.1
MEDIUMCVE-2025-11945
A vulnerability was identified in toeverything AFFiNE up to 0.24.1. This vulnerability affects unknown code of the component Avatar Upload Image Endpoint. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit is... Read more
Affected Products :- Published: Oct. 19, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Cross-Site Scripting
-
7.5
HIGHCVE-2025-11942
A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may b... Read more
Affected Products : x200_firmware- Published: Oct. 19, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Authentication
-
0.0
NACVE-2025-40003
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work The origin code calls cancel_delayed_work() in ocelot_stats_deinit() to cancel the cyclic delayed work item ocelot->s... Read more
Affected Products : linux_kernel- Published: Oct. 18, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Memory Corruption
-
6.1
MEDIUMCVE-2025-10612
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in giSoft Information Technologies City Guide allows Reflected XSS.This issue affects City Guide: before 1.4.45.... Read more
Affected Products :- Published: Oct. 21, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Cross-Site Scripting