Latest CVE Feed
-
3.3
LOWCVE-2025-60361
radare2 v5.9.8 and before contains a memory leak in the function bochs_open.... Read more
Affected Products : radare2- Published: Oct. 17, 2025
- Modified: Oct. 23, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-55085
In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.... Read more
- Published: Oct. 17, 2025
- Modified: Oct. 27, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-48087
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason C. Memberlite Shortcodes memberlite-shortcodes allows Stored XSS.This issue affects Memberlite Shortcodes: from n/a through 1.4.1.... Read more
Affected Products : memberlite_shortcodes- Published: Oct. 17, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Cross-Site Scripting
-
7.2
HIGHCVE-2025-11904
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disc... Read more
Affected Products : chancms- Published: Oct. 17, 2025
- Modified: Oct. 24, 2025
- Vuln Type: Injection