Latest CVE Feed
-
6.7
MEDIUMCVE-2025-47344
Memory corruption while handling sensor utility operations.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware +154 more products- Published: Jan. 07, 2026
- Modified: Jan. 27, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47343
Memory corruption while processing a video session to set video parameters.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware qcm6490_firmware wcd9370_firmware wcd9375_firmware fastconnect_6900_firmware fastconnect_7800_firmware fastconnect_6700_firmware qca0000_firmware wsa8840_firmware +40 more products- Published: Jan. 07, 2026
- Modified: Jan. 12, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47339
Memory corruption while deinitializing a HDCP session.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +360 more products- Published: Jan. 07, 2026
- Modified: Jan. 27, 2026
- Vuln Type: Memory Corruption
-
6.7
MEDIUMCVE-2025-47337
Memory corruption while accessing a synchronization object during concurrent operations.... Read more
Affected Products : qca6391_firmware wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8835_firmware qca6698aq_firmware qcm6490_firmware qcn9011_firmware qcn9012_firmware qcs6490_firmware +118 more products- Published: Jan. 07, 2026
- Modified: Jan. 27, 2026
- Vuln Type: Memory Corruption
-
6.7
MEDIUMCVE-2025-47336
Memory corruption while performing sensor register read operations.... Read more
Affected Products : wsa8830_firmware wsa8835_firmware wsa8832_firmware fastconnect_7800_firmware wcd9395_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wsa8830 wsa8835 +26 more products- Published: Jan. 07, 2026
- Modified: Jan. 27, 2026
- Vuln Type: Memory Corruption
-
6.7
MEDIUMCVE-2025-47335
Memory corruption while parsing clock configuration data for a specific hardware type.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8835_firmware qca6698aq_firmware qcm6490_firmware qcs6490_firmware wcd9370_firmware wcd9375_firmware wsa8832_firmware +80 more products- Published: Jan. 07, 2026
- Modified: Jan. 27, 2026
- Vuln Type: Memory Corruption
-
6.7
MEDIUMCVE-2025-47334
Memory corruption while processing shared command buffer packet between camera userspace and kernel.... Read more
Affected Products : qca6391_firmware qca6595au_firmware sd_8_gen1_5g_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware wsa8810_firmware +282 more products- Published: Jan. 07, 2026
- Modified: Jan. 27, 2026
- Vuln Type: Memory Corruption
-
6.6
MEDIUMCVE-2025-47333
Memory corruption while handling buffer mapping operations in the cryptographic driver.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +468 more products- Published: Jan. 07, 2026
- Modified: Jan. 28, 2026
- Vuln Type: Memory Corruption
-
6.7
MEDIUMCVE-2025-47332
Memory corruption while processing a config call from userspace.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware qcm4490_firmware qcs4490_firmware snapdragon_ar2_gen_1_platform_firmware +138 more products- Published: Jan. 07, 2026
- Modified: Jan. 28, 2026
- Vuln Type: Memory Corruption
-
6.1
MEDIUMCVE-2025-47331
Information disclosure while processing a firmware event.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +588 more products- Published: Jan. 07, 2026
- Modified: Jan. 28, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-47330
Transient DOS while parsing video packets received from the video firmware.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +436 more products- Published: Jan. 07, 2026
- Modified: Jan. 28, 2026
- Vuln Type: Denial of Service
-
7.1
HIGHCVE-2025-32300
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital zoom studio DZS Video Gallery allows Reflected XSS.This issue affects DZS Video Gallery: from n/a through 12.25.... Read more
Affected Products :- Published: Jan. 07, 2026
- Modified: Jan. 08, 2026
- Vuln Type: Cross-Site Scripting
-
4.9
MEDIUMCVE-2025-31964
Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the loc... Read more
Affected Products : bigfix_insights_for_vulnerability_remediation- Published: Jan. 07, 2026
- Modified: Jan. 21, 2026
- Vuln Type: Misconfiguration
-
3.3
LOWCVE-2025-31963
Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests.... Read more
Affected Products : bigfix_insights_for_vulnerability_remediation- Published: Jan. 07, 2026
- Modified: Jan. 22, 2026
- Vuln Type: Authentication
-
4.3
MEDIUMCVE-2025-31962
Insufficient session expiration in the Web UI authentication component in HCL BigFix IVR version 4.2 allows an authenticated attacker to gain prolonged unauthorized access to protected API endpoints due to excessive expiration periods.... Read more
Affected Products : bigfix_insights_for_vulnerability_remediation- Published: Jan. 07, 2026
- Modified: Jan. 12, 2026
- Vuln Type: Authentication
-
8.8
HIGHCVE-2025-31643
Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0.... Read more
Affected Products :- Published: Jan. 07, 2026
- Modified: Jan. 08, 2026
- Vuln Type: Authorization
-
5.3
MEDIUMCVE-2025-15474
AuntyFey Smart Combination Lock firmware versions as of 2025-12-24 contain a vulnerability that allows an unauthenticated attacker within Bluetooth Low Energy (BLE) range to cause a denial of service by repeatedly initiating BLE connections. Sustained con... Read more
Affected Products :- Published: Jan. 07, 2026
- Modified: Jan. 08, 2026
- Vuln Type: Denial of Service
-
8.3
HIGHCVE-2025-15472
A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. Th... Read more
- Published: Jan. 07, 2026
- Modified: Jan. 15, 2026
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-15158
The WP Enable WebP plugin for WordPress is vulnerable to arbitrary file uploads due to improper file type validation in the 'wpse_file_and_ext_webp' function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, wi... Read more
Affected Products :- Published: Jan. 07, 2026
- Modified: Jan. 08, 2026
- Vuln Type: Authentication
-
6.4
MEDIUMCVE-2025-15058
The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'table_currency' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possib... Read more
Affected Products : responsive_pricing_table- Published: Jan. 07, 2026
- Modified: Jan. 08, 2026
- Vuln Type: Cross-Site Scripting