Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-14 CVE-2025-2308 A vulnerability, which was classified as critical, was found in HDF5 1.14.6.
local
low complexity
CWE-122
5.3
5.3
2025-03-14 CVE-2025-2309 A vulnerability has been found in HDF5 1.14.6 and classified as critical.
local
low complexity
CWE-122
5.3
5.3
2025-03-14 CVE-2025-2310 A vulnerability was found in HDF5 1.14.6 and classified as critical.
local
low complexity
CWE-122
5.3
5.3
2025-03-14 CVE-2025-29782 Cross-site Scripting vulnerability in Wegia
WeGIA is Web manager for charitable institutions A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_docs_atendido.php` endpoint in versions of the WeGIA application prior to 3.2.17.
network
low complexity
wegia CWE-79
5.4
5.4
2025-03-14 CVE-2025-29384 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29385 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29386 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29387 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
high complexity
tenda CWE-787
7.1
7.1
2025-03-14 CVE-2024-45638 IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.
local
high complexity
CWE-256
4.1
4.1
2025-03-14 CVE-2024-45643 IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.
network
high complexity
CWE-327
5.9
5.9