Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2025-1228 | A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. | 4.3 |
| 2025-02-12 | CVE-2025-1229 | A vulnerability classified as critical was found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. | 6.3 |
| 2025-02-12 | CVE-2024-12673 | An improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allow a local attacker to elevate privileges on the system. This vulnerability only affects Vantage installed on these devices: * Lenovo V Series (Gen 5) * ThinkBook 14 (Gen 6, 7) * ThinkBook 16 (Gen 6, 7) * ThinkPad E Series (Gen 1) local low complexity | 7.8 |
| 2025-02-12 | CVE-2025-0108 | Missing Authentication for Critical Function vulnerability in Paloaltonetworks Pan-Os An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. | 9.1 |
| 2025-02-12 | CVE-2025-0111 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software. | 6.5 |
| 2025-02-12 | CVE-2025-1226 | A vulnerability was found in ywoa up to 2024.07.03. | 5.3 |
| 2025-02-12 | CVE-2025-1225 | A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03. | 6.3 |
| 2025-02-12 | CVE-2025-25343 | Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. | 9.8 |
| 2025-02-12 | CVE-2025-1213 | A vulnerability was found in pihome-shc PiHome 1.77. | 3.5 |
| 2025-02-12 | CVE-2024-11628 | Unspecified vulnerability in Telerik Kendo UI for VUE In Progress® Telerik® Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection. | 7.2 |