Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-02-20 CVE-2025-25663 Out-of-bounds Write vulnerability in Tenda AC8 Firmware 16.03.34.06
A vulnerability was found in Tenda AC8V4 V16.03.34.06.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-02-20 CVE-2025-25664 Out-of-bounds Write vulnerability in Tenda AC8 Firmware 16.03.34.06
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-02-20 CVE-2025-25667 Classic Buffer Overflow vulnerability in Tenda AC8 Firmware 16.03.34.06
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2025-02-20 CVE-2025-25668 Classic Buffer Overflow vulnerability in Tenda AC8 Firmware 16.03.34.06
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2025-02-20 CVE-2025-25674 Classic Buffer Overflow vulnerability in Tenda Ac10 Firmware 15.03.06.23
Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2025-02-20 CVE-2025-25675 Command Injection vulnerability in Tenda Ac10 Firmware 15.03.06.23
Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand function.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2025-02-20 CVE-2025-27088 oxyno-zeta/s3-proxy is an aws s3 proxy written in go.
network
low complexity
CWE-79
8.2
8.2
2025-02-20 CVE-2025-27097 Resource Exhaustion vulnerability in The-Guild Graphql Mesh
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL.
network
low complexity
the-guild CWE-400
7.5
7.5
2025-02-20 CVE-2025-27098 Path Traversal vulnerability in The-Guild Graphql Mesh CLI and Graphql Mesh Http
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL.
network
low complexity
the-guild CWE-22
7.5
7.5
2025-02-20 CVE-2025-24893 Eval Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-95
critical
 9.8
9.8