Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-17 | CVE-2025-2395 | The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator. | 9.8 |
| 2025-03-16 | CVE-2025-2345 | A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. | 9.8 |
| 2025-03-15 | CVE-2025-1771 | PHP Remote File Inclusion vulnerability in Shinecommerce Traveler The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.8 via the 'hotel_alone_load_more_post' function 'style' parameter. | 9.8 |
| 2025-03-14 | CVE-2025-29384 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14 In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | 9.8 |
| 2025-03-14 | CVE-2025-29385 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14 In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | 9.8 |
| 2025-03-14 | CVE-2025-29386 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14 In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | 9.8 |
| 2025-03-14 | CVE-2025-29029 | Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function. | 9.8 |
| 2025-03-14 | CVE-2025-29030 | Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | 9.8 |
| 2025-03-14 | CVE-2025-29031 | Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. | 9.8 |
| 2025-03-14 | CVE-2025-2000 | A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. | 9.8 |