| 2025-02-05 | CVE-2025-20125 | A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation of user-supplied data. network low complexity CWE-285 critical | 9.1 |
| 2025-02-04 | CVE-2025-1009 | Use After Free vulnerability in Mozilla Firefox
An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. | 9.8 |
| 2025-02-04 | CVE-2025-1016 | Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. | 9.8 |
| 2025-02-04 | CVE-2025-1017 | Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. | 9.8 |
| 2025-02-04 | CVE-2025-1020 | Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 134 and Thunderbird 134. | 9.8 |
| 2025-02-04 | CVE-2025-0890 | **UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so. network low complexity CWE-287 critical | 9.8 |
| 2025-02-03 | CVE-2025-24905 | SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions. | 9.8 |
| 2025-02-03 | CVE-2025-24906 | SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions. | 9.8 |
| 2025-02-03 | CVE-2025-24957 | SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions. | 9.8 |
| 2025-02-03 | CVE-2024-45569 | Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption while parsing the ML IE due to invalid frame content. | 9.8 |