Common Vulnerabilities and Exposures (CVE)

CVE-2025-51655

Jul 5, 2026 01:01:48 UTC

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.

CVE-2025-51654

Jul 5, 2026 01:01:44 UTC

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php.

CVE-2025-51653

Jul 5, 2026 01:01:39 UTC

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php.

CVE-2025-51652

Jul 5, 2026 01:01:35 UTC

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php.

CVE-2025-44526

Jul 5, 2026 01:01:30 UTC

Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a craf...

CVE-2025-44525

Jul 5, 2026 01:01:27 UTC

Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a ...

CVE-2025-44251

Jul 5, 2026 01:01:23 UTC

Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process.

CVE-2025-29267

Jul 5, 2026 01:01:18 UTC

SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build v.PreBeta250F allows a remote attacker to obtain a sensitive information via the cid parameter in the GET request.

CVE-2024-36697

Jul 5, 2026 01:01:14 UTC

A cross-site scripting (XSS) vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp.

CVE-2025-46157

Jul 5, 2026 01:01:10 UTC

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form

CVE-2025-46060

Jul 5, 2026 01:01:03 UTC

Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component

CVE-2025-46041

Jul 5, 2026 01:00:58 UTC

A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add).

CVE-2025-46035

Jul 5, 2026 01:00:54 UTC

Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi ...

CVE-2025-45931

Jul 5, 2026 01:00:49 UTC

An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file

CVE-2025-45029

Jul 5, 2026 01:00:45 UTC

WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENT_LENGTH variable at /cgi-bin/upload.cgi.