CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2025-57573
Medium

A buffer overflow vulnerability exists in the Tenda F3 router version V12.01.01.48_multi and later. The issue is triggered via the wifiTimeClose parameter in the goform/setWifi function.

CVE-2025-57572
Medium

A buffer overflow vulnerability exists in the Tenda F3 device version V12.01.01.48_multi and later, in the onlineList parameter of the goform/setParentControl function. An attacker can remotely cause a crash or potentially take control of the device.

CVE-2025-57571
Medium

A buffer overflow vulnerability exists in Tenda F3 router version V12.01.01.48_multi and later. The issue is triggered via the macFilterList parameter in the goform/setNAT request.

CVE-2025-57570
Medium

A buffer overflow vulnerability exists in the Tenda F3 router version V12.01.01.48_multi and later via the QosList parameter in the goform/setQoS function. An attacker can remotely crash the device or potentially gain control over it.

CVE-2025-57569
Medium

A buffer overflow vulnerability has been discovered in the Tenda F3 router version V12.01.01.48_multi and later. The issue resides in the portList parameter of the /goform/setNAT endpoint.

CVE-2025-34178
MediumEPSS 87%

In pfSense CE, in the file suricata_app_parsers.php, the value of the policy_name parameter is not sanitized of HTML-related strings/characters before being directly displayed. This can result in stored cross-site scripting (XSS). The attacker must be authenticated with at least 'WebCfg - Services: suricata package' permissions.

CVE-2025-34177
MediumEPSS 52%

In pfSense CE, in the file suricata_flow_stream.php, the value of the policy_name parameter is not sanitized of HTML-related strings/characters before being directly displayed. This can result in stored cross-site scripting (XSS). The attacker must be authenticated with at least 'WebCfg - Services: suricata package' permissions.

CVE-2025-34176
MediumEPSS 96%

In pfSense CE, the suricata/suricata_ip_reputation.php file does not sanitize the iplist parameter against directory traversal sequences. This value is directly used in a file existence check, allowing an authenticated attacker to enumerate files on the server.

CVE-2025-34175
MediumEPSS 96%

In pfSense CE, the file /usr/local/www/suricata/suricata_filecheck.php directly displays the value of the filehash parameter without sanitizing HTML-related characters/strings. This can result in reflected cross-site scripting (XSS) if the victim is authenticated.

CVE-2025-34173
MediumEPSS 54%

In pfSense CE, the file /usr/local/www/snort/snort_ip_reputation.php does not sanitize the iplist parameter for directory traversal characters before checking file existence. Although file contents are not disclosed, the server reveals whether a file exists, enabling an attacker to enumerate files on the target. The attacker must be authenticated with at least 'WebCfg - Services: Snort package' permissions.

CVE-2025-34172
MediumEPSS 58%

In pfSense CE, the value of the showsticktablecontent parameter in /usr/local/www/haproxy/haproxy_stats.php is displayed after being read from HTTP GET requests. This enables reflected cross-site scripting when the victim is authenticated.

CVE-2025-52277
Medium

A Cross Site Scripting (XSS) vulnerability in YesWiki v.4.54 allows a remote attacker to execute arbitrary code via a crafted payload in the meta configuration robots field.

CVE-2025-39721
Medium

A use-after-free vulnerability was found in the Linux kernel's QAT (QuickAssist Technology) drivers. Repeated loading/unloading of a device-specific driver (e.g., qat_4xxx) in a tight loop can cause a crash when a power management interrupt fires just before driver unload, leaving a pending work item in the shared `qat_misc_wq` queue. Executing that item after driver removal dereferences freed memory, leading to a kernel panic.

CVE-2025-39681
Medium

In the Linux kernel, Hygon processors lacked the resctrl_cpu_detect() call in BSP initialization, causing a division by zero fault during boot. The issue appeared after the function was moved to vendor-specific code.

CVE-2025-38732
Medium

In the Linux kernel, a dst refcount leak was discovered for loopback packets in the netfilter nf_reject module. The issue occurs when nf_reject_fill_skb_dst attempts to replace the dst entry in a packet that already has one (e.g., loopback traffic), triggering a WARN() and potential memory leak.

CVE-2025-8695
Medium

Podatność CVE-2025-8695 dotyczy serwera NetGIS, gdzie niewłaściwe neutralizowanie danych wejściowych podczas generowania stron internetowych prowadzi do możliwości ataków typu Cross-site Scripting (XSS). Problem ten dotyczy wersji NetGIS Server od 5.2.4 do 22.08.2025.

CVE-2025-38727
Medium

A vulnerability in the Linux kernel's netlink subsystem causes infinite retry looping in netlink_unicast(). The issue stems from an incorrect check of socket read memory constraints, leading to CPU stalls (RCU stall) and system unresponsiveness.

CVE-2025-38725
Medium

In the Linux kernel, the asix_devices driver for ASIX AX88772 USB Ethernet chips lacked a phy_mask setting for the MDIO bus. This caused up to 32 dummy PHY devices to be created, with only one binding to the network driver. During system suspend/resume, a NULL pointer dereference occurred in phy_state_machine(), leading to a crash.

CVE-2025-38721
Medium

A reference count leak in ctnetlink_dump_table() in the Linux kernel's netfilter subsystem occurs when ct == last, causing a double increment that prevents conntrack object release. This blocks netns dismantle or conntrack module removal, leading to potential denial of service.

CVE-2025-38710
Medium

W jądrze Linuxa rozwiązano podatność dotyczącą walidacji i_depth dla katalogów exhash. W wyniku testu fuzzingowego doszło do uszkodzenia, które skutkowało głębokością równą 0 w funkcji dir_e_read(), co prowadziło do nieokreślonego przesunięcia.

PreviousPage 326 of 619Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS