CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2025-7673
https://notcve.org/view.php?id=CVE-2025-7673
16 Jul 2025 — A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request. • https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: %CPEs: 2EXPL: 0CVE-2025-49828 – Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) Vulnerable to Remote Code Execution
https://notcve.org/view.php?id=CVE-2025-49828
15 Jul 2025 — Conjur OSS versions 1.19.5 through 1.21.1 and Secrets Manager, Self-Hosted (formerly known as Conjur Enterprise) 13.1 through 13.4.1 are vulnerable to remote code execution An authenticated attacker who can inject secrets or templates into the Secrets Manager, Self-Hosted database could take advantage of an exposed API endpoint to execute arbitrary Ruby code within the Secrets Manager process. • https://github.com/cyberark/conjur/releases/tag/v1.21.2 • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 8.1EPSS: %CPEs: 1EXPL: 0CVE-2025-6043 – Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Authenticated (Subscriber+) Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2025-6043
15 Jul 2025 — The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmr_delete_file() function in all versions up to, and including, 16.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files making remote code execution possible. • https://plugins.trac.wordpress.org/browser/wp-malware-removal/tags/16.8/wpmr.php#L4570 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-7042 – Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
https://notcve.org/view.php?id=CVE-2025-7042
15 Jul 2025 — This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted IPT file. • https://www.3ds.com/trust-center/security/security-advisories/cve-2025-7042 • CWE-416: Use After Free •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-6974 – Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
https://notcve.org/view.php?id=CVE-2025-6974
15 Jul 2025 — This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file. • https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6974 • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-6973 – Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
https://notcve.org/view.php?id=CVE-2025-6973
15 Jul 2025 — This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file. • https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6973 • CWE-416: Use After Free •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-6972 – Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
https://notcve.org/view.php?id=CVE-2025-6972
15 Jul 2025 — This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file. • https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6972 • CWE-416: Use After Free •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-6971 – Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
https://notcve.org/view.php?id=CVE-2025-6971
15 Jul 2025 — This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file. • https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6971 • CWE-416: Use After Free •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-0831 – Out-Of-Bounds Read vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
https://notcve.org/view.php?id=CVE-2025-0831
15 Jul 2025 — This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file. • https://www.3ds.com/trust-center/security/security-advisories/cve-2025-0831 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 3CVE-2025-34107 – WinaXe 7.7 FTP Client Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2025-34107
15 Jul 2025 — When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user. • http://hyp3rlinx.altervista.org/advisories/WINAXE-FTP-CLIENT-REMOTE-BUFFER-OVERFLOW.txt • CWE-121: Stack-based Buffer Overflow •