CVSS: 10.0EPSS: %CPEs: 2EXPL: 0CVE-2025-54481
https://notcve.org/view.php?id=CVE-2025-54481
25 Aug 2025 — A specially crafted MFER file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: %CPEs: 2EXPL: 0CVE-2025-54480
https://notcve.org/view.php?id=CVE-2025-54480
25 Aug 2025 — A specially crafted MFER file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: %CPEs: 2EXPL: 0CVE-2025-53557
https://notcve.org/view.php?id=CVE-2025-53557
25 Aug 2025 — A specially crafted MFER file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2235 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: %CPEs: 2EXPL: 0CVE-2025-46411
https://notcve.org/view.php?id=CVE-2025-46411
25 Aug 2025 — A specially crafted MFER file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2236 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: %CPEs: 2EXPL: 0CVE-2025-53511
https://notcve.org/view.php?id=CVE-2025-53511
25 Aug 2025 — A specially crafted MFER file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2237 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: %CPEs: 2EXPL: 0CVE-2025-54462
https://notcve.org/view.php?id=CVE-2025-54462
25 Aug 2025 — A specially crafted .nex file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2239 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: %CPEs: 2EXPL: 0CVE-2025-48005
https://notcve.org/view.php?id=CVE-2025-48005
25 Aug 2025 — A specially crafted RHS2000 file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2240 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.1EPSS: 0%CPEs: 6EXPL: 1CVE-2025-9407 – mtons mblog profile cross site scripting
https://notcve.org/view.php?id=CVE-2025-9407
25 Aug 2025 — A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used. • https://vuldb.com/?id.321245 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 1CVE-2025-9404 – Scada-LTS Folder pointHierarchySLTS cross site scripting
https://notcve.org/view.php?id=CVE-2025-9404
25 Aug 2025 — A vulnerability was identified in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file /pointHierarchySLTS of the component Folder Handler. The manipulation of the argument Title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. • https://vuldb.com/?id.321240 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.1EPSS: 0%CPEs: -EXPL: 1CVE-2025-9388 – Scada-LTS watch_list.shtm cross site scripting
https://notcve.org/view.php?id=CVE-2025-9388
24 Aug 2025 — A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function of the file watch_list.shtm. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. • https://vuldb.com/?id.321221 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •