Security Vulnerabilities
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed
CVSS Score
7.5
EPSS Score
0.002
Published
2025-12-01
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed
CVSS Score
7.5
EPSS Score
0.002
Published
2025-12-01
In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed
CVSS Score
7.5
EPSS Score
0.002
Published
2025-12-01
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-01
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, a bug in Kiteworks MFT could cause under certain circumstances that a user's active session would not properly time out due to inactivity. This issue has been patched in version 9.1.0.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-11-29
Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-11-28
Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-28
CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-28
File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-11-28
WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-28