Security Vulnerabilities
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-16
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-16
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-16
Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-16
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
ASDA-Soft Stack-based Buffer Overflow Vulnerability
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-16
ASDA-Soft Stack-based Buffer Overflow Vulnerability
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-16
The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-10-15