Recent Advisories

Severity ID Title Vendor Product Date Type
LOW 2.7 CVE-2025-55202

Opencast has a partial path traversal vulnerability in UI config_CVE-2025-55202

Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7...

opencast opencast < 17.7 CVE
LOW 1.8 CVE-2025-54080

Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file_CVE-2025-54080

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read w...

Exiv2 exiv2 < 0.28.6 CVE
LOW 1.8 CVE-2025-55304

Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata_CVE-2025-55304

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was...

Exiv2 exiv2 < 0.28.6 CVE
LOW 2.3 CVE-2025-9071

Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto_CVE-2025-9071

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto librar...

Oberon microsystems AG Oberon PSA Crypto 1.0.0 CVE
LOW 2.4 CVE-2025-51643

CVE-2025-51643_CVE-2025-51643

Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protection....

n/a n/a n/a CVE
LOW 2 CVE-2025-9589

Cudy WR1200EA shadow default password_CVE-2025-9589

A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulat...

Cudy WR1200EA 2.3.7-20250113-121810 CVE
LOW 2 CVE-2025-9577

TOTOLINK X2000R Administrative shadow.sample default credentials_CVE-2025-9577

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of t...

TOTOLINK X2000R 2.0 CVE
LOW 2 CVE-2025-9576

seeedstudio ReSpeaker Administrative shadow default credentials_CVE-2025-9576

A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Admini...

seeedstudio ReSpeaker LinkIt7688 CVE
LOW 3.7 CVE-2025-55212

ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry “:” leads to crash_CVE-2025-55212

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a g...

ImageMagick ImageMagick < 7.1.2-2 CVE
LOW 2 CVE-2025-9474

Mihomo Party Socket sysproxy.ts enableSysProxy temp file_CVE-2025-9474

A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of ...

Mihomo Party 1.8.0 CVE