Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.7 CVE-2025-9527

Linksys E1700 QoSSetup stack-based overflow_CVE-2025-9527

A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of...

Linksys E1700 1.0.0.4.003 CVE
HIGH 7.8 CVE-2025-43882

CVE-2025-43882_CVE-2025-43882

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified Ownership vulnerability. A local low-privileged attacker could potentially e...

Dell ThinOS 10 N/A CVE
HIGH 8.4 CVE-2025-43730

CVE-2025-43730_CVE-2025-43730

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vuln...

Dell ThinOS 10 N/A CVE
HIGH 7.8 CVE-2025-43729

CVE-2025-43729_CVE-2025-43729

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privil...

Dell ThinOS 10 N/A CVE
HIGH 8.7 CVE-2025-9526

Linksys E1700 setSysAdm stack-based overflow_CVE-2025-9526

A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such m...

Linksys E1700 1.0.0.4.003 CVE
HIGH 8.7 CVE-2025-9525

Linksys E1700 setWan stack-based overflow_CVE-2025-9525

A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipula...

Linksys E1700 1.0.0.4.003 CVE
HIGH 8.8 CVE-2025-30036

Stored XSS permitting session takeover of arbitrary user_CVE-2025-30036

Stored XSS vulnerability exists in the "Oddział" (Ward) module, in the death diagnosis description field, and allows the execution of arbitrary Jav...

CGM CGM CLININET CVE
HIGH 8.8 CVE-2025-30037

Missing authentication in APIs allowing data retrieval and modification_CVE-2025-30037

The system exposes several endpoints, typically including "/int/" in their path, that should be restricted to internal services, but are instead pu...

CGM CGM CLININET CVE
HIGH 7.3 CVE-2025-30038

Session ID leakage in Zone.Identifier of downloaded files_CVE-2025-30038

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windo...

CGM CGM CLININET CVE
HIGH 8.8 CVE-2025-30064

Possibility to generate a session for any user via the “ex:action” parameter after obtaining access to the JWT key_CVE-2025-30064

An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not ver...

CGM CGM CLININET CVE