Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2025-7624

CVE-2025-7624_CVE-2025-7624

An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote c...

Sophos Sophos Firewall CVE
CRITICAL 9.8 CVE-2025-6704

CVE-2025-6704_CVE-2025-6704

An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead ...

Sophos Sophos Firewall CVE
CRITICAL 9.1 CVE-2025-46117

CVE-2025-46117_CVE-2025-46117

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279...

n/a n/a n/a CVE
CRITICAL 9.1 CVE-2025-46122

CVE-2025-46122_CVE-2025-46122

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint...

n/a n/a n/a CVE
CRITICAL 9.8 CVE-2025-46121

CVE-2025-46121_CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions `stamgr_cfg_adpt_addStaFavou...

n/a n/a n/a CVE
CRITICAL 9.8 CVE-2025-46120

CVE-2025-46120_CVE-2025-46120

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282...

n/a n/a n/a CVE
CRITICAL 9.8 CVE-2025-44658

CVE-2025-44658_CVE-2025-44658

In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extens...

n/a n/a n/a CVE
CRITICAL 9.8 CVE-2025-44655

CVE-2025-44655_CVE-2025-44655

In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized ac...

n/a n/a n/a CVE
CRITICAL 9.8 CVE-2025-7393

Mail Login – Critical – Access bypass – SA-CONTRIB-2025-088_CVE-2025-7393

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from...

Drupal Mail Login 3.0.0 CVE
CRITICAL 9.8 CVE-2025-44654

CVE-2025-44654_CVE-2025-44654

In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to sy...

n/a n/a n/a CVE