Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-63685 | 2025-11-21 | N/A | 9.8 CRITICAL | ||
| Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of [regsvr32.exe] it loads. An attacker can place a crafted malicious DLL in the application's startup directory, which will be loaded and executed when the user launches the program. | |||||
| CVE-2025-60425 | 1 Nagios | 1 Fusion | 2025-11-05 | N/A | 8.6 HIGH |
| Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the two-factor authentication mechanism is enabled, allowing attackers to perform a session hijacking attack. | |||||
| CVE-2025-55622 | 1 Reolink | 1 Reolink | 2025-10-02 | N/A | 6.5 MEDIUM |
| Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings. NOTE: this is disputed by the Supplier because it is intentional behavior to ensure a predictable user experience. | |||||
| CVE-2024-39069 | 2024-11-21 | N/A | 7.8 HIGH | ||
| An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows attackers to execute arbitrary code via a DLL hijacking attack. | |||||