CNA Duplicates

The CVE program consists of multiple CVE Numbering Authorities (CNA) which feed their data into the stream. Once in a while irregularities happen, like duplicate assignments of CVEs for the same vulnerability. Our moderation team identifies these and lists them here. This helps CVE users to determine them quickly and to handle them properly. In most cases CNAs should detect such a duplicate assignment and reject the later CVE entry.

Vendor

Not Defined32
IROAD6
witmy4
Tenda3
olajowon2

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product

IROAD Dash Cam X55
IROAD Dash Cam X64
witmy my-springsecurity-plus4
FlatPress4
Tenda AC183

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

IDVulnerabilityCreatedUpdatedCVEDuplicate
299812IROAD Dash Cam X5/Dash Cam X6 Domain origin validation03/15/202503/18/2025CVE-2025-2346CVE-2025-30132
299810IROAD Dash Cam X5/Dash Cam X6 API Endpoint missing authentication03/15/202503/18/2025CVE-2025-2344CVE-2025-30111
299809IROAD Dash Cam X5/Dash Cam X6 Device Pairing hard-coded credentials03/15/202503/18/2025CVE-2025-2343CVE-2025-30110
299808IROAD X5 Mobile App API Endpoint hard-coded credentials03/15/202503/18/2025CVE-2025-2342CVE-2025-30109
299811IROAD Dash Cam X5/Dash Cam X6 improper authorization03/15/202503/18/2025CVE-2025-2345CVE-2025-30107
299807IROAD Dash Cam X5 SSID default credentials03/15/202503/18/2025CVE-2025-2341CVE-2025-30106
303516fumiao opencms dataPage.jsp path traversal04/05/202504/21/2025CVE-2025-3317CVE-2025-28099
295219olajowon Loggrove page os command injection02/11/202502/21/2025CVE-2025-1229CVE-2025-26014
295218olajowon Loggrove Logfile Update page path traversal02/11/202502/21/2025CVE-2025-1228CVE-2025-26013
282090LinZhaoguan pb-cms Theme Management Module admin#themes cross site scripting10/28/202403/02/2025CVE-2024-10479CVE-2024-51229
274937Linux Kernel v3d out-of-bounds08/17/202403/06/2025CVE-2024-42264CVE-2024-49984
252191NetBox Home Page Configuration config-revisions cross site scripting [Disputed]01/26/202404/20/2025CVE-2024-0948CVE-2024-47226
275111ZZCMS eginfo.php information disclosure08/19/202409/30/2024CVE-2024-7925CVE-2024-44820
263348basecamp trix cross site scripting05/07/202403/31/2025CVE-2024-34341CVE-2024-43368
271152witmy my-springsecurity-plus role sql injection07/11/202407/12/2024CVE-2024-6679CVE-2024-40542
271153witmy my-springsecurity-plus build sql injection07/11/202407/12/2024CVE-2024-6680CVE-2024-40541
271154witmy my-springsecurity-plus dept sql injection07/11/202407/12/2024CVE-2024-6681CVE-2024-40540
271111witmy my-springsecurity-plus user sql injection07/10/202407/12/2024CVE-2024-6676CVE-2024-40539
270053adolph_dudu ratio-swiper parse prototype pollution07/01/202407/01/2024CVE-2024-39000CVE-2024-39853
269419Zorlan SkyCaiji Task cross site scripting06/21/202403/22/2025CVE-2024-6252CVE-2024-39242
267365Evmos calculation06/06/202403/26/2025CVE-2024-32873CVE-2024-37159
269698MAP-OS cross site scripting06/25/202403/22/2025CVE-2024-36819CVE-2024-35545
249545Open5GS InitialUEMessage denial of service01/03/202405/08/2024CVE-2023-50019CVE-2024-33382
229419jizhicms Article cross site scripting05/19/202304/26/2025CVE-2023-31862CVE-2024-33338
209431Tenda AC15/AC18 PowerSaveSet setSmartPowerManagement stack-based overflow09/23/202205/23/2025CVE-2022-40864CVE-2024-30613
200818Tenda AC18 form_fast_setting_wifi_set stack-based overflow05/26/202203/26/2024CVE-2022-30473CVE-2024-28551
228048Tenda AC18 setUsbUnload command injection05/05/202303/26/2024CVE-2023-30135CVE-2024-28545
252184Byzoro Smart S210 Management Platform uploadfile.php unrestricted upload01/26/202404/09/2024CVE-2024-0939CVE-2024-28520
259613PuneethReddyHC Event Management register.php sql injection04/07/202405/14/2025CVE-2024-3432CVE-2024-28322
248374Apache Superset ZIP File resource consumption12/19/202302/14/2024CVE-2023-46104CVE-2024-23952
240326yt-dlp os command injection09/26/202304/21/2025CVE-2023-40581CVE-2024-22423
141992Dahua IPC-HDW1X2X IP address information disclosure09/19/201901/14/2025CVE-2019-9680CVE-2024-13131
244080EventPrime Plugin cross-site request forgery10/31/202304/23/2025CVE-2023-4251CVE-2023-5519
239475Google WebP libwebp heap-based overflow09/12/202304/22/2025CVE-2023-4863CVE-2023-5129
191328mingSoft MCMS New Template Module unrestricted upload01/21/202201/16/2024CVE-2022-22929CVE-2023-51282
188960Ajax.NET Professional Javascript Object cross site scripting12/23/202112/05/2023CVE-2021-43853CVE-2023-49289
237404cockpit cross site scripting08/17/202309/13/2023CVE-2023-4395CVE-2023-4433
236213EmpowerID Multi-Factor Authentication Code information disclosure08/05/202308/30/2023CVE-2023-4177CVE-2023-40260
231594Grav special elements used in a template engine06/15/202307/19/2023CVE-2023-34253CVE-2023-37897
241944Elenos ETG150 FM Transmitter resource injection10/11/202311/07/2023CVE-2023-45396CVE-2023-37835
231547OBS-Studio missing encryption06/14/202307/04/2023CVE-2023-34585CVE-2023-36262
232891LangChain Python PALChain code injection07/04/202307/22/2023CVE-2023-36258CVE-2023-36188
232105bishopfox sliver channel accessible06/22/202308/28/2023CVE-2023-34758CVE-2023-35170
231502UJCMS ZIP Package information disclosure06/14/202307/13/2023CVE-2023-3231CVE-2023-34878
230799SourceCodester Service Provider Management System view_service.php sql injection06/06/202306/30/2023CVE-2023-3120CVE-2023-34581
229953PHPOK admin.php unrestricted upload05/25/202306/17/2023CVE-2023-2888CVE-2023-33601
232918fastify oauth2 cross-site request forgery07/04/202307/04/2023CVE-2023-35935CVE-2023-31999
227401World Wide Broadcast Network AVideo Video Link os command injection04/25/202302/03/2025CVE-2023-25313CVE-2023-30842
230464openSUSE libeconf Config File buffer overflow06/01/202305/13/2025CVE-2023-22652CVE-2023-30079
230465openSUSE libeconf Configuration File buffer overflow06/01/202308/23/2023CVE-2023-32181CVE-2023-30078

30 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 30 results.

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!