Browse all 4 CVE security advisories affecting gmg137. AI-powered Chinese analysis, POCs, and references for each vulnerability.
gmg137 is a software component commonly used in web applications for data processing and user interaction. Historically, it has been associated with multiple critical vulnerabilities including remote code execution, cross-site scripting, and privilege escalation. The four CVEs recorded for this component highlight consistent weaknesses in input validation and access control mechanisms. Security researchers have noted its susceptibility to both authenticated and unauthenticated attacks, with potential for complete system compromise in certain configurations. No major public security incidents have been definitively linked to gmg137, though its vulnerability pattern suggests ongoing risks for implementations lacking proper hardening and updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15247 | gmg137 snap7-rs client.rs download heap-based overflow — snap7-rsCWE-122 | 7.3 | High | 2025-12-30 |
| CVE-2025-14673 | gmg137 snap7-rs client.rs as_ct_write heap-based overflow — snap7-rsCWE-122 | 7.3 | High | 2025-12-14 |
| CVE-2025-14672 | gmg137 snap7-rs s7_micro_client.cpp opWriteArea heap-based overflow — snap7-rsCWE-122 | 7.3 | High | 2025-12-14 |
| CVE-2025-7616 | gmg137 snap7-rs Public API pthread_cond_destroy memory corruption — snap7-rsCWE-119 | 5.5 | Medium | 2025-07-14 |
This page lists every published CVE security advisory associated with gmg137. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.