Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2024-55374 Vulnerability in vanderbilt (CVE-2024-55374)
vulnerability in vanderbilt (CVE-2024-55374). Risk of unauthorized operations or information disclosure.
CVE-2025-11157 Unsafe Deserialization in CVE-2025-11157 (CVE-2025-11157)
vulnerability in CVE-2025-11157 (CVE-2025-11157). Successful exploitation can lead to full system takeover.
CVE-2025-66835 Vulnerability in trueconf (CVE-2025-66835)
vulnerability in trueconf (CVE-2025-66835). Confidential information can be exposed externally.
CVE-2025-66848 Code Injection in jdcloud (CVE-2025-66848)
code injection in jdcloud (CVE-2025-66848). Successful exploitation can lead to full system takeover.
CVE-2025-71339 Unsafe Deserialization in picklescan (CVE-2025-71339)
vulnerability in picklescan (CVE-2025-71339). Confidential information can be exposed externally. Exploitable via ``numpy.f2py.crackfortran._eval_length``. Mitigation: upgrade to `0.0.33` or later.
CVE-2025-15070 Information Disclosure in gmission (CVE-2025-15070)
vulnerability in gmission (CVE-2025-15070). Confidential information can be exposed externally.
CVE-2025-14847 KEV [KEV] Vulnerability in mongodb (CVE-2025-14847)
vulnerability in mongodb (CVE-2025-14847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-15128 Vulnerability in CVE-2025-15128 (CVE-2025-15128)
vulnerability in CVE-2025-15128 (CVE-2025-15128). Risk of unauthorized operations or information disclosure.
CVE-2025-66737 Vulnerability in path-traversal (CVE-2025-66737)
vulnerability in path-traversal (CVE-2025-66737). Risk of unauthorized operations or information disclosure.
CVE-2025-66738 Command Injection in yealink (CVE-2025-66738)
command injection in yealink (CVE-2025-66738). Successful exploitation can lead to full system takeover.
CVE-2025-2307 Cross-Site Scripting (XSS) in CVE-2025-2307 (CVE-2025-2307)
cross-site scripting in CVE-2025-2307 (CVE-2025-2307). Data can be tampered with by attackers.
CVE-2025-2405 Cross-Site Scripting (XSS) in CVE-2025-2405 (CVE-2025-2405)
cross-site scripting in CVE-2025-2405 (CVE-2025-2405). Data can be tampered with by attackers.
CVE-2025-2406 Cross-Site Scripting (XSS) in CVE-2025-2406 (CVE-2025-2406)
cross-site scripting in CVE-2025-2406 (CVE-2025-2406). Data can be tampered with by attackers.
CVE-2025-2515 Authorization Flaw in privilege-escalation (CVE-2025-2515)
vulnerability in privilege-escalation (CVE-2025-2515). Successful exploitation can lead to full system takeover.
CVE-2025-2155 Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
CVE-2025-2154 Cross-Site Scripting (XSS) in CVE-2025-2154 (CVE-2025-2154)
cross-site scripting in CVE-2025-2154 (CVE-2025-2154). Risk of unauthorized operations or information disclosure.
CVE-2025-65865 Vulnerability in dos (CVE-2025-65865)
vulnerability in dos (CVE-2025-65865). Risk of unauthorized operations or information disclosure.
CVE-2025-13183 Cross-Site Scripting (XSS) in CVE-2025-13183 (CVE-2025-13183)
cross-site scripting in CVE-2025-13183 (CVE-2025-13183). Confidential information can be exposed externally.
CVE-2025-67290 Cross-Site Scripting (XSS) in dotnetfoundation (CVE-2025-67290)
cross-site scripting in dotnetfoundation (CVE-2025-67290). Risk of unauthorized operations or information disclosure.
CVE-2025-67291 Cross-Site Scripting (XSS) in dotnetfoundation (CVE-2025-67291)
cross-site scripting in dotnetfoundation (CVE-2025-67291). Risk of unauthorized operations or information disclosure.
CVE-2025-67418 Vulnerability in oxygenz (CVE-2025-67418)
vulnerability in oxygenz (CVE-2025-67418). Successful exploitation can lead to full system takeover.
CVE-2025-67288 Unrestricted File Upload in umbraco (CVE-2025-67288)
vulnerability in umbraco (CVE-2025-67288). Successful exploitation can lead to full system takeover.
CVE-2025-67289 Cross-Site Scripting (XSS) in frappe (CVE-2025-67289)
cross-site scripting in frappe (CVE-2025-67289). Successful exploitation can lead to full system takeover.
CVE-2023-52163 KEV [KEV] Vulnerability in Digiever ds-2105-pro (CVE-2023-52163)
vulnerability in Digiever ds-2105-pro (CVE-2023-52163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-1885 Open Redirect in restajet (CVE-2025-1885)
vulnerability in restajet (CVE-2025-1885). Risk of unauthorized operations or information disclosure.
CVE-2025-1927 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-1927)
vulnerability in csrf (CVE-2025-1927). Data can be tampered with by attackers.
CVE-2025-14733 KEV [KEV] Out-of-Bounds Write in Watchguard firebox (CVE-2025-14733)
out-of-bounds write in Watchguard firebox (CVE-2025-14733). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-65568 Out-of-Bounds Read in opennetworking (CVE-2025-65568)
vulnerability in opennetworking (CVE-2025-65568). Risk of unauthorized operations or information disclosure.
CVE-2025-56157 Vulnerability in langgenius (CVE-2025-56157)
vulnerability in langgenius (CVE-2025-56157). Successful exploitation can lead to full system takeover.
CVE-2025-7358 Vulnerability in utarit (CVE-2025-7358)
vulnerability in utarit (CVE-2025-7358). Confidential information can be exposed externally.
CVE-2025-7047 Vulnerability in utarit (CVE-2025-7047)
vulnerability in utarit (CVE-2025-7047). Risk of unauthorized operations or information disclosure.
CVE-2025-1029 Vulnerability in utarit (CVE-2025-1029)
vulnerability in utarit (CVE-2025-1029). Confidential information can be exposed externally.
CVE-2025-68463 XXE (XML External Entity) in CVE-2025-68463 (CVE-2025-68463)
vulnerability in CVE-2025-68463 (CVE-2025-68463). Risk of unauthorized operations or information disclosure.
CVE-2025-14347 Cross-Site Scripting (XSS) in CVE-2025-14347 (CVE-2025-14347)
cross-site scripting in CVE-2025-14347 (CVE-2025-14347). Confidential information can be exposed externally.
CVE-2025-20393 KEV [KEV] Vulnerability in Cisco multiple-products (CVE-2025-20393)
vulnerability in Cisco multiple-products (CVE-2025-20393). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-40602 KEV [KEV] Vulnerability in Sonicwall sma1000-appliance (CVE-2025-40602)
vulnerability in Sonicwall sma1000-appliance (CVE-2025-40602). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-59374 KEV [KEV] Vulnerability in Asus live-update (CVE-2025-59374)
vulnerability in Asus live-update (CVE-2025-59374). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-65318 Vulnerability in canarymail (CVE-2025-65318)
vulnerability in canarymail (CVE-2025-65318). Confidential information can be exposed externally.
CVE-2025-65319 Vulnerability in blixhq (CVE-2025-65319)
vulnerability in blixhq (CVE-2025-65319). Confidential information can be exposed externally.
CVE-2025-68065 Vulnerability in CVE-2025-68065 (CVE-2025-68065)
vulnerability in CVE-2025-68065 (CVE-2025-68065). Successful exploitation can lead to full system takeover.
CVE-2025-59718 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2025-59718)
vulnerability in Fortinet multiple-products (CVE-2025-59718). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2023-53888 Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
CVE-2025-11393 Vulnerability in CVE-2025-11393 (CVE-2025-11393)
vulnerability in CVE-2025-11393 (CVE-2025-11393). Confidential information can be exposed externally.
CVE-2025-66963 Information Disclosure in hitrontech (CVE-2025-66963)
vulnerability in hitrontech (CVE-2025-66963). Confidential information can be exposed externally.
CVE-2024-44599 FNT Command 13.4.0 is vulnerable to Directory Traversal.
FNT Command 13.4.0 is vulnerable to Directory Traversal.
CVE-2024-44598 FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.
CVE-2025-67906 Cross-Site Scripting (XSS) in misp-project (CVE-2025-67906)
cross-site scripting in misp-project (CVE-2025-67906). Risk of unauthorized operations or information disclosure.
CVE-2025-43529 KEV [KEV] Use-After-Free in Apple multiple-products (CVE-2025-43529)
vulnerability in Apple multiple-products (CVE-2025-43529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-14611 KEV [KEV] Vulnerability in Gladinet centrestack-and-triofox (CVE-2025-14611)
vulnerability in Gladinet centrestack-and-triofox (CVE-2025-14611). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-43511 Use-After-Free in apple (CVE-2025-43511)
vulnerability in apple (CVE-2025-43511). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →