Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2025-24016 KEV [KEV] Unsafe Deserialization in wazuh (CVE-2025-24016)
vulnerability in wazuh (CVE-2025-24016). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-33053 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-33053)
vulnerability in Microsoft windows (CVE-2025-33053). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-5917 Out-of-Bounds Write in libarchive (CVE-2025-5917)
out-of-bounds write in libarchive (CVE-2025-5917). Risk of unauthorized operations or information disclosure.
CVE-2025-5918 Out-of-Bounds Read in libarchive (CVE-2025-5918)
vulnerability in libarchive (CVE-2025-5918). Risk of unauthorized operations or information disclosure.
CVE-2025-5916 Vulnerability in libarchive (CVE-2025-5916)
vulnerability in libarchive (CVE-2025-5916). Risk of unauthorized operations or information disclosure.
CVE-2025-5914 Vulnerability in libarchive (CVE-2025-5914)
vulnerability in libarchive (CVE-2025-5914). Successful exploitation can lead to full system takeover.
CVE-2025-5915 Vulnerability in dos (CVE-2025-5915)
vulnerability in dos (CVE-2025-5915). Confidential information can be exposed externally.
CVE-2025-46041 Cross-Site Scripting (XSS) in anchorcms (CVE-2025-46041)
cross-site scripting in anchorcms (CVE-2025-46041). Risk of unauthorized operations or information disclosure.
CVE-2025-47711 Vulnerability in nbdkit-project (CVE-2025-47711)
vulnerability in nbdkit-project (CVE-2025-47711). Risk of unauthorized operations or information disclosure.
CVE-2025-47712 Vulnerability in dos (CVE-2025-47712)
vulnerability in dos (CVE-2025-47712). Risk of unauthorized operations or information disclosure.
CVE-2024-42009 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2024-42009)
cross-site scripting in Roundcube webmail (CVE-2024-42009). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-32433 KEV [KEV] Vulnerability in erlang (CVE-2025-32433)
vulnerability in erlang (CVE-2025-32433). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-0620 Vulnerability in samba (CVE-2025-0620)
vulnerability in samba (CVE-2025-0620). Confidential information can be exposed externally.
CVE-2025-5419 KEV [KEV] Out-of-Bounds Read in Google chromium-v8 (CVE-2025-5419)
vulnerability in Google chromium-v8 (CVE-2025-5419). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-5521 Cross-Site Request Forgery (CSRF) in 5kcrm (CVE-2025-5521)
vulnerability in 5kcrm (CVE-2025-5521). Risk of unauthorized operations or information disclosure.
CVE-2025-44148 Cross-Site Scripting (XSS) in mailenable (CVE-2025-44148)
cross-site scripting in mailenable (CVE-2025-44148). Successful exploitation can lead to full system takeover.
CVE-2025-27038 KEV [KEV] Use-After-Free in Qualcomm multiple-chipsets (CVE-2025-27038)
vulnerability in Qualcomm multiple-chipsets (CVE-2025-27038). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-21479 KEV [KEV] Authorization Flaw in Qualcomm multiple-chipsets (CVE-2025-21479)
vulnerability in Qualcomm multiple-chipsets (CVE-2025-21479). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-21480 KEV [KEV] Authorization Flaw in Qualcomm multiple-chipsets (CVE-2025-21480)
vulnerability in Qualcomm multiple-chipsets (CVE-2025-21480). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-56145 KEV [KEV] Code Injection in Craft cms craft-cms (CVE-2024-56145)
code injection in Craft cms craft-cms (CVE-2024-56145). Risk of unauthorized operations or information disclosure. Exploitable via ``register_argc_argv``. Listed in CISA KEV — actively exploited.
CVE-2021-32030 KEV [KEV] Authentication Bypass in Asus routers (CVE-2021-32030)
authentication bypass in Asus routers (CVE-2021-32030). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-3935 KEV [KEV] Authentication Bypass in Connectwise screenconnect (CVE-2025-3935)
authentication bypass in Connectwise screenconnect (CVE-2025-3935). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-35939 KEV [KEV] Vulnerability in Craft cms craft-cms (CVE-2025-35939)
vulnerability in Craft cms craft-cms (CVE-2025-35939). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-39780 KEV [KEV] OS Command Injection in Asus rt-ax55-routers (CVE-2023-39780)
OS command injection in Asus rt-ax55-routers (CVE-2023-39780). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-44619 Vulnerability in tinxy (CVE-2025-44619)
vulnerability in tinxy (CVE-2025-44619). Confidential information can be exposed externally.
CVE-2025-5276 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-5276)
SSRF in ssrf (CVE-2025-5276). Confidential information can be exposed externally.
CVE-2025-45343 Vulnerability in tenda (CVE-2025-45343)
vulnerability in tenda (CVE-2025-45343). Successful exploitation can lead to full system takeover.
CVE-2025-5222 Vulnerability in unicode (CVE-2025-5222)
vulnerability in unicode (CVE-2025-5222). Successful exploitation can lead to full system takeover.
CVE-2025-5278 Vulnerability in CVE-2025-5278 (CVE-2025-5278)
vulnerability in CVE-2025-5278 (CVE-2025-5278). Risk of unauthorized operations or information disclosure.
CVE-2025-5245 Buffer Overflow in c (CVE-2025-5245)
vulnerability in c (CVE-2025-5245). Risk of unauthorized operations or information disclosure.
CVE-2025-48798 Use-After-Free in CVE-2025-48798 (CVE-2025-48798)
vulnerability in CVE-2025-48798 (CVE-2025-48798). Successful exploitation can lead to full system takeover.
CVE-2025-48797 Vulnerability in CVE-2025-48797 (CVE-2025-48797)
vulnerability in CVE-2025-48797 (CVE-2025-48797). Successful exploitation can lead to full system takeover.
CVE-2025-48796 Vulnerability in CVE-2025-48796 (CVE-2025-48796)
vulnerability in CVE-2025-48796 (CVE-2025-48796). Successful exploitation can lead to full system takeover.
CVE-2025-5244 Buffer Overflow in c (CVE-2025-5244)
vulnerability in c (CVE-2025-5244). Risk of unauthorized operations or information disclosure.
CVE-2025-5024 Vulnerability in CVE-2025-5024 (CVE-2025-5024)
vulnerability in CVE-2025-5024 (CVE-2025-5024). Risk of unauthorized operations or information disclosure.
CVE-2025-4632 KEV [KEV] Path Traversal in Samsung magicinfo-9-server (CVE-2025-4632)
path traversal in Samsung magicinfo-9-server (CVE-2025-4632). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-57529 Cross-Site Scripting (XSS) in jeppesen (CVE-2024-57529)
cross-site scripting in jeppesen (CVE-2024-57529). Risk of unauthorized operations or information disclosure.
CVE-2025-4969 Out-of-Bounds Read in CVE-2025-4969 (CVE-2025-4969)
vulnerability in CVE-2025-4969 (CVE-2025-4969). Risk of unauthorized operations or information disclosure.
CVE-2025-37972 Vulnerability in linux (CVE-2025-37972)
vulnerability in linux (CVE-2025-37972). Risk of unauthorized operations or information disclosure.
CVE-2025-37968 Vulnerability in linux (CVE-2025-37968)
vulnerability in linux (CVE-2025-37968). Risk of unauthorized operations or information disclosure.
CVE-2025-37980 Vulnerability in linux (CVE-2025-37980)
vulnerability in linux (CVE-2025-37980). Risk of unauthorized operations or information disclosure.
CVE-2025-37945 Vulnerability in c (CVE-2025-37945)
vulnerability in c (CVE-2025-37945). Risk of unauthorized operations or information disclosure.
CVE-2025-37909 Vulnerability in linux (CVE-2025-37909)
vulnerability in linux (CVE-2025-37909). Risk of unauthorized operations or information disclosure. Exploitable via ``skb``.
CVE-2025-4945 Vulnerability in CVE-2025-4945 (CVE-2025-4945)
vulnerability in CVE-2025-4945 (CVE-2025-4945). Risk of unauthorized operations or information disclosure.
CVE-2025-4948 Vulnerability in dos (CVE-2025-4948)
vulnerability in dos (CVE-2025-4948). Risk of unauthorized operations or information disclosure.
CVE-2025-4427 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-4428 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4428)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4428). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38950 KEV [KEV] Path Traversal in Zkteco biotime (CVE-2023-38950)
path traversal in Zkteco biotime (CVE-2023-38950). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2025-27920 KEV [KEV] Path Traversal in Srimax output-messenger (CVE-2025-27920)
path traversal in Srimax output-messenger (CVE-2025-27920). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-27443 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2024-27443)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2024-27443). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →