Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-11182 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Mdaemon email-server (CVE-2024-11182)
cross-site scripting in Mdaemon email-server (CVE-2024-11182). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-4476 |
|
Vulnerability in CVE-2025-4476 (CVE-2025-4476)
vulnerability in CVE-2025-4476 (CVE-2025-4476). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4478 |
|
Vulnerability in dos (CVE-2025-4478)
vulnerability in dos (CVE-2025-4478). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-42999 KEV |
|
[KEV] Unsafe Deserialization in Sap netweaver (CVE-2025-42999)
vulnerability in Sap netweaver (CVE-2025-42999). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12987 KEV |
|
[KEV] OS Command Injection in Draytek vigor-routers (CVE-2024-12987)
OS command injection in Draytek vigor-routers (CVE-2024-12987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-46836 |
|
Vulnerability in c (CVE-2025-46836)
vulnerability in c (CVE-2025-46836). Risk of unauthorized operations or information disclosure. Exploitable via ``interface.c``.
|
| CVE-2025-25370 |
|
Information Disclosure in CVE-2025-25370 (CVE-2025-25370)
vulnerability in CVE-2025-25370 (CVE-2025-25370). Confidential information can be exposed externally.
|
| CVE-2025-0130 |
|
Vulnerability in paloaltonetworks (CVE-2025-0130)
vulnerability in paloaltonetworks (CVE-2025-0130). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-57273 |
|
Cross-Site Scripting (XSS) in netgate (CVE-2024-57273)
cross-site scripting in netgate (CVE-2024-57273). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-32756 KEV |
|
[KEV] Vulnerability in Fortinet multiple-products (CVE-2025-32756)
vulnerability in Fortinet multiple-products (CVE-2025-32756). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-4574 |
|
Vulnerability in CVE-2025-4574 (CVE-2025-4574)
vulnerability in CVE-2025-4574 (CVE-2025-4574). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``.
|
| CVE-2025-30386 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-30388 |
|
Vulnerability in microsoft (CVE-2025-30388)
vulnerability in microsoft (CVE-2025-30388). Successful exploitation can lead to full system takeover.
|
| CVE-2025-31223 |
|
Buffer Overflow in apple (CVE-2025-31223)
vulnerability in apple (CVE-2025-31223). Successful exploitation can lead to full system takeover.
|
| CVE-2025-32706 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-32706)
vulnerability in Microsoft windows (CVE-2025-32706). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-30397 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-30397)
vulnerability in Microsoft windows (CVE-2025-30397). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-32709 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2025-32709)
vulnerability in Microsoft windows (CVE-2025-32709). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-32701 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2025-32701)
vulnerability in Microsoft windows (CVE-2025-32701). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-30400 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2025-30400)
vulnerability in Microsoft windows (CVE-2025-30400). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-31257 |
|
Buffer Overflow in apple (CVE-2025-31257)
vulnerability in apple (CVE-2025-31257). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-47729 KEV |
|
[KEV] Vulnerability in Telemessage tm-sgnl (CVE-2025-47729)
vulnerability in Telemessage tm-sgnl (CVE-2025-47729). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-4526 |
|
Information Disclosure in digitro (CVE-2025-4526)
vulnerability in digitro (CVE-2025-4526). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-28200 |
|
Vulnerability in govicture (CVE-2025-28200)
vulnerability in govicture (CVE-2025-28200). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4382 |
|
Vulnerability in CVE-2025-4382 (CVE-2025-4382)
vulnerability in CVE-2025-4382 (CVE-2025-4382). Confidential information can be exposed externally.
|
| CVE-2025-31177 |
|
gnuplot is affected by a heap buffer overflow at function utf8_copy_one.
gnuplot is affected by a heap buffer overflow at function utf8_copy_one.
|
| CVE-2024-11120 KEV |
|
[KEV] OS Command Injection in Geovision multiple-devices (CVE-2024-11120)
OS command injection in Geovision multiple-devices (CVE-2024-11120). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-6047 KEV |
|
[KEV] OS Command Injection in Geovision multiple-devices (CVE-2024-6047)
OS command injection in Geovision multiple-devices (CVE-2024-6047). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-4373 |
|
Vulnerability in CVE-2025-4373 (CVE-2025-4373)
vulnerability in CVE-2025-4373 (CVE-2025-4373). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-0984 |
|
Cross-Site Scripting (XSS) in CVE-2025-0984 (CVE-2025-0984)
cross-site scripting in CVE-2025-0984 (CVE-2025-0984). Data can be tampered with by attackers.
|
| CVE-2025-27363 KEV |
|
[KEV] Out-of-Bounds Write in freetype (CVE-2025-27363)
out-of-bounds write in freetype (CVE-2025-27363). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-45236 |
|
Cross-Site Scripting (XSS) in dbsyncer-project (CVE-2025-45236)
cross-site scripting in dbsyncer-project (CVE-2025-45236). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-26241 |
|
SQL Injection in sqli (CVE-2025-26241)
SQL injection in sqli (CVE-2025-26241). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25504 |
|
Command Injection in niceforyou (CVE-2025-25504)
command injection in niceforyou (CVE-2025-25504). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-3248 KEV |
|
[KEV] Vulnerability in langflow (CVE-2025-3248)
vulnerability in langflow (CVE-2025-3248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-53133 |
|
Vulnerability in linux (CVE-2023-53133)
vulnerability in linux (CVE-2023-53133). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2421 |
|
Code Injection in felisify (CVE-2025-2421)
code injection in felisify (CVE-2025-2421). Successful exploitation can lead to full system takeover.
|
| CVE-2025-2488 |
|
Cross-Site Scripting (XSS) in felisify (CVE-2025-2488)
cross-site scripting in felisify (CVE-2025-2488). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-1301 |
|
Cross-Site Scripting (XSS) in yordam (CVE-2025-1301)
cross-site scripting in yordam (CVE-2025-1301). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2812 |
|
SQL Injection in sqli (CVE-2025-2812)
SQL injection in sqli (CVE-2025-2812). Successful exploitation can lead to full system takeover.
|
| CVE-2024-11142 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-11142)
vulnerability in csrf (CVE-2024-11142). Successful exploitation can lead to full system takeover.
|
| CVE-2024-58136 KEV |
|
[KEV] Vulnerability in Yiiframework yii (CVE-2024-58136)
vulnerability in Yiiframework yii (CVE-2024-58136). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-34028 KEV |
|
[KEV] Path Traversal in Commvault command-center (CVE-2025-34028)
path traversal in Commvault command-center (CVE-2025-34028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-49822 |
|
Vulnerability in linux (CVE-2022-49822)
vulnerability in linux (CVE-2022-49822). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-49803 |
|
Vulnerability in linux (CVE-2022-49803)
vulnerability in linux (CVE-2022-49803). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-23160 |
|
Vulnerability in linux (CVE-2025-23160)
vulnerability in linux (CVE-2025-23160). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-23143 |
|
Vulnerability in c (CVE-2025-23143)
vulnerability in c (CVE-2025-23143). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-44221 KEV |
|
[KEV] OS Command Injection in Sonicwall sma100-appliances (CVE-2023-44221)
OS command injection in Sonicwall sma100-appliances (CVE-2023-44221). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-38475 KEV |
|
[KEV] Vulnerability in Apache http-server (CVE-2024-38475)
vulnerability in Apache http-server (CVE-2024-38475). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-4035 |
|
Vulnerability in CVE-2025-4035 (CVE-2025-4035)
vulnerability in CVE-2025-4035 (CVE-2025-4035). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-31324 KEV |
|
[KEV] Unrestricted File Upload in Sap netweaver (CVE-2025-31324)
vulnerability in Sap netweaver (CVE-2025-31324). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|