Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2025-65518 Vulnerability in dos (CVE-2025-65518)
vulnerability in dos (CVE-2025-65518). Risk of unauthorized operations or information disclosure.
CVE-2009-0556 KEV [KEV] Code Injection in Microsoft office (CVE-2009-0556)
code injection in Microsoft office (CVE-2009-0556). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-37164 KEV [KEV] Code Injection in Hewlett packard enterprise (hpe) hewlett-packard-enterprise-hpe (CVE-2025-37164)
code injection in Hewlett packard enterprise (hpe) hewlett-packard-enterprise-hpe (CVE-2025-37164). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-59381 Path Traversal in path-traversal (CVE-2025-59381)
path traversal in path-traversal (CVE-2025-59381). Confidential information can be exposed externally.
CVE-2025-14847 KEV [KEV] Vulnerability in mongodb (CVE-2025-14847)
vulnerability in mongodb (CVE-2025-14847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-52163 KEV [KEV] Vulnerability in Digiever ds-2105-pro (CVE-2023-52163)
vulnerability in Digiever ds-2105-pro (CVE-2023-52163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-14733 KEV [KEV] Out-of-Bounds Write in Watchguard firebox (CVE-2025-14733)
out-of-bounds write in Watchguard firebox (CVE-2025-14733). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-20393 KEV [KEV] Vulnerability in Cisco multiple-products (CVE-2025-20393)
vulnerability in Cisco multiple-products (CVE-2025-20393). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-40602 KEV [KEV] Vulnerability in Sonicwall sma1000-appliance (CVE-2025-40602)
vulnerability in Sonicwall sma1000-appliance (CVE-2025-40602). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-59374 KEV [KEV] Vulnerability in Asus live-update (CVE-2025-59374)
vulnerability in Asus live-update (CVE-2025-59374). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-68065 Vulnerability in CVE-2025-68065 (CVE-2025-68065)
vulnerability in CVE-2025-68065 (CVE-2025-68065). Successful exploitation can lead to full system takeover.
CVE-2025-59718 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2025-59718)
vulnerability in Fortinet multiple-products (CVE-2025-59718). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2023-53888 Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
CVE-2025-43529 KEV [KEV] Use-After-Free in Apple multiple-products (CVE-2025-43529)
vulnerability in Apple multiple-products (CVE-2025-43529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-14611 KEV [KEV] Vulnerability in Gladinet centrestack-and-triofox (CVE-2025-14611)
vulnerability in Gladinet centrestack-and-triofox (CVE-2025-14611). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-43511 Use-After-Free in apple (CVE-2025-43511)
vulnerability in apple (CVE-2025-43511). Risk of unauthorized operations or information disclosure.
CVE-2025-14174 KEV [KEV] Vulnerability in Google chromium (CVE-2025-14174)
vulnerability in Google chromium (CVE-2025-14174). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-4063 KEV [KEV] Unrestricted File Upload in Sierra wireless sierra-wireless (CVE-2018-4063)
vulnerability in Sierra wireless sierra-wireless (CVE-2018-4063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-58360 KEV [KEV] XXE (XML External Entity) in Osgeo geoserver (CVE-2025-58360)
vulnerability in Osgeo geoserver (CVE-2025-58360). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61821 XXE (XML External Entity) in adobe (CVE-2025-61821)
vulnerability in adobe (CVE-2025-61821). Confidential information can be exposed externally.
CVE-2025-64898 Vulnerability in adobe (CVE-2025-64898)
vulnerability in adobe (CVE-2025-64898). Risk of unauthorized operations or information disclosure.
CVE-2025-61813 XXE (XML External Entity) in adobe (CVE-2025-61813)
vulnerability in adobe (CVE-2025-61813). Confidential information can be exposed externally.
CVE-2025-65594 Vulnerability in os4ed (CVE-2025-65594)
vulnerability in os4ed (CVE-2025-65594). Confidential information can be exposed externally.
CVE-2025-64667 Vulnerability in microsoft (CVE-2025-64667)
vulnerability in microsoft (CVE-2025-64667). Risk of unauthorized operations or information disclosure.
CVE-2025-64666 Vulnerability in microsoft (CVE-2025-64666)
vulnerability in microsoft (CVE-2025-64666). Successful exploitation can lead to full system takeover.
CVE-2025-62557 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62554 Vulnerability in microsoft (CVE-2025-62554)
vulnerability in microsoft (CVE-2025-62554). Successful exploitation can lead to full system takeover.
CVE-2025-59719 Vulnerability in fortinet (CVE-2025-59719)
vulnerability in fortinet (CVE-2025-59719). Successful exploitation can lead to full system takeover.
CVE-2025-61078 Cross-Site Scripting (XSS) in phpipam (CVE-2025-61078)
cross-site scripting in phpipam (CVE-2025-61078). Risk of unauthorized operations or information disclosure.
CVE-2025-56704 Unrestricted File Upload in lepton-cms (CVE-2025-56704)
vulnerability in lepton-cms (CVE-2025-56704). Successful exploitation can lead to full system takeover.
CVE-2025-6218 KEV [KEV] Path Traversal in Rarlab winrar (CVE-2025-6218)
path traversal in Rarlab winrar (CVE-2025-6218). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-62221 KEV [KEV] Use-After-Free in Microsoft windows (CVE-2025-62221)
vulnerability in Microsoft windows (CVE-2025-62221). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-37055 KEV [KEV] Vulnerability in D-link routers (CVE-2022-37055)
vulnerability in D-link routers (CVE-2022-37055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66644 KEV [KEV] OS Command Injection in Array networks array-networks (CVE-2025-66644)
OS command injection in Array networks array-networks (CVE-2025-66644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-34291 KEV [KEV] Vulnerability in langflow (CVE-2025-34291)
vulnerability in langflow (CVE-2025-34291). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.7.0` or later.
CVE-2025-55182 KEV [KEV] Vulnerability in Meta react-server-components (CVE-2025-55182)
vulnerability in Meta react-server-components (CVE-2025-55182). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-26828 KEV [KEV] Unrestricted File Upload in Openplc scadabr (CVE-2021-26828)
vulnerability in Openplc scadabr (CVE-2021-26828). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-65955 Vulnerability in imagemagick (CVE-2025-65955)
vulnerability in imagemagick (CVE-2025-65955). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.1.2-9` or later.
CVE-2025-48572 KEV [KEV] Vulnerability in Android platform/frameworks/base (CVE-2025-48572)
vulnerability in Android platform/frameworks/base (CVE-2025-48572). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `14:2025-12-01` or later.
CVE-2025-48633 KEV [KEV] Vulnerability in Android framework (CVE-2025-48633)
vulnerability in Android framework (CVE-2025-48633). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-26829 KEV [KEV] Cross-Site Scripting (XSS) in Openplc scadabr (CVE-2021-26829)
cross-site scripting in Openplc scadabr (CVE-2021-26829). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61168 Unsafe Deserialization in sigb (CVE-2025-61168)
vulnerability in sigb (CVE-2025-61168). Successful exploitation can lead to full system takeover.
CVE-2025-61167 SQL Injection in sqli (CVE-2025-61167)
SQL injection in sqli (CVE-2025-61167). Risk of unauthorized operations or information disclosure.
CVE-2025-64048 Cross-Site Scripting (XSS) in yccms (CVE-2025-64048)
cross-site scripting in yccms (CVE-2025-64048). Risk of unauthorized operations or information disclosure.
CVE-2025-64047 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
CVE-2025-61757 KEV [KEV] Vulnerability in Oracle fusion-middleware (CVE-2025-61757)
vulnerability in Oracle fusion-middleware (CVE-2025-61757). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-13223 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2025-13223)
vulnerability in Google chromium-v8 (CVE-2025-13223). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-58413 Vulnerability in fortinet (CVE-2025-58413)
vulnerability in fortinet (CVE-2025-58413). Successful exploitation can lead to full system takeover.
CVE-2025-54821 Privilege Escalation in fortinet (CVE-2025-54821)
vulnerability in fortinet (CVE-2025-54821). Risk of unauthorized operations or information disclosure.
CVE-2025-53843 Vulnerability in fortinet (CVE-2025-53843)
vulnerability in fortinet (CVE-2025-53843). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →