Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2025-63892 Cross-Site Scripting (XSS) in remyandrade (CVE-2025-63892)
cross-site scripting in remyandrade (CVE-2025-63892). Successful exploitation can lead to full system takeover.
CVE-2025-58034 KEV [KEV] OS Command Injection in Fortinet fortiweb (CVE-2025-58034)
OS command injection in Fortinet fortiweb (CVE-2025-58034). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-63748 Unrestricted File Upload in testmanagement (CVE-2025-63748)
vulnerability in testmanagement (CVE-2025-63748). Successful exploitation can lead to full system takeover.
CVE-2025-64046 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
CVE-2025-64446 KEV [KEV] Vulnerability in Fortinet fortiweb (CVE-2025-64446)
vulnerability in Fortinet fortiweb (CVE-2025-64446). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-62215 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-62215)
vulnerability in Microsoft windows (CVE-2025-62215). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-12480 KEV [KEV] Vulnerability in Gladinet triofox (CVE-2025-12480)
vulnerability in Gladinet triofox (CVE-2025-12480). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-9242 KEV [KEV] Out-of-Bounds Write in Watchguard firebox (CVE-2025-9242)
out-of-bounds write in Watchguard firebox (CVE-2025-9242). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-62199 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60724 Vulnerability in microsoft (CVE-2025-60724)
vulnerability in microsoft (CVE-2025-60724). Successful exploitation can lead to full system takeover.
CVE-2025-21042 KEV [KEV] Out-of-Bounds Write in Samsung mobile-devices (CVE-2025-21042)
out-of-bounds write in Samsung mobile-devices (CVE-2025-21042). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-43438 Use-After-Free in apple (CVE-2025-43438)
vulnerability in apple (CVE-2025-43438). Risk of unauthorized operations or information disclosure.
CVE-2025-43433 Out-of-Bounds Write in apple (CVE-2025-43433)
out-of-bounds write in apple (CVE-2025-43433). Successful exploitation can lead to full system takeover.
CVE-2025-43441 Buffer Overflow in apple (CVE-2025-43441)
vulnerability in apple (CVE-2025-43441). Risk of unauthorized operations or information disclosure.
CVE-2025-43407 This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS...
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS...
CVE-2025-48703 KEV [KEV] OS Command Injection in Cwp control-web-panel (CVE-2025-48703)
OS command injection in Cwp control-web-panel (CVE-2025-48703). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-11371 KEV [KEV] Vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371)
vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24893 KEV [KEV] Vulnerability in Xwiki platform (CVE-2025-24893)
vulnerability in Xwiki platform (CVE-2025-24893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-41244 KEV [KEV] Vulnerability in Broadcom vmware-aria-operations-and-vmware-tools (CVE-2025-41244)
vulnerability in Broadcom vmware-aria-operations-and-vmware-tools (CVE-2025-41244). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
CVE-2025-6205 KEV [KEV] Vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205)
vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-6204 KEV [KEV] Code Injection in Dassault systèmes dassault-systemes (CVE-2025-6204)
code injection in Dassault systèmes dassault-systemes (CVE-2025-6204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61795 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.110, 10.1.47, 11.0.12` or later.
CVE-2025-55754 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
CVE-2025-55752 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
CVE-2025-54236 KEV [KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2025-59287 KEV [KEV] Unsafe Deserialization in Microsoft windows (CVE-2025-59287)
vulnerability in Microsoft windows (CVE-2025-59287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-11023 Vulnerability in CVE-2025-11023 (CVE-2025-11023)
vulnerability in CVE-2025-11023 (CVE-2025-11023). Successful exploitation can lead to full system takeover.
CVE-2025-61932 KEV [KEV] Vulnerability in Motex lanscope-endpoint-manager (CVE-2025-61932)
vulnerability in Motex lanscope-endpoint-manager (CVE-2025-61932). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-60511 Vulnerability in CVE-2025-60511 (CVE-2025-60511)
vulnerability in CVE-2025-60511 (CVE-2025-60511). Risk of unauthorized operations or information disclosure.
CVE-2025-33073 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-33073)
vulnerability in Microsoft windows (CVE-2025-33073). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2022-48503 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2022-48503)
vulnerability in Apple multiple-products (CVE-2022-48503). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61884 KEV [KEV] SSRF (Server-Side Request Forgery) in Oracle e-business-suite (CVE-2025-61884)
SSRF in Oracle e-business-suite (CVE-2025-61884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2747 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2747)
vulnerability in Kentico xperience-cms (CVE-2025-2747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2746 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2746)
vulnerability in Kentico xperience-cms (CVE-2025-2746). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-57567 Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
CVE-2025-60641 SQL Injection in sqli (CVE-2025-60641)
SQL injection in sqli (CVE-2025-60641). Risk of unauthorized operations or information disclosure.
CVE-2025-34512 Cross-Site Scripting (XSS) in ilevia (CVE-2025-34512)
cross-site scripting in ilevia (CVE-2025-34512). Risk of unauthorized operations or information disclosure.
CVE-2025-54253 KEV [KEV] Vulnerability in Adobe experience-manager-aem-forms (CVE-2025-54253)
vulnerability in Adobe experience-manager-aem-forms (CVE-2025-54253). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-59249 Vulnerability in microsoft (CVE-2025-59249)
vulnerability in microsoft (CVE-2025-59249). Successful exploitation can lead to full system takeover.
CVE-2025-59248 Vulnerability in microsoft (CVE-2025-59248)
vulnerability in microsoft (CVE-2025-59248). Confidential information can be exposed externally.
CVE-2025-59234 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59227 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53782 Vulnerability in microsoft (CVE-2025-53782)
vulnerability in microsoft (CVE-2025-53782). Successful exploitation can lead to full system takeover.
CVE-2025-57740 Vulnerability in fortinet (CVE-2025-57740)
vulnerability in fortinet (CVE-2025-57740). Successful exploitation can lead to full system takeover.
CVE-2025-58903 Vulnerability in fortinet (CVE-2025-58903)
vulnerability in fortinet (CVE-2025-58903). Risk of unauthorized operations or information disclosure.
CVE-2025-47890 Open Redirect in fortinet (CVE-2025-47890)
vulnerability in fortinet (CVE-2025-47890). Risk of unauthorized operations or information disclosure.
CVE-2025-31514 Vulnerability in fortinet (CVE-2025-31514)
vulnerability in fortinet (CVE-2025-31514). Risk of unauthorized operations or information disclosure.
CVE-2025-31366 Cross-Site Scripting (XSS) in fortinet (CVE-2025-31366)
cross-site scripting in fortinet (CVE-2025-31366). Risk of unauthorized operations or information disclosure.
CVE-2025-25253 Vulnerability in fortinet (CVE-2025-25253)
vulnerability in fortinet (CVE-2025-25253). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →