Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-47827 KEV |
|
[KEV] Vulnerability in igel (CVE-2025-47827)
vulnerability in igel (CVE-2025-47827). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-7836 KEV |
|
[KEV] Authentication Bypass in Skysea client-view (CVE-2016-7836)
authentication bypass in Skysea client-view (CVE-2016-7836). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-24990 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-24990)
vulnerability in Microsoft windows (CVE-2025-24990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-59230 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-59230)
vulnerability in Microsoft windows (CVE-2025-59230). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-43798 KEV |
|
[KEV] Path Traversal in Grafana labs grafana-labs (CVE-2021-43798)
path traversal in Grafana labs grafana-labs (CVE-2021-43798). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-27915 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-27915)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-27915). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-3765 KEV |
|
[KEV] Vulnerability in Mozilla multiple-products (CVE-2010-3765)
vulnerability in Mozilla multiple-products (CVE-2010-3765). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-61882 KEV |
|
[KEV] Vulnerability in Oracle e-business-suite (CVE-2025-61882)
vulnerability in Oracle e-business-suite (CVE-2025-61882). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-3962 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2010-3962)
vulnerability in Microsoft internet-explorer (CVE-2010-3962). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2011-3402 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2011-3402)
vulnerability in Microsoft windows (CVE-2011-3402). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22555 KEV |
|
[KEV] Out-of-Bounds Write in Linux kernel (CVE-2021-22555)
out-of-bounds write in Linux kernel (CVE-2021-22555). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3918 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2013-3918)
vulnerability in Microsoft windows (CVE-2013-3918). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-43226 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2021-43226)
vulnerability in Microsoft windows (CVE-2021-43226). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-22862 |
|
Vulnerability in fortinet (CVE-2025-22862)
vulnerability in fortinet (CVE-2025-22862). Successful exploitation can lead to full system takeover.
|
| CVE-2025-21043 KEV |
|
[KEV] Out-of-Bounds Write in Samsung mobile-devices (CVE-2025-21043)
out-of-bounds write in Samsung mobile-devices (CVE-2025-21043). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-6278 KEV |
|
[KEV] OS Command Injection in gnu (CVE-2014-6278)
OS command injection in gnu (CVE-2014-6278). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-7755 KEV |
|
[KEV] Authentication Bypass in Juniper screenos (CVE-2015-7755)
authentication bypass in Juniper screenos (CVE-2015-7755). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-4008 KEV |
|
[KEV] Vulnerability in Smartbedded meteobridge (CVE-2025-4008)
vulnerability in Smartbedded meteobridge (CVE-2025-4008). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-1000353 KEV |
|
[KEV] Vulnerability in jenkins (CVE-2017-1000353)
vulnerability in jenkins (CVE-2017-1000353). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-32463 KEV |
|
[KEV] Vulnerability in sudo (CVE-2025-32463)
vulnerability in sudo (CVE-2025-32463). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-59689 KEV |
|
[KEV] Command Injection in Libraesva email-security-gateway (CVE-2025-59689)
command injection in Libraesva email-security-gateway (CVE-2025-59689). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-10035 KEV |
|
[KEV] Unsafe Deserialization in Fortra goanywhere-mft (CVE-2025-10035)
vulnerability in Fortra goanywhere-mft (CVE-2025-10035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-20352 KEV |
|
[KEV] Vulnerability in Cisco ios-and-ios-xe (CVE-2025-20352)
vulnerability in Cisco ios-and-ios-xe (CVE-2025-20352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21311 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in adminer (CVE-2021-21311)
SSRF in adminer (CVE-2021-21311). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-20362 KEV |
|
[KEV] Vulnerability in Cisco secure-firewall-adaptive-security-appliance-and-secure-firewall-threat-defense (CVE-2025-20362)
vulnerability in Cisco secure-firewall-adaptive-security-appliance-and-secure-firewall-threat-defense (CVE-2025-20362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-20333 KEV |
|
[KEV] Vulnerability in Cisco secure-firewall-adaptive-security-appliance-and-secure-firewall-threat-defense (CVE-2025-20333)
vulnerability in Cisco secure-firewall-adaptive-security-appliance-and-secure-firewall-threat-defense (CVE-2025-20333). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-10585 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2025-10585)
vulnerability in Google chromium-v8 (CVE-2025-10585). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-55885 |
|
SQL Injection in sqli (CVE-2025-55885)
SQL injection in sqli (CVE-2025-55885). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-57145 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2025-57145)
cross-site scripting in phpgurukul (CVE-2025-57145). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56295 |
|
Unrestricted File Upload in carmelo (CVE-2025-56295)
vulnerability in carmelo (CVE-2025-56295). Confidential information can be exposed externally.
|
| CVE-2025-57119 |
|
Vulnerability in phpgurukul (CVE-2025-57119)
vulnerability in phpgurukul (CVE-2025-57119). Successful exploitation can lead to full system takeover.
|
| CVE-2025-43368 |
|
Use-After-Free in apple (CVE-2025-43368)
vulnerability in apple (CVE-2025-43368). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-43357 |
|
Vulnerability in apple (CVE-2025-43357)
vulnerability in apple (CVE-2025-43357). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-57117 |
|
Cross-Site Scripting (XSS) in remyandrade (CVE-2025-57117)
cross-site scripting in remyandrade (CVE-2025-57117). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-5086 KEV |
|
[KEV] Unsafe Deserialization in Dassault systèmes dassault-systemes (CVE-2025-5086)
vulnerability in Dassault systèmes dassault-systemes (CVE-2025-5086). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-53799 |
|
Vulnerability in microsoft (CVE-2025-53799)
vulnerability in microsoft (CVE-2025-53799). Confidential information can be exposed externally.
|
| CVE-2025-55849 |
|
SQL Injection in sqli (CVE-2025-55849)
SQL injection in sqli (CVE-2025-55849). Successful exploitation can lead to full system takeover.
|
| CVE-2025-48543 KEV |
|
[KEV] Vulnerability in Android runtime (CVE-2025-48543)
vulnerability in Android runtime (CVE-2025-48543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-38352 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2025-38352)
vulnerability in Linux kernel (CVE-2025-38352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-53690 KEV |
|
[KEV] Unsafe Deserialization in Sitecore multiple-products (CVE-2025-53690)
vulnerability in Sitecore multiple-products (CVE-2025-53690). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-9377 KEV |
|
[KEV] OS Command Injection in Tp-link multiple-routers (CVE-2025-9377)
OS command injection in Tp-link multiple-routers (CVE-2025-9377). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-50224 KEV |
|
[KEV] Vulnerability in Tp-link tl-wr841n (CVE-2023-50224)
vulnerability in Tp-link tl-wr841n (CVE-2023-50224). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-24363 KEV |
|
[KEV] Vulnerability in Tp-link tl-wa855re (CVE-2020-24363)
vulnerability in Tp-link tl-wa855re (CVE-2020-24363). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-55177 KEV |
|
[KEV] Authorization Flaw in Meta platforms meta-platforms (CVE-2025-55177)
vulnerability in Meta platforms meta-platforms (CVE-2025-55177). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-57819 KEV |
|
[KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
SQL injection in Sangoma freepbx (CVE-2025-57819). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-55422 |
|
In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
|
| CVE-2025-56432 |
|
Cross-Site Scripting (XSS) in nagios (CVE-2025-56432)
cross-site scripting in nagios (CVE-2025-56432). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7775 KEV |
|
[KEV] Buffer Overflow in Citrix netscaler (CVE-2025-7775)
vulnerability in Citrix netscaler (CVE-2025-7775). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-55409 |
|
Cross-Site Scripting (XSS) in foxcms (CVE-2025-55409)
cross-site scripting in foxcms (CVE-2025-55409). Successful exploitation can lead to full system takeover.
|
| CVE-2024-8068 KEV |
|
[KEV] Privilege Escalation in Citrix session-recording (CVE-2024-8068)
vulnerability in Citrix session-recording (CVE-2024-8068). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|