Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-6205 KEV |
|
[KEV] Vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205)
vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-61795 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.110, 10.1.47, 11.0.12` or later.
|
| CVE-2025-55752 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
|
| CVE-2025-55754 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
|
| CVE-2025-54236 KEV |
|
[KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2025-59287 KEV |
|
[KEV] Unsafe Deserialization in Microsoft windows (CVE-2025-59287)
vulnerability in Microsoft windows (CVE-2025-59287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-11023 |
|
Vulnerability in CVE-2025-11023 (CVE-2025-11023)
vulnerability in CVE-2025-11023 (CVE-2025-11023). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61932 KEV |
|
[KEV] Vulnerability in Motex lanscope-endpoint-manager (CVE-2025-61932)
vulnerability in Motex lanscope-endpoint-manager (CVE-2025-61932). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-60511 |
|
Vulnerability in CVE-2025-60511 (CVE-2025-60511)
vulnerability in CVE-2025-60511 (CVE-2025-60511). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40005 |
|
Vulnerability in linux (CVE-2025-40005)
vulnerability in linux (CVE-2025-40005). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-48503 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2022-48503)
vulnerability in Apple multiple-products (CVE-2022-48503). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-33073 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-33073)
vulnerability in Microsoft windows (CVE-2025-33073). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-2746 KEV |
|
[KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2746)
vulnerability in Kentico xperience-cms (CVE-2025-2746). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-2747 KEV |
|
[KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2747)
vulnerability in Kentico xperience-cms (CVE-2025-2747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-61884 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Oracle e-business-suite (CVE-2025-61884)
SSRF in Oracle e-business-suite (CVE-2025-61884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-57567 |
|
Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60641 |
|
SQL Injection in sqli (CVE-2025-60641)
SQL injection in sqli (CVE-2025-60641). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-34512 |
|
Cross-Site Scripting (XSS) in ilevia (CVE-2025-34512)
cross-site scripting in ilevia (CVE-2025-34512). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11840 |
|
Buffer Overflow in c (CVE-2025-11840)
vulnerability in c (CVE-2025-11840). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11839 |
|
Vulnerability in c (CVE-2025-11839)
vulnerability in c (CVE-2025-11839). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-54253 KEV |
|
[KEV] Vulnerability in Adobe experience-manager-aem-forms (CVE-2025-54253)
vulnerability in Adobe experience-manager-aem-forms (CVE-2025-54253). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-59249 |
|
Vulnerability in microsoft (CVE-2025-59249)
vulnerability in microsoft (CVE-2025-59249). Successful exploitation can lead to full system takeover.
|
| CVE-2025-59248 |
|
Vulnerability in microsoft (CVE-2025-59248)
vulnerability in microsoft (CVE-2025-59248). Confidential information can be exposed externally.
|
| CVE-2025-59234 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-59227 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-53782 |
|
Vulnerability in microsoft (CVE-2025-53782)
vulnerability in microsoft (CVE-2025-53782). Successful exploitation can lead to full system takeover.
|
| CVE-2025-57740 |
|
Vulnerability in fortinet (CVE-2025-57740)
vulnerability in fortinet (CVE-2025-57740). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58903 |
|
Vulnerability in fortinet (CVE-2025-58903)
vulnerability in fortinet (CVE-2025-58903). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-47890 |
|
Open Redirect in fortinet (CVE-2025-47890)
vulnerability in fortinet (CVE-2025-47890). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-31366 |
|
Cross-Site Scripting (XSS) in fortinet (CVE-2025-31366)
cross-site scripting in fortinet (CVE-2025-31366). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-31514 |
|
Vulnerability in fortinet (CVE-2025-31514)
vulnerability in fortinet (CVE-2025-31514). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25253 |
|
Vulnerability in fortinet (CVE-2025-25253)
vulnerability in fortinet (CVE-2025-25253). Successful exploitation can lead to full system takeover.
|
| CVE-2025-47827 KEV |
|
[KEV] Vulnerability in igel (CVE-2025-47827)
vulnerability in igel (CVE-2025-47827). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-7836 KEV |
|
[KEV] Authentication Bypass in Skysea client-view (CVE-2016-7836)
authentication bypass in Skysea client-view (CVE-2016-7836). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-24990 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-24990)
vulnerability in Microsoft windows (CVE-2025-24990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-59230 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-59230)
vulnerability in Microsoft windows (CVE-2025-59230). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-11570 |
|
Cross-Site Scripting (XSS) in drupal (CVE-2025-11570)
cross-site scripting in drupal (CVE-2025-11570). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-43798 KEV |
|
[KEV] Path Traversal in Grafana labs grafana-labs (CVE-2021-43798)
path traversal in Grafana labs grafana-labs (CVE-2021-43798). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-11494 |
|
Buffer Overflow in c (CVE-2025-11494)
vulnerability in c (CVE-2025-11494). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11495 |
|
Buffer Overflow in c (CVE-2025-11495)
vulnerability in c (CVE-2025-11495). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11414 |
|
Buffer Overflow in c (CVE-2025-11414)
vulnerability in c (CVE-2025-11414). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11412 |
|
Buffer Overflow in c (CVE-2025-11412)
vulnerability in c (CVE-2025-11412). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11413 |
|
Buffer Overflow in c (CVE-2025-11413)
vulnerability in c (CVE-2025-11413). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-53629 |
|
Use-After-Free in linux (CVE-2023-53629)
vulnerability in linux (CVE-2023-53629). Successful exploitation can lead to full system takeover.
|
| CVE-2022-50552 |
|
Use-After-Free in linux (CVE-2022-50552)
vulnerability in linux (CVE-2022-50552). Successful exploitation can lead to full system takeover.
|
| CVE-2025-27915 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-27915)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-27915). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-3765 KEV |
|
[KEV] Vulnerability in Mozilla multiple-products (CVE-2010-3765)
vulnerability in Mozilla multiple-products (CVE-2010-3765). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-61882 KEV |
|
[KEV] Vulnerability in Oracle e-business-suite (CVE-2025-61882)
vulnerability in Oracle e-business-suite (CVE-2025-61882). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22555 KEV |
|
[KEV] Out-of-Bounds Write in Linux kernel (CVE-2021-22555)
out-of-bounds write in Linux kernel (CVE-2021-22555). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-3962 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2010-3962)
vulnerability in Microsoft internet-explorer (CVE-2010-3962). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|