Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2018-4063 KEV [KEV] Unrestricted File Upload in Sierra wireless sierra-wireless (CVE-2018-4063)
vulnerability in Sierra wireless sierra-wireless (CVE-2018-4063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-14174 KEV [KEV] Vulnerability in Google chromium (CVE-2025-14174)
vulnerability in Google chromium (CVE-2025-14174). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66585 Use-After-Free in azeotech (CVE-2025-66585)
vulnerability in azeotech (CVE-2025-66585). Successful exploitation can lead to full system takeover.
CVE-2025-66586 Vulnerability in azeotech (CVE-2025-66586)
vulnerability in azeotech (CVE-2025-66586). Successful exploitation can lead to full system takeover.
CVE-2025-66588 Vulnerability in azeotech (CVE-2025-66588)
vulnerability in azeotech (CVE-2025-66588). Successful exploitation can lead to full system takeover.
CVE-2025-66590 Out-of-Bounds Write in azeotech (CVE-2025-66590)
out-of-bounds write in azeotech (CVE-2025-66590). Successful exploitation can lead to full system takeover.
CVE-2025-13003 Vulnerability in CVE-2025-13003 (CVE-2025-13003)
vulnerability in CVE-2025-13003 (CVE-2025-13003). Data can be tampered with by attackers.
CVE-2025-13124 Vulnerability in CVE-2025-13124 (CVE-2025-13124)
vulnerability in CVE-2025-13124 (CVE-2025-13124). Data can be tampered with by attackers.
CVE-2025-14523 Vulnerability in CVE-2025-14523 (CVE-2025-14523)
vulnerability in CVE-2025-14523 (CVE-2025-14523). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2025-58360 KEV [KEV] XXE (XML External Entity) in Osgeo geoserver (CVE-2025-58360)
vulnerability in Osgeo geoserver (CVE-2025-58360). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-63895 Vulnerability in dos (CVE-2025-63895)
vulnerability in dos (CVE-2025-63895). Risk of unauthorized operations or information disclosure.
CVE-2025-65807 Vulnerability in chmln (CVE-2025-65807)
vulnerability in chmln (CVE-2025-65807). Successful exploitation can lead to full system takeover.
CVE-2025-7073 Vulnerability in c (CVE-2025-7073)
vulnerability in c (CVE-2025-7073). Successful exploitation can lead to full system takeover.
CVE-2025-1161 Vulnerability in privilege-escalation (CVE-2025-1161)
vulnerability in privilege-escalation (CVE-2025-1161). Successful exploitation can lead to full system takeover.
CVE-2025-61813 XXE (XML External Entity) in adobe (CVE-2025-61813)
vulnerability in adobe (CVE-2025-61813). Confidential information can be exposed externally.
CVE-2025-65594 Vulnerability in os4ed (CVE-2025-65594)
vulnerability in os4ed (CVE-2025-65594). Confidential information can be exposed externally.
CVE-2025-64666 Vulnerability in microsoft (CVE-2025-64666)
vulnerability in microsoft (CVE-2025-64666). Successful exploitation can lead to full system takeover.
CVE-2025-62557 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62554 Vulnerability in microsoft (CVE-2025-62554)
vulnerability in microsoft (CVE-2025-62554). Successful exploitation can lead to full system takeover.
CVE-2025-53679 OS Command Injection in fortinet (CVE-2025-53679)
OS command injection in fortinet (CVE-2025-53679). Successful exploitation can lead to full system takeover.
CVE-2025-56704 Unrestricted File Upload in lepton-cms (CVE-2025-56704)
vulnerability in lepton-cms (CVE-2025-56704). Successful exploitation can lead to full system takeover.
CVE-2025-6218 KEV [KEV] Path Traversal in Rarlab winrar (CVE-2025-6218)
path traversal in Rarlab winrar (CVE-2025-6218). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-62221 KEV [KEV] Use-After-Free in Microsoft windows (CVE-2025-62221)
vulnerability in Microsoft windows (CVE-2025-62221). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-65795 Vulnerability in usememos (CVE-2025-65795)
vulnerability in usememos (CVE-2025-65795). Data can be tampered with by attackers.
CVE-2025-65363 Command Injection in ruijie (CVE-2025-65363)
command injection in ruijie (CVE-2025-65363). Successful exploitation can lead to full system takeover.
CVE-2025-48615 Vulnerability in google (CVE-2025-48615)
vulnerability in google (CVE-2025-48615). Successful exploitation can lead to full system takeover.
CVE-2025-48612 Vulnerability in google (CVE-2025-48612)
vulnerability in google (CVE-2025-48612). Successful exploitation can lead to full system takeover.
CVE-2022-37055 KEV [KEV] Vulnerability in D-link routers (CVE-2022-37055)
vulnerability in D-link routers (CVE-2022-37055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66644 KEV [KEV] OS Command Injection in Array networks array-networks (CVE-2025-66644)
OS command injection in Array networks array-networks (CVE-2025-66644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-34291 KEV [KEV] Vulnerability in langflow (CVE-2025-34291)
vulnerability in langflow (CVE-2025-34291). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.7.0` or later.
CVE-2025-64053 Vulnerability in dos (CVE-2025-64053)
vulnerability in dos (CVE-2025-64053). Risk of unauthorized operations or information disclosure.
CVE-2025-64057 Path Traversal in path-traversal (CVE-2025-64057)
path traversal in path-traversal (CVE-2025-64057). Data can be tampered with by attackers.
CVE-2025-55182 KEV [KEV] Vulnerability in Meta react-server-components (CVE-2025-55182)
vulnerability in Meta react-server-components (CVE-2025-55182). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-63896 Vulnerability in jxlindia (CVE-2025-63896)
vulnerability in jxlindia (CVE-2025-63896). Data can be tampered with by attackers.
CVE-2025-66287 Vulnerability in CVE-2025-66287 (CVE-2025-66287)
vulnerability in CVE-2025-66287 (CVE-2025-66287). Successful exploitation can lead to full system takeover.
CVE-2025-57201 Command Injection in avtech (CVE-2025-57201)
command injection in avtech (CVE-2025-57201). Successful exploitation can lead to full system takeover.
CVE-2025-57198 Command Injection in avtech (CVE-2025-57198)
command injection in avtech (CVE-2025-57198). Successful exploitation can lead to full system takeover.
CVE-2025-57199 Command Injection in avtech (CVE-2025-57199)
command injection in avtech (CVE-2025-57199). Successful exploitation can lead to full system takeover.
CVE-2025-13947 Vulnerability in CVE-2025-13947 (CVE-2025-13947)
vulnerability in CVE-2025-13947 (CVE-2025-13947). Confidential information can be exposed externally.
CVE-2021-26828 KEV [KEV] Unrestricted File Upload in Openplc scadabr (CVE-2021-26828)
vulnerability in Openplc scadabr (CVE-2021-26828). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-13295 Vulnerability in argusteknoloji (CVE-2025-13295)
vulnerability in argusteknoloji (CVE-2025-13295). Confidential information can be exposed externally.
CVE-2025-48633 KEV [KEV] Vulnerability in Android framework (CVE-2025-48633)
vulnerability in Android framework (CVE-2025-48633). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-48572 KEV [KEV] Vulnerability in Android platform/frameworks/base (CVE-2025-48572)
vulnerability in Android platform/frameworks/base (CVE-2025-48572). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `14:2025-12-01` or later.
CVE-2025-63365 Path Traversal in path-traversal (CVE-2025-63365)
path traversal in path-traversal (CVE-2025-63365). Confidential information can be exposed externally.
CVE-2025-10101 Out-of-Bounds Read in CVE-2025-10101 (CVE-2025-10101)
vulnerability in CVE-2025-10101 (CVE-2025-10101). Successful exploitation can lead to full system takeover.
CVE-2025-8351 Vulnerability in CVE-2025-8351 (CVE-2025-8351)
vulnerability in CVE-2025-8351 (CVE-2025-8351). Successful exploitation can lead to full system takeover.
CVE-2025-61228 Vulnerability in shirt-pocket (CVE-2025-61228)
vulnerability in shirt-pocket (CVE-2025-61228). Successful exploitation can lead to full system takeover.
CVE-2025-61229 Vulnerability in shirt-pocket (CVE-2025-61229)
vulnerability in shirt-pocket (CVE-2025-61229). Successful exploitation can lead to full system takeover.
CVE-2025-57489 Vulnerability in shirt-pocket (CVE-2025-57489)
vulnerability in shirt-pocket (CVE-2025-57489). Successful exploitation can lead to full system takeover.
CVE-2021-26829 KEV [KEV] Cross-Site Scripting (XSS) in Openplc scadabr (CVE-2021-26829)
cross-site scripting in Openplc scadabr (CVE-2021-26829). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →