Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-65672 |
|
Vulnerability in classroomio (CVE-2025-65672)
vulnerability in classroomio (CVE-2025-65672). Confidential information can be exposed externally.
|
| CVE-2025-13601 |
|
Vulnerability in redhat (CVE-2025-13601)
vulnerability in redhat (CVE-2025-13601). Data can be tampered with by attackers.
|
| CVE-2025-51741 |
|
Vulnerability in dos (CVE-2025-51741)
vulnerability in dos (CVE-2025-51741). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13502 |
|
Out-of-Bounds Read in dos (CVE-2025-13502)
vulnerability in dos (CVE-2025-13502). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56400 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-56400)
vulnerability in csrf (CVE-2025-56400). Successful exploitation can lead to full system takeover.
|
| CVE-2025-13609 |
|
Vulnerability in keylime (CVE-2025-13609)
vulnerability in keylime (CVE-2025-13609). Data can be tampered with by attackers. Mitigation: upgrade to `7.13.0` or later.
|
| CVE-2025-56401 |
|
ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName.
ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName.
|
| CVE-2025-61757 KEV |
|
[KEV] Vulnerability in Oracle fusion-middleware (CVE-2025-61757)
vulnerability in Oracle fusion-middleware (CVE-2025-61757). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-25613 |
|
Vulnerability in fs (CVE-2025-25613)
vulnerability in fs (CVE-2025-25613). Confidential information can be exposed externally.
|
| CVE-2025-0645 |
|
Unrestricted File Upload in CVE-2025-0645 (CVE-2025-0645)
vulnerability in CVE-2025-0645 (CVE-2025-0645). Successful exploitation can lead to full system takeover.
|
| CVE-2025-0643 |
|
Cross-Site Scripting (XSS) in CVE-2025-0643 (CVE-2025-0643)
cross-site scripting in CVE-2025-0643 (CVE-2025-0643). Successful exploitation can lead to full system takeover.
|
| CVE-2025-13223 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2025-13223)
vulnerability in Google chromium-v8 (CVE-2025-13223). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-61662 |
|
Use-After-Free in dos (CVE-2025-61662)
vulnerability in dos (CVE-2025-61662). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58413 |
|
Vulnerability in fortinet (CVE-2025-58413)
vulnerability in fortinet (CVE-2025-58413). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53843 |
|
Vulnerability in fortinet (CVE-2025-53843)
vulnerability in fortinet (CVE-2025-53843). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58034 KEV |
|
[KEV] OS Command Injection in Fortinet fortiweb (CVE-2025-58034)
OS command injection in Fortinet fortiweb (CVE-2025-58034). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-63748 |
|
Unrestricted File Upload in testmanagement (CVE-2025-63748)
vulnerability in testmanagement (CVE-2025-63748). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40936 |
|
Out-of-Bounds Read in CVE-2025-40936 (CVE-2025-40936)
vulnerability in CVE-2025-40936 (CVE-2025-40936). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64309 |
|
Vulnerability in CVE-2025-64309 (CVE-2025-64309)
vulnerability in CVE-2025-64309 (CVE-2025-64309). Confidential information can be exposed externally.
|
| CVE-2025-63891 |
|
Information Disclosure in oretnom23 (CVE-2025-63891)
vulnerability in oretnom23 (CVE-2025-63891). Confidential information can be exposed externally.
|
| CVE-2025-13033 |
|
Vulnerability in CVE-2025-13033 (CVE-2025-13033)
vulnerability in CVE-2025-13033 (CVE-2025-13033). Confidential information can be exposed externally.
|
| CVE-2025-63680 |
|
Path Traversal in nero (CVE-2025-63680)
path traversal in nero (CVE-2025-63680). Successful exploitation can lead to full system takeover.
|
| CVE-2025-8855 |
|
Vulnerability in CVE-2025-8855 (CVE-2025-8855)
vulnerability in CVE-2025-8855 (CVE-2025-8855). Confidential information can be exposed externally.
|
| CVE-2025-64446 KEV |
|
[KEV] Vulnerability in Fortinet fortiweb (CVE-2025-64446)
vulnerability in Fortinet fortiweb (CVE-2025-64446). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-60679 |
|
Vulnerability in dlink (CVE-2025-60679)
vulnerability in dlink (CVE-2025-60679). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60696 |
|
Vulnerability in dos (CVE-2025-60696)
vulnerability in dos (CVE-2025-60696). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60694 |
|
Vulnerability in dos (CVE-2025-60694)
vulnerability in dos (CVE-2025-60694). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60692 |
|
Vulnerability in dos (CVE-2025-60692)
vulnerability in dos (CVE-2025-60692). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60691 |
|
Vulnerability in dos (CVE-2025-60691)
vulnerability in dos (CVE-2025-60691). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60690 |
|
Vulnerability in dos (CVE-2025-60690)
vulnerability in dos (CVE-2025-60690). Successful exploitation can lead to full system takeover.
|
| CVE-2025-59088 |
|
SSRF (Server-Side Request Forgery) in CVE-2025-59088 (CVE-2025-59088)
SSRF in CVE-2025-59088 (CVE-2025-59088). Confidential information can be exposed externally.
|
| CVE-2025-11962 |
|
Cross-Site Scripting (XSS) in CVE-2025-11962 (CVE-2025-11962)
cross-site scripting in CVE-2025-11962 (CVE-2025-11962). Confidential information can be exposed externally.
|
| CVE-2025-9242 KEV |
|
[KEV] Out-of-Bounds Write in Watchguard firebox (CVE-2025-9242)
out-of-bounds write in Watchguard firebox (CVE-2025-9242). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-62215 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-62215)
vulnerability in Microsoft windows (CVE-2025-62215). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-12480 KEV |
|
[KEV] Vulnerability in Gladinet triofox (CVE-2025-12480)
vulnerability in Gladinet triofox (CVE-2025-12480). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-62199 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-30398 |
|
Vulnerability in microsoft (CVE-2025-30398)
vulnerability in microsoft (CVE-2025-30398). Confidential information can be exposed externally.
|
| CVE-2025-11959 |
|
Vulnerability in CVE-2025-11959 (CVE-2025-11959)
vulnerability in CVE-2025-11959 (CVE-2025-11959). Confidential information can be exposed externally.
|
| CVE-2025-10161 |
|
Vulnerability in CVE-2025-10161 (CVE-2025-10161)
vulnerability in CVE-2025-10161 (CVE-2025-10161). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-21042 KEV |
|
[KEV] Out-of-Bounds Write in Samsung mobile-devices (CVE-2025-21042)
out-of-bounds write in Samsung mobile-devices (CVE-2025-21042). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-10968 |
|
SQL Injection in sqli (CVE-2025-10968)
SQL injection in sqli (CVE-2025-10968). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63560 |
|
Vulnerability in dos (CVE-2025-63560)
vulnerability in dos (CVE-2025-63560). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11956 |
|
Cross-Site Scripting (XSS) in CVE-2025-11956 (CVE-2025-11956)
cross-site scripting in CVE-2025-11956 (CVE-2025-11956). Confidential information can be exposed externally.
|
| CVE-2025-57130 |
|
Vulnerability in zwiicms (CVE-2025-57130)
vulnerability in zwiicms (CVE-2025-57130). Confidential information can be exposed externally.
|
| CVE-2025-43433 |
|
Out-of-Bounds Write in apple (CVE-2025-43433)
out-of-bounds write in apple (CVE-2025-43433). Successful exploitation can lead to full system takeover.
|
| CVE-2025-43407 |
|
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS...
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS...
|
| CVE-2025-11371 KEV |
|
[KEV] Vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371)
vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-48703 KEV |
|
[KEV] OS Command Injection in Cwp control-web-panel (CVE-2025-48703)
OS command injection in Cwp control-web-panel (CVE-2025-48703). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-60749 |
|
Vulnerability in CVE-2025-60749 (CVE-2025-60749)
vulnerability in CVE-2025-60749 (CVE-2025-60749). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61498 |
|
Vulnerability in dos (CVE-2025-61498)
vulnerability in dos (CVE-2025-61498). Risk of unauthorized operations or information disclosure.
|