Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2025-62230 Use-After-Free in xorg (CVE-2025-62230)
vulnerability in xorg (CVE-2025-62230). Confidential information can be exposed externally.
CVE-2025-62231 Vulnerability in xorg (CVE-2025-62231)
vulnerability in xorg (CVE-2025-62231). Confidential information can be exposed externally.
CVE-2025-24893 KEV [KEV] Vulnerability in Xwiki platform (CVE-2025-24893)
vulnerability in Xwiki platform (CVE-2025-24893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-41244 KEV [KEV] Vulnerability in Broadcom vmware-aria-operations-and-vmware-tools (CVE-2025-41244)
vulnerability in Broadcom vmware-aria-operations-and-vmware-tools (CVE-2025-41244). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-60805 Information Disclosure in CVE-2025-60805 (CVE-2025-60805)
vulnerability in CVE-2025-60805 (CVE-2025-60805). Confidential information can be exposed externally.
CVE-2025-60349 Vulnerability in dos (CVE-2025-60349)
vulnerability in dos (CVE-2025-60349). Risk of unauthorized operations or information disclosure.
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
CVE-2025-6205 KEV [KEV] Vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205)
vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-6204 KEV [KEV] Code Injection in Dassault systèmes dassault-systemes (CVE-2025-6204)
code injection in Dassault systèmes dassault-systemes (CVE-2025-6204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-55752 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
CVE-2023-49440 AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."
AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."
CVE-2025-60731 PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function
CVE-2025-60735 PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function
CVE-2025-60730 PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
CVE-2025-11145 Information Disclosure in CVE-2025-11145 (CVE-2025-11145)
vulnerability in CVE-2025-11145 (CVE-2025-11145). Confidential information can be exposed externally.
CVE-2025-59287 KEV [KEV] Unsafe Deserialization in Microsoft windows (CVE-2025-59287)
vulnerability in Microsoft windows (CVE-2025-59287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-12105 Use-After-Free in CVE-2025-12105 (CVE-2025-12105)
vulnerability in CVE-2025-12105 (CVE-2025-12105). Risk of unauthorized operations or information disclosure.
CVE-2025-10914 Cross-Site Scripting (XSS) in CVE-2025-10914 (CVE-2025-10914)
cross-site scripting in CVE-2025-10914 (CVE-2025-10914). Confidential information can be exposed externally.
CVE-2025-61932 KEV [KEV] Vulnerability in Motex lanscope-endpoint-manager (CVE-2025-61932)
vulnerability in Motex lanscope-endpoint-manager (CVE-2025-61932). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61220 Information Disclosure in CVE-2025-61220 (CVE-2025-61220)
vulnerability in CVE-2025-61220 (CVE-2025-61220). Confidential information can be exposed externally.
CVE-2025-11151 Information Disclosure in CVE-2025-11151 (CVE-2025-11151)
vulnerability in CVE-2025-11151 (CVE-2025-11151). Confidential information can be exposed externally.
CVE-2025-61301 Vulnerability in CVE-2025-61301 (CVE-2025-61301)
vulnerability in CVE-2025-61301 (CVE-2025-61301). Risk of unauthorized operations or information disclosure.
CVE-2025-56224 Vulnerability in ascertia (CVE-2025-56224)
vulnerability in ascertia (CVE-2025-56224). Successful exploitation can lead to full system takeover.
CVE-2025-56223 Vulnerability in dos (CVE-2025-56223)
vulnerability in dos (CVE-2025-56223). Risk of unauthorized operations or information disclosure.
CVE-2025-56219 Vulnerability in dos (CVE-2025-56219)
vulnerability in dos (CVE-2025-56219). Risk of unauthorized operations or information disclosure.
CVE-2025-33073 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-33073)
vulnerability in Microsoft windows (CVE-2025-33073). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-61884 KEV [KEV] SSRF (Server-Side Request Forgery) in Oracle e-business-suite (CVE-2025-61884)
SSRF in Oracle e-business-suite (CVE-2025-61884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2747 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2747)
vulnerability in Kentico xperience-cms (CVE-2025-2747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2746 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2746)
vulnerability in Kentico xperience-cms (CVE-2025-2746). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-48503 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2022-48503)
vulnerability in Apple multiple-products (CVE-2022-48503). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-54253 KEV [KEV] Vulnerability in Adobe experience-manager-aem-forms (CVE-2025-54253)
vulnerability in Adobe experience-manager-aem-forms (CVE-2025-54253). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-60535 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-60535)
vulnerability in csrf (CVE-2025-60535). Risk of unauthorized operations or information disclosure.
CVE-2025-59249 Vulnerability in microsoft (CVE-2025-59249)
vulnerability in microsoft (CVE-2025-59249). Successful exploitation can lead to full system takeover.
CVE-2025-59248 Vulnerability in microsoft (CVE-2025-59248)
vulnerability in microsoft (CVE-2025-59248). Confidential information can be exposed externally.
CVE-2025-59234 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59227 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53782 Vulnerability in microsoft (CVE-2025-53782)
vulnerability in microsoft (CVE-2025-53782). Successful exploitation can lead to full system takeover.
CVE-2025-57740 Vulnerability in fortinet (CVE-2025-57740)
vulnerability in fortinet (CVE-2025-57740). Successful exploitation can lead to full system takeover.
CVE-2025-25253 Vulnerability in fortinet (CVE-2025-25253)
vulnerability in fortinet (CVE-2025-25253). Successful exploitation can lead to full system takeover.
CVE-2025-10228 Vulnerability in CVE-2025-10228 (CVE-2025-10228)
vulnerability in CVE-2025-10228 (CVE-2025-10228). Successful exploitation can lead to full system takeover.
CVE-2016-7836 KEV [KEV] Authentication Bypass in Skysea client-view (CVE-2016-7836)
authentication bypass in Skysea client-view (CVE-2016-7836). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-59230 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-59230)
vulnerability in Microsoft windows (CVE-2025-59230). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24990 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-24990)
vulnerability in Microsoft windows (CVE-2025-24990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-47827 KEV [KEV] Vulnerability in igel (CVE-2025-47827)
vulnerability in igel (CVE-2025-47827). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-9902 Vulnerability in CVE-2025-9902 (CVE-2025-9902)
vulnerability in CVE-2025-9902 (CVE-2025-9902). Confidential information can be exposed externally.
CVE-2025-60305 Vulnerability in senior-walter (CVE-2025-60305)
vulnerability in senior-walter (CVE-2025-60305). Successful exploitation can lead to full system takeover.
CVE-2025-60378 Cross-Site Scripting (XSS) in fairsketch (CVE-2025-60378)
cross-site scripting in fairsketch (CVE-2025-60378). Confidential information can be exposed externally.
CVE-2021-43798 KEV [KEV] Path Traversal in Grafana labs grafana-labs (CVE-2021-43798)
path traversal in Grafana labs grafana-labs (CVE-2021-43798). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61524 Vulnerability in CVE-2025-61524 (CVE-2025-61524)
vulnerability in CVE-2025-61524 (CVE-2025-61524). Successful exploitation can lead to full system takeover.
CVE-2025-57457 OS Command Injection in CVE-2025-57457 (CVE-2025-57457)
OS command injection in CVE-2025-57457 (CVE-2025-57457). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →