Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-71354 |
|
Unsafe Deserialization in picklescan (CVE-2025-71354)
vulnerability in picklescan (CVE-2025-71354). Confidential information can be exposed externally. Mitigation: upgrade to `0.0.29` or later.
|
| CVE-2025-50753 |
|
Vulnerability in CVE-2025-50753 (CVE-2025-50753)
vulnerability in CVE-2025-50753 (CVE-2025-50753). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38676 |
|
Out-of-Bounds Write in linux (CVE-2025-38676)
out-of-bounds write in linux (CVE-2025-38676). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7775 KEV |
|
[KEV] Buffer Overflow in Citrix netscaler (CVE-2025-7775)
vulnerability in Citrix netscaler (CVE-2025-7775). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-50383 |
|
SQL Injection in sqli (CVE-2025-50383)
SQL injection in sqli (CVE-2025-50383). Confidential information can be exposed externally.
|
| CVE-2025-55409 |
|
Cross-Site Scripting (XSS) in foxcms (CVE-2025-55409)
cross-site scripting in foxcms (CVE-2025-55409). Successful exploitation can lead to full system takeover.
|
| CVE-2024-8069 KEV |
|
[KEV] Unsafe Deserialization in Citrix session-recording (CVE-2024-8069)
vulnerability in Citrix session-recording (CVE-2024-8069). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-8068 KEV |
|
[KEV] Privilege Escalation in Citrix session-recording (CVE-2024-8068)
vulnerability in Citrix session-recording (CVE-2024-8068). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-48384 KEV |
|
[KEV] Vulnerability in git (CVE-2025-48384)
vulnerability in git (CVE-2025-48384). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-50674 |
|
Vulnerability in openmediavault (CVE-2025-50674)
vulnerability in openmediavault (CVE-2025-50674). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38670 |
|
Vulnerability in linux (CVE-2025-38670)
vulnerability in linux (CVE-2025-38670). Confidential information can be exposed externally.
|
| CVE-2025-38627 |
|
Use-After-Free in c (CVE-2025-38627)
vulnerability in c (CVE-2025-38627). Successful exploitation can lead to full system takeover.
|
| CVE-2025-51989 |
|
Vulnerability in CVE-2025-51989 (CVE-2025-51989)
vulnerability in CVE-2025-51989 (CVE-2025-51989). Confidential information can be exposed externally.
|
| CVE-2025-55564 |
|
Vulnerability in tenda (CVE-2025-55564)
vulnerability in tenda (CVE-2025-55564). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-55370 |
|
Vulnerability in jishenghua (CVE-2025-55370)
vulnerability in jishenghua (CVE-2025-55370). Successful exploitation can lead to full system takeover.
|
| CVE-2025-55368 |
|
Vulnerability in jishenghua (CVE-2025-55368)
vulnerability in jishenghua (CVE-2025-55368). Successful exploitation can lead to full system takeover.
|
| CVE-2025-43300 KEV |
|
[KEV] Out-of-Bounds Write in Apple ios (CVE-2025-43300)
out-of-bounds write in Apple ios (CVE-2025-43300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-5261 |
|
Vulnerability in CVE-2025-5261 (CVE-2025-5261)
vulnerability in CVE-2025-5261 (CVE-2025-5261). Confidential information can be exposed externally.
|
| CVE-2025-5260 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-5260)
SSRF in ssrf (CVE-2025-5260). Confidential information can be exposed externally.
|
| CVE-2025-38585 |
|
Out-of-Bounds Write in linux (CVE-2025-38585)
out-of-bounds write in linux (CVE-2025-38585). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38584 |
|
Use-After-Free in linux (CVE-2025-38584)
vulnerability in linux (CVE-2025-38584). Successful exploitation can lead to full system takeover.
|
| CVE-2025-54948 KEV |
|
[KEV] OS Command Injection in Trend micro trend-micro (CVE-2025-54948)
OS command injection in Trend micro trend-micro (CVE-2025-54948). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-38552 |
|
Vulnerability in linux (CVE-2025-38552)
vulnerability in linux (CVE-2025-38552). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38502 |
|
Out-of-Bounds Read in linux (CVE-2025-38502)
vulnerability in linux (CVE-2025-38502). Confidential information can be exposed externally.
|
| CVE-2025-1929 |
|
SQL Injection in sqli (CVE-2025-1929)
SQL injection in sqli (CVE-2025-1929). Successful exploitation can lead to full system takeover.
|
| CVE-2025-48989 |
|
Vulnerability in org.apache.tomcat:tomcat-coyote (CVE-2025-48989)
vulnerability in org.apache.tomcat:tomcat-coyote (CVE-2025-48989). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.108` or later.
|
| CVE-2025-8875 KEV |
|
[KEV] Vulnerability in N-able n-central (CVE-2025-8875)
vulnerability in N-able n-central (CVE-2025-8875). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-8876 KEV |
|
[KEV] Vulnerability in N-able n-central (CVE-2025-8876)
vulnerability in N-able n-central (CVE-2025-8876). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-53744 |
|
Vulnerability in fortinet (CVE-2025-53744)
vulnerability in fortinet (CVE-2025-53744). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53732 |
|
Vulnerability in microsoft (CVE-2025-53732)
vulnerability in microsoft (CVE-2025-53732). Successful exploitation can lead to full system takeover.
|
| CVE-2025-33051 |
|
Information Disclosure in microsoft (CVE-2025-33051)
vulnerability in microsoft (CVE-2025-33051). Confidential information can be exposed externally.
|
| CVE-2025-38500 |
|
Use-After-Free in c (CVE-2025-38500)
vulnerability in c (CVE-2025-38500). Successful exploitation can lead to full system takeover.
|
| CVE-2024-54678 |
|
Unsafe Deserialization in CVE-2024-54678 (CVE-2024-54678)
vulnerability in CVE-2024-54678 (CVE-2024-54678). Successful exploitation can lead to full system takeover.
|
| CVE-2013-3893 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2013-3893)
vulnerability in Microsoft internet-explorer (CVE-2013-3893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2007-0671 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2007-0671)
vulnerability in Microsoft office (CVE-2007-0671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-8088 KEV |
|
[KEV] Vulnerability in Rarlab winrar (CVE-2025-8088)
vulnerability in Rarlab winrar (CVE-2025-8088). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-51629 |
|
Cross-Site Scripting (XSS) in CVE-2025-51629 (CVE-2025-51629)
cross-site scripting in CVE-2025-51629 (CVE-2025-51629). Successful exploitation can lead to full system takeover.
|
| CVE-2025-51055 |
|
Vulnerability in vedo-suite-project (CVE-2025-51055)
vulnerability in vedo-suite-project (CVE-2025-51055). Confidential information can be exposed externally.
|
| CVE-2025-51056 |
|
Unrestricted File Upload in vedo-suite-project (CVE-2025-51056)
vulnerability in vedo-suite-project (CVE-2025-51056). Confidential information can be exposed externally.
|
| CVE-2025-51624 |
|
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
|
| CVE-2025-53786 |
|
Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
|
| CVE-2025-51628 |
|
Vulnerability in CVE-2025-51628 (CVE-2025-51628)
vulnerability in CVE-2025-51628 (CVE-2025-51628). Confidential information can be exposed externally.
|
| CVE-2022-40799 KEV |
|
[KEV] Vulnerability in D-link dnr-322l (CVE-2022-40799)
vulnerability in D-link dnr-322l (CVE-2022-40799). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-25079 KEV |
|
[KEV] Command Injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079)
command injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-25078 KEV |
|
[KEV] Vulnerability in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25078)
vulnerability in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25078). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-44643 |
|
Vulnerability in CVE-2025-44643 (CVE-2025-44643)
vulnerability in CVE-2025-44643 (CVE-2025-44643). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-20701 |
|
Authorization Flaw in CVE-2025-20701 (CVE-2025-20701)
vulnerability in CVE-2025-20701 (CVE-2025-20701). Successful exploitation can lead to full system takeover.
|
| CVE-2013-10050 |
|
OS Command Injection in dlink (CVE-2013-10050)
OS command injection in dlink (CVE-2013-10050). Successful exploitation can lead to full system takeover.
|
| CVE-2023-32256 |
|
Vulnerability in CVE-2023-32256 (CVE-2023-32256)
vulnerability in CVE-2023-32256 (CVE-2023-32256). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52327 |
|
SQL Injection in sqli (CVE-2025-52327)
SQL injection in sqli (CVE-2025-52327). Successful exploitation can lead to full system takeover.
|