Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-50585 |
|
SQL Injection in sqli (CVE-2025-50585)
SQL injection in sqli (CVE-2025-50585). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52164 |
|
Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to store credentials in plaintext.
Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to store credentials in plaintext.
|
| CVE-2025-25257 KEV |
|
[KEV] SQL Injection in Fortinet fortiweb (CVE-2025-25257)
SQL injection in Fortinet fortiweb (CVE-2025-25257). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-53816 |
|
Vulnerability in dos (CVE-2025-53816)
vulnerability in dos (CVE-2025-53816). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6965 |
|
Vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965)
vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965). Data can be tampered with by attackers.
|
| CVE-2025-47812 KEV |
|
[KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47812)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47812). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-44251 |
|
Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process.
Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process.
|
| CVE-2025-38342 |
|
Out-of-Bounds Read in linux (CVE-2025-38342)
vulnerability in linux (CVE-2025-38342). Confidential information can be exposed externally.
|
| CVE-2025-38280 |
|
Vulnerability in c (CVE-2025-38280)
vulnerability in c (CVE-2025-38280). Successful exploitation can lead to full system takeover. Exploitable via ``__bpf_prog_ret0_warn``.
|
| CVE-2025-5777 KEV |
|
[KEV] Out-of-Bounds Read in Citrix netscaler-adc-and-gateway (CVE-2025-5777)
vulnerability in Citrix netscaler-adc-and-gateway (CVE-2025-5777). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-38250 |
|
Use-After-Free in c (CVE-2025-38250)
vulnerability in c (CVE-2025-38250). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49702 |
|
Vulnerability in microsoft (CVE-2025-49702)
vulnerability in microsoft (CVE-2025-49702). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49697 |
|
Vulnerability in microsoft (CVE-2025-49697)
vulnerability in microsoft (CVE-2025-49697). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49696 |
|
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-49695 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-7345 |
|
Vulnerability in c (CVE-2025-7345)
vulnerability in c (CVE-2025-7345). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-38236 |
|
Use-After-Free in c (CVE-2025-38236)
vulnerability in c (CVE-2025-38236). Successful exploitation can lead to full system takeover.
|
| CVE-2025-5987 |
|
Vulnerability in libssh (CVE-2025-5987)
vulnerability in libssh (CVE-2025-5987). Successful exploitation can lead to full system takeover.
|
| CVE-2014-3931 KEV |
|
[KEV] Buffer Overflow in Looking glass looking-glass (CVE-2014-3931)
vulnerability in Looking glass looking-glass (CVE-2014-3931). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-10033 KEV |
|
[KEV] Command Injection in php (CVE-2016-10033)
command injection in php (CVE-2016-10033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-5418 KEV |
|
[KEV] Path Traversal in rails (CVE-2019-5418)
path traversal in rails (CVE-2019-5418). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-9621 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621)
SSRF in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-38212 |
|
Use-After-Free in linux (CVE-2025-38212)
vulnerability in linux (CVE-2025-38212). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38198 |
|
Vulnerability in c (CVE-2025-38198)
vulnerability in c (CVE-2025-38198). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38129 |
|
Use-After-Free in c (CVE-2025-38129)
vulnerability in c (CVE-2025-38129). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38111 |
|
Out-of-Bounds Read in linux (CVE-2025-38111)
vulnerability in linux (CVE-2025-38111). Confidential information can be exposed externally.
|
| CVE-2025-6554 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2025-6554)
vulnerability in Google chromium-v8 (CVE-2025-6554). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-6297 |
|
Vulnerability in dos (CVE-2025-6297)
vulnerability in dos (CVE-2025-6297). Confidential information can be exposed externally.
|
| CVE-2025-48927 KEV |
|
[KEV] Vulnerability in Telemessage tm-sgnl (CVE-2025-48927)
vulnerability in Telemessage tm-sgnl (CVE-2025-48927). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-48928 KEV |
|
[KEV] Vulnerability in Telemessage tm-sgnl (CVE-2025-48928)
vulnerability in Telemessage tm-sgnl (CVE-2025-48928). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-52904 |
|
Command Injection in github.com/filebrowser/filebrowser/v2 (CVE-2025-52904)
command injection in github.com/filebrowser/filebrowser/v2 (CVE-2025-52904). Successful exploitation can lead to full system takeover. Exploitable via ``grep``. Mitigation: upgrade to `2.33.8` or later.
|
| CVE-2025-6543 KEV |
|
[KEV] Buffer Overflow in Citrix netscaler-adc-and-gateway (CVE-2025-6543)
vulnerability in Citrix netscaler-adc-and-gateway (CVE-2025-6543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-52903 |
|
Vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903). Successful exploitation can lead to full system takeover. Exploitable via ``find``. Mitigation: upgrade to `2.33.10` or later.
|
| CVE-2023-44915 |
|
Cross-Site Scripting (XSS) in CVE-2023-44915 (CVE-2023-44915)
cross-site scripting in CVE-2023-44915 (CVE-2023-44915). Confidential information can be exposed externally.
|
| CVE-2024-54085 KEV |
|
[KEV] Vulnerability in Ami megarac-spx (CVE-2024-54085)
vulnerability in Ami megarac-spx (CVE-2024-54085). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-0769 KEV |
|
[KEV] Path Traversal in D-link dir-859-router (CVE-2024-0769)
path traversal in D-link dir-859-router (CVE-2024-0769). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-6693 KEV |
|
[KEV] Vulnerability in Fortinet fortios (CVE-2019-6693)
vulnerability in Fortinet fortios (CVE-2019-6693). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-44531 |
|
Vulnerability in dos (CVE-2025-44531)
vulnerability in dos (CVE-2025-44531). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6032 |
|
Vulnerability in CVE-2025-6032 (CVE-2025-6032)
vulnerability in CVE-2025-6032 (CVE-2025-6032). Successful exploitation can lead to full system takeover.
|
| CVE-2025-5318 |
|
Out-of-Bounds Read in redhat (CVE-2025-5318)
vulnerability in redhat (CVE-2025-5318). Confidential information can be exposed externally.
|
| CVE-2025-44528 |
|
Vulnerability in dos (CVE-2025-44528)
vulnerability in dos (CVE-2025-44528). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44203 |
|
Vulnerability in dos (CVE-2025-44203)
vulnerability in dos (CVE-2025-44203). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6019 |
|
Vulnerability in privilege-escalation (CVE-2025-6019)
vulnerability in privilege-escalation (CVE-2025-6019). Successful exploitation can lead to full system takeover.
|
| CVE-2022-49961 |
|
Out-of-Bounds Read in linux (CVE-2022-49961)
vulnerability in linux (CVE-2022-49961). Confidential information can be exposed externally.
|
| CVE-2025-38079 |
|
Vulnerability in linux (CVE-2025-38079)
vulnerability in linux (CVE-2025-38079). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49848 |
|
Out-of-Bounds Write in CVE-2025-49848 (CVE-2025-49848)
out-of-bounds write in CVE-2025-49848 (CVE-2025-49848). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49180 |
|
Vulnerability in CVE-2025-49180 (CVE-2025-49180)
vulnerability in CVE-2025-49180 (CVE-2025-49180). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49179 |
|
Vulnerability in c (CVE-2025-49179)
vulnerability in c (CVE-2025-49179). Confidential information can be exposed externally.
|
| CVE-2025-49176 |
|
Vulnerability in c (CVE-2025-49176)
vulnerability in c (CVE-2025-49176). Data can be tampered with by attackers.
|
| CVE-2025-6020 |
|
Path Traversal in CVE-2025-6020 (CVE-2025-6020)
path traversal in CVE-2025-6020 (CVE-2025-6020). Successful exploitation can lead to full system takeover.
|