Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2025-47729 KEV [KEV] Vulnerability in Telemessage tm-sgnl (CVE-2025-47729)
vulnerability in Telemessage tm-sgnl (CVE-2025-47729). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-11120 KEV [KEV] OS Command Injection in Geovision multiple-devices (CVE-2024-11120)
OS command injection in Geovision multiple-devices (CVE-2024-11120). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-6047 KEV [KEV] OS Command Injection in Geovision multiple-devices (CVE-2024-6047)
OS command injection in Geovision multiple-devices (CVE-2024-6047). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-0984 Cross-Site Scripting (XSS) in CVE-2025-0984 (CVE-2025-0984)
cross-site scripting in CVE-2025-0984 (CVE-2025-0984). Data can be tampered with by attackers.
CVE-2025-27363 KEV [KEV] Out-of-Bounds Write in freetype (CVE-2025-27363)
out-of-bounds write in freetype (CVE-2025-27363). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-45242 Vulnerability in rhymix (CVE-2025-45242)
vulnerability in rhymix (CVE-2025-45242). Confidential information can be exposed externally.
CVE-2025-3248 KEV [KEV] Vulnerability in langflow (CVE-2025-3248)
vulnerability in langflow (CVE-2025-3248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-11142 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-11142)
vulnerability in csrf (CVE-2024-11142). Successful exploitation can lead to full system takeover.
CVE-2025-34028 KEV [KEV] Path Traversal in Commvault command-center (CVE-2025-34028)
path traversal in Commvault command-center (CVE-2025-34028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-58136 KEV [KEV] Vulnerability in Yiiframework yii (CVE-2024-58136)
vulnerability in Yiiframework yii (CVE-2024-58136). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-38475 KEV [KEV] Vulnerability in Apache http-server (CVE-2024-38475)
vulnerability in Apache http-server (CVE-2024-38475). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-44221 KEV [KEV] OS Command Injection in Sonicwall sma100-appliances (CVE-2023-44221)
OS command injection in Sonicwall sma100-appliances (CVE-2023-44221). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-3891 Vulnerability in apache (CVE-2025-3891)
vulnerability in apache (CVE-2025-3891). Risk of unauthorized operations or information disclosure.
CVE-2025-31324 KEV [KEV] Unrestricted File Upload in Sap netweaver (CVE-2025-31324)
vulnerability in Sap netweaver (CVE-2025-31324). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-1976 KEV [KEV] Code Injection in Broadcom brocade-fabric-os (CVE-2025-1976)
code injection in Broadcom brocade-fabric-os (CVE-2025-1976). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-42599 KEV [KEV] Vulnerability in Qualitia active-mail (CVE-2025-42599)
vulnerability in Qualitia active-mail (CVE-2025-42599). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-3928 KEV [KEV] Vulnerability in Commvault web-server (CVE-2025-3928)
vulnerability in Commvault web-server (CVE-2025-3928). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-46397 Vulnerability in fig2dev-project (CVE-2025-46397)
vulnerability in fig2dev-project (CVE-2025-46397). Successful exploitation can lead to full system takeover.
CVE-2025-24054 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-24054)
vulnerability in Microsoft windows (CVE-2025-24054). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-31201 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2025-31201)
vulnerability in Apple multiple-products (CVE-2025-31201). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-31200 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2025-31200)
vulnerability in Apple multiple-products (CVE-2025-31200). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-22107 Out-of-Bounds Read in linux (CVE-2025-22107)
vulnerability in linux (CVE-2025-22107). Confidential information can be exposed externally.
CVE-2025-22069 Vulnerability in c (CVE-2025-22069)
vulnerability in c (CVE-2025-22069). Successful exploitation can lead to full system takeover.
CVE-2021-20035 KEV [KEV] OS Command Injection in Sonicwall sma100-appliances (CVE-2021-20035)
OS command injection in Sonicwall sma100-appliances (CVE-2021-20035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-32908 Vulnerability in dos (CVE-2025-32908)
vulnerability in dos (CVE-2025-32908). Risk of unauthorized operations or information disclosure.
CVE-2025-32913 Vulnerability in CVE-2025-32913 (CVE-2025-32913)
vulnerability in CVE-2025-32913 (CVE-2025-32913). Risk of unauthorized operations or information disclosure.
CVE-2025-32906 Out-of-Bounds Read in CVE-2025-32906 (CVE-2025-32906)
vulnerability in CVE-2025-32906 (CVE-2025-32906). Risk of unauthorized operations or information disclosure.
CVE-2025-32914 Out-of-Bounds Read in CVE-2025-32914 (CVE-2025-32914)
vulnerability in CVE-2025-32914 (CVE-2025-32914). Confidential information can be exposed externally.
CVE-2024-53150 KEV [KEV] Out-of-Bounds Read in Linux kernel (CVE-2024-53150)
vulnerability in Linux kernel (CVE-2024-53150). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-53197 KEV [KEV] Out-of-Bounds Write in Linux kernel (CVE-2024-53197)
out-of-bounds write in Linux kernel (CVE-2024-53197). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-26687 Use-After-Free in microsoft (CVE-2025-26687)
vulnerability in microsoft (CVE-2025-26687). Successful exploitation can lead to full system takeover.
CVE-2025-29824 KEV [KEV] Use-After-Free in Microsoft windows (CVE-2025-29824)
vulnerability in Microsoft windows (CVE-2025-29824). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-30406 KEV [KEV] Vulnerability in Gladinet centrestack (CVE-2025-30406)
vulnerability in Gladinet centrestack (CVE-2025-30406). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-31161 KEV [KEV] Vulnerability in crushftp (CVE-2025-31161)
vulnerability in crushftp (CVE-2025-31161). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Listed in CISA KEV — actively exploited.
CVE-2025-22457 KEV [KEV] Vulnerability in Ivanti connect-secure (CVE-2025-22457)
vulnerability in Ivanti connect-secure (CVE-2025-22457). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-3155 Open Redirect in gnome (CVE-2025-3155)
vulnerability in gnome (CVE-2025-3155). Confidential information can be exposed externally.
CVE-2025-32049 Vulnerability in dos (CVE-2025-32049)
vulnerability in dos (CVE-2025-32049). Risk of unauthorized operations or information disclosure.
CVE-2025-2784 Out-of-Bounds Read in gnome (CVE-2025-2784)
vulnerability in gnome (CVE-2025-2784). Risk of unauthorized operations or information disclosure.
CVE-2025-71319 Vulnerability in image-size (CVE-2025-71319)
vulnerability in image-size (CVE-2025-71319). Risk of unauthorized operations or information disclosure. Exploitable via ``findBox``. Mitigation: upgrade to `2.0.2` or later.
CVE-2025-24813 KEV [KEV] Vulnerability in Apache tomcat (CVE-2025-24813)
vulnerability in Apache tomcat (CVE-2025-24813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24170 A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
CVE-2025-2586 Vulnerability in CVE-2025-2586 (CVE-2025-2586)
vulnerability in CVE-2025-2586 (CVE-2025-2586). Risk of unauthorized operations or information disclosure.
CVE-2024-20439 KEV [KEV] Vulnerability in Cisco smart-licensing-utility (CVE-2024-20439)
vulnerability in Cisco smart-licensing-utility (CVE-2024-20439). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-58130 Cross-Site Scripting (XSS) in misp-project (CVE-2024-58130)
cross-site scripting in misp-project (CVE-2024-58130). Risk of unauthorized operations or information disclosure.
CVE-2025-2783 KEV [KEV] Vulnerability in Google chromium-mojo (CVE-2025-2783)
vulnerability in Google chromium-mojo (CVE-2025-2783). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-9875 KEV [KEV] Unsafe Deserialization in Sitecore cms-and-experience-platform-xp (CVE-2019-9875)
vulnerability in Sitecore cms-and-experience-platform-xp (CVE-2019-9875). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-9874 KEV [KEV] Unsafe Deserialization in Sitecore cms-and-experience-platform-xp (CVE-2019-9874)
vulnerability in Sitecore cms-and-experience-platform-xp (CVE-2019-9874). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-30154 KEV [KEV] Vulnerability in Reviewdog action-setup-github-action (CVE-2025-30154)
vulnerability in Reviewdog action-setup-github-action (CVE-2025-30154). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-12137 Vulnerability in CVE-2024-12137 (CVE-2024-12137)
vulnerability in CVE-2024-12137 (CVE-2024-12137). Data can be tampered with by attackers.
CVE-2017-12637 KEV [KEV] Path Traversal in Sap netweaver (CVE-2017-12637)
path traversal in Sap netweaver (CVE-2017-12637). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →