Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-12251 |
|
Command Injection in telerik (CVE-2024-12251)
command injection in telerik (CVE-2024-12251). Successful exploitation can lead to full system takeover.
|
| CVE-2024-57951 |
|
Use-After-Free in linux (CVE-2024-57951)
vulnerability in linux (CVE-2024-57951). Successful exploitation can lead to full system takeover.
|
| CVE-2025-24200 KEV |
|
[KEV] Authorization Flaw in Apple ios-and-ipados (CVE-2025-24200)
vulnerability in Apple ios-and-ipados (CVE-2025-24200). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-41710 KEV |
|
[KEV] Vulnerability in Mitel sip-phones (CVE-2024-41710)
vulnerability in Mitel sip-phones (CVE-2024-41710). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40891 KEV |
|
[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40891)
OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40891). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40890 KEV |
|
[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40890)
OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40890). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21418 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-21418)
vulnerability in Microsoft windows (CVE-2025-21418). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21391 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-21391)
vulnerability in Microsoft windows (CVE-2025-21391). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21692 |
|
Vulnerability in c (CVE-2025-21692)
vulnerability in c (CVE-2025-21692). Successful exploitation can lead to full system takeover.
|
| CVE-2025-0994 KEV |
|
[KEV] Unsafe Deserialization in Trimble cityworks (CVE-2025-0994)
vulnerability in Trimble cityworks (CVE-2025-0994). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-15069 KEV |
|
[KEV] Vulnerability in Sophos xg-firewall (CVE-2020-15069)
vulnerability in Sophos xg-firewall (CVE-2020-15069). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-29574 KEV |
|
[KEV] SQL Injection in Sophos cyberoamos (CVE-2020-29574)
SQL injection in Sophos cyberoamos (CVE-2020-29574). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21413 KEV |
|
[KEV] Vulnerability in Microsoft office-outlook (CVE-2024-21413)
vulnerability in Microsoft office-outlook (CVE-2024-21413). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-23748 KEV |
|
[KEV] Vulnerability in Audinate dante-discovery (CVE-2022-23748)
vulnerability in Audinate dante-discovery (CVE-2022-23748). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-0411 KEV |
|
[KEV] Vulnerability in 7-zip (CVE-2025-0411)
vulnerability in 7-zip (CVE-2025-0411). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-53104 KEV |
|
[KEV] Out-of-Bounds Write in Linux kernel (CVE-2024-53104)
out-of-bounds write in Linux kernel (CVE-2024-53104). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-22205 |
|
Path Traversal in path-traversal (CVE-2025-22205)
path traversal in path-traversal (CVE-2025-22205). Confidential information can be exposed externally.
|
| CVE-2018-19410 KEV |
|
[KEV] Vulnerability in Paessler prtg-network-monitor (CVE-2018-19410)
vulnerability in Paessler prtg-network-monitor (CVE-2018-19410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-9276 KEV |
|
[KEV] OS Command Injection in Paessler prtg-network-monitor (CVE-2018-9276)
OS command injection in Paessler prtg-network-monitor (CVE-2018-9276). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-29059 KEV |
|
[KEV] Vulnerability in Microsoft net-framework (CVE-2024-29059)
vulnerability in Microsoft net-framework (CVE-2024-29059). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-45195 KEV |
|
[KEV] Vulnerability in Apache ofbiz (CVE-2024-45195)
vulnerability in Apache ofbiz (CVE-2024-45195). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-34897 |
|
Nedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability.
Nedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability.
|
| CVE-2024-34896 |
|
Vulnerability in CVE-2024-34896 (CVE-2024-34896)
vulnerability in CVE-2024-34896 (CVE-2024-34896). Confidential information can be exposed externally.
|
| CVE-2025-24085 KEV |
|
[KEV] Use-After-Free in Apple multiple-products (CVE-2025-24085)
vulnerability in Apple multiple-products (CVE-2025-24085). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-13484 |
|
Vulnerability in CVE-2024-13484 (CVE-2024-13484)
vulnerability in CVE-2024-13484 (CVE-2024-13484). Successful exploitation can lead to full system takeover.
|
| CVE-2024-48420 |
|
Vulnerability in edimax (CVE-2024-48420)
vulnerability in edimax (CVE-2024-48420). Successful exploitation can lead to full system takeover.
|
| CVE-2024-48419 |
|
Command Injection in edimax (CVE-2024-48419)
command injection in edimax (CVE-2024-48419). Successful exploitation can lead to full system takeover.
|
| CVE-2024-48418 |
|
Cross-Site Request Forgery (CSRF) in edimax (CVE-2024-48418)
vulnerability in edimax (CVE-2024-48418). Successful exploitation can lead to full system takeover.
|
| CVE-2024-48416 |
|
Vulnerability in edimax (CVE-2024-48416)
vulnerability in edimax (CVE-2024-48416). Successful exploitation can lead to full system takeover.
|
| CVE-2025-23006 KEV |
|
[KEV] Unsafe Deserialization in Sonicwall sma1000-appliances (CVE-2025-23006)
vulnerability in Sonicwall sma1000-appliances (CVE-2025-23006). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11023 KEV |
|
[KEV] Cross-Site Scripting (XSS) in jquery (CVE-2020-11023)
cross-site scripting in jquery (CVE-2020-11023). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36998 |
|
Vulnerability in CVE-2023-36998 (CVE-2023-36998)
vulnerability in CVE-2023-36998 (CVE-2023-36998). Data can be tampered with by attackers.
|
| CVE-2024-11218 |
|
Privilege Escalation in CVE-2024-11218 (CVE-2024-11218)
vulnerability in CVE-2024-11218 (CVE-2024-11218). Successful exploitation can lead to full system takeover. Exploitable via ``buildah.``.
|
| CVE-2024-24451 |
|
Vulnerability in dos (CVE-2024-24451)
vulnerability in dos (CVE-2024-24451). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-24442 |
|
Vulnerability in dos (CVE-2024-24442)
vulnerability in dos (CVE-2024-24442). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-24444 |
|
Vulnerability in dos (CVE-2024-24444)
vulnerability in dos (CVE-2024-24444). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-57945 |
|
Out-of-Bounds Read in linux (CVE-2024-57945)
vulnerability in linux (CVE-2024-57945). Confidential information can be exposed externally.
|
| CVE-2024-57929 |
|
Vulnerability in c (CVE-2024-57929)
vulnerability in c (CVE-2024-57929). Confidential information can be exposed externally.
|
| CVE-2025-21647 |
|
Out-of-Bounds Read in linux (CVE-2025-21647)
vulnerability in linux (CVE-2025-21647). Confidential information can be exposed externally.
|
| CVE-2024-45331 |
|
Vulnerability in fortinet (CVE-2024-45331)
vulnerability in fortinet (CVE-2024-45331). Successful exploitation can lead to full system takeover.
|
| CVE-2024-50603 KEV |
|
[KEV] OS Command Injection in Aviatrix controllers (CVE-2024-50603)
OS command injection in Aviatrix controllers (CVE-2024-50603). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-42911 |
|
Code Injection in CVE-2024-42911 (CVE-2024-42911)
code injection in CVE-2024-42911 (CVE-2024-42911). Confidential information can be exposed externally.
|
| CVE-2025-21402 |
|
Microsoft Office OneNote Remote Code Execution Vulnerability
Microsoft Office OneNote Remote Code Execution Vulnerability
|
| CVE-2025-21361 |
|
Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
|
| CVE-2025-21338 |
|
GDI+ Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
|
| CVE-2024-12085 |
|
Vulnerability in samba (CVE-2024-12085)
vulnerability in samba (CVE-2024-12085). Confidential information can be exposed externally.
|
| CVE-2024-48884 |
|
Path Traversal in path-traversal (CVE-2024-48884)
path traversal in path-traversal (CVE-2024-48884). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-21335 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2025-21335)
vulnerability in Microsoft windows (CVE-2025-21335). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21334 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2025-21334)
vulnerability in Microsoft windows (CVE-2025-21334). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21333 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-21333)
vulnerability in Microsoft windows (CVE-2025-21333). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|