CVEs from 2025
Total
8,971
critical
critical 1,368
high
high 2,067
medium
medium 2,068
low
low 204
% Critical
15.2%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 110
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-35939 | unknown | — | 1.5 | 1y ago | Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a… | |||
| CVE-2025-34028 | unknown | — | 1.5 | 1y ago | Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code. | |||
| CVE-2025-31324 | unknown | — | 1.5 | 1y ago | SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries. | |||
| CVE-2025-1976 | unknown | — | 1.5 | 1y ago | Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges. | |||
| CVE-2025-3928 | unknown | — | 1.5 | 1y ago | Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells. | |||
| CVE-2025-42599 | unknown | — | 1.5 | 1y ago | Qualitia Active! Mail contains a stack-based buffer overflow vulnerability that allows a remote, unauthenticated attacker to execute arbitrary or trigger a denial-of-service via a specially crafted r… | |||
| CVE-2025-31201 | unknown | — | 1.5 | 1y ago | Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication. | |||
| CVE-2025-31200 | unknown | — | 1.5 | 1y ago | Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file. | |||
| CVE-2025-29824 | unknown | — | 1.5 | 1y ago | Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-31125 | unknown | — | 1.5 | 1y ago | Vite Vitejs contains an improper access control vulnerability that exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the n… | |||
| CVE-2025-30154 | unknown | — | 1.5 | 1y ago | reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs. | |||
| CVE-2025-1316 | unknown | — | 1.5 | 1y ago | Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The… | |||
| CVE-2025-30066 | unknown | — | 1.5 | 1y ago | tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading Github Actions Workflow Logs. These secrets may i… | |||
| CVE-2025-24472 | unknown | — | 1.5 | 1y ago | Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests. | |||
| CVE-2025-21590 | unknown | — | 1.5 | 1y ago | Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code. | |||
| CVE-2025-24983 | unknown | — | 1.5 | 1y ago | Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-24984 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a phys… | |||
| CVE-2025-24985 | unknown | — | 1.5 | 1y ago | Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-24991 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally. | |||
| CVE-2025-24993 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-25181 | unknown | — | 1.5 | 1y ago | Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter. | |||
| CVE-2025-22225 | unknown | — | 1.5 | 1y ago | VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of t… | |||
| CVE-2025-22226 | unknown | — | 1.5 | 1y ago | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to… | |||
| CVE-2025-22224 | unknown | — | 1.5 | 1y ago | VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local admi… | |||
| CVE-2025-24989 | unknown | — | 1.5 | 1y ago | Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. | |||
| CVE-2025-0111 | unknown | — | 1.5 | 1y ago | Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interfac… | |||
| CVE-2025-0108 | unknown | — | 1.5 | 1y ago | Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management … | |||
| CVE-2025-24200 | unknown | — | 1.5 | 1y ago | Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device. | |||
| CVE-2025-21391 | unknown | — | 1.5 | 1y ago | Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in t… | |||
| CVE-2025-21418 | unknown | — | 1.5 | 1y ago | Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-0994 | unknown | — | 1.5 | 1y ago | Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Servic… | |||
| CVE-2025-0411 | unknown | — | 1.5 | 1y ago | 7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user. | |||
| CVE-2025-23006 | unknown | — | 1.5 | 1y ago | SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacke… | |||
| CVE-2025-23209 | unknown | — | 1.5 | 1y ago | Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution. | |||
| CVE-2025-21335 | unknown | — | 1.5 | 1y ago | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-21334 | unknown | — | 1.5 | 1y ago | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-37928 | unknown | — | 1.0 | — | In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet a… | |||
| CVE-2025-64459 | unknown | — | 1.0 | 7mo ago | Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. | |||
| CVE-2025-32429 | unknown | — | 1.0 | 11mo ago | XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter | |||
| CVE-2025-50481 | unknown | — | 1.0 | 11mo ago | Mezzanine CMS vulnerable to Cross-site Scripting | |||
| CVE-2025-27533 | unknown | — | 1.0 | 1y ago | Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation | |||
| CVE-2025-1550 | unknown | — | 1.0 | 1y ago | Arbitrary Code Execution via Crafted Keras Config for Model Loading | |||
| CVE-2025-71103 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: fix deferencing ifpc_reglist when not declared On plaforms with an a7xx GPU not supporting IFPC, the ifpc_reglis… | |||
| CVE-2025-71106 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystems_freeze_callback() The freeze_all_ptr check in filesystems_freeze_callback() introduced b… | |||
| CVE-2025-38232 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exports_proc As of now nfsd calls create_proc_exports_entry() at start of init_nfsd … | |||
| CVE-2025-71107 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_put_super() finishes Xfstests generic/335, generic/336 sometimes crash with the… | |||
| CVE-2025-71108 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and th… | |||
| CVE-2025-71109 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 ("MIPS: Tracing: Reduce the … | |||
| CVE-2025-71110 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in defer_free() before accessing freed memory When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kas… | |||
| CVE-2025-71111 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Convert macros to functions to avoid TOCTOU The macro FAN_FROM_REG evaluates its arguments multiple times. When … | |||
| CVE-2025-71112 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configur… | |||
| CVE-2025-71113 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several crypto user API contexts and requests allocated with s… | |||
| CVE-2025-71114 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: via_wdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocate_resource() to reserve a … | |||
| CVE-2025-38176 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfs_evict_inode() Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabled kernel, … | |||
| CVE-2025-71117 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may … | |||
| CVE-2025-71118 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if start_node is NULL Although commit 0c9992315e73 ("ACPICA: Avoid walking the ACPI Namespace… | |||
| CVE-2025-71119 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel imag… | |||
| CVE-2025-71121 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 work… | |||
| CVE-2025-71122 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller found it could overflow math in the test infrastruct… | |||
| CVE-2025-71131 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may… | |||
| CVE-2025-71123 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_options() strscpy_pad() can't be used to copy a non-NUL-term string into a NUL-t… | |||
| CVE-2025-38490 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate page_pool_put_full_page() page_pool_put_full_page() should only be invoked when freeing Rx buffers o… | |||
| CVE-2025-71124 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preempt_prepare_postamble after error check Move the call to preempt_prepare_postamble() after verifying that … | |||
| CVE-2025-71127 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to be sent to the broadcast address, se… | |||
| CVE-2025-71129 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling convent… | |||
| CVE-2025-71141 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() helpers s… | |||
| CVE-2025-71130 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer Initialize the eb.vma array with values of 0 when the eb… | |||
| CVE-2025-71135 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() The variable mddev->private is first assigned … | |||
| CVE-2025-71136 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read(… | |||
| CVE-2025-71137 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size (rx_pending) is not set below the p… | |||
| CVE-2025-71139 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area *** Bug description *** When I tested kexec with the latest kernel, I … | |||
| CVE-2025-71101 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hp_populate_*_elements_from_package() functi… | |||
| CVE-2025-71142 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at … | |||
| CVE-2025-71143 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data wit… | |||
| CVE-2025-71146 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: fix leaked ct in error paths There are some situations where ct might be leaked as error paths are skipp… | |||
| CVE-2025-64486 | unknown | — | — | — | calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesyst… | |||
| CVE-2025-71147 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix a memory leak in tpm2_load_cmd 'tpm2_load_cmd' allocates a tempoary blob indirectly via 'tpm2_key_decode' but … | |||
| CVE-2025-71148 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshake_req_submit() replaces sk->sk_destruct but never restores it when su… | |||
| CVE-2025-71150 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2_SESSIO… | |||
| CVE-2025-71155 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: s390: Fix gmap_helper_zap_one_page() again A few checks were missing in gmap_helper_zap_one_page(), which can lead to memory… | |||
| CVE-2025-71159 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free warning in btrfs_get_or_create_delayed_node() Previously, btrfs_get_or_create_delayed_node() set the de… | |||
| CVE-2025-71153 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix memory leak in get_file_all_info() In get_file_all_info(), if vfs_getattr() fails, the function returns immediately wi… | |||
| CVE-2025-71154 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usb_submit_urb() failure In async_set_registers(), when usb_submit_urb() fails, the allocat… | |||
| CVE-2025-71156 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automatically enabled immediately upon request. T… | |||
| CVE-2025-71157 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() Since nldev_deldev() (introduced by commit 060c642b2ab8 ("R… | |||
| CVE-2025-71158 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel ha… | |||
| CVE-2025-71160 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nft_chain_validate(): wa… | |||
| CVE-2025-71163 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop the reference taken when looking up the idxd device… | |||
| CVE-2025-71180 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQF_NO_THREAD flag An IRQ handler can either be IRQF_NO_THREAD or acquire spinlock_t, as CONFIG_PRO… | |||
| CVE-2025-71181 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rust_binder: remove spin_lock() in rust_shrink_free_page() When forward-porting Rust Binder to 6.18, I neglected to take commit f… | |||
| CVE-2025-71184 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing … | |||
| CVE-2025-71187 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device dur… | |||
| CVE-2025-71192 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_adapter() fails, put_device() is the correct way to d… | |||
| CVE-2025-71194 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type When wait_current_trans() is called during start_tran… | |||
| CVE-2025-71193 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver d… | |||
| CVE-2025-71195 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap max_register The max_register field is assigned the size of the register memory region instea… | |||
| CVE-2025-71196 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe() The "index" variable is used as an index into the usbphyc->phys[] array which has us… | |||
| CVE-2025-71198 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The st_lsm6dsx_acc_channels array of struct iio_chan_… | |||
| CVE-2025-71197 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarms_store The sysfs buffer passed to alarms_store() is allocated with 'size + 1' … | |||
| CVE-2025-71202 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache en… |