CVEs from 2025
Total
8,954
critical
critical 1,368
high
high 2,067
medium
medium 2,068
low
low 204
% Critical
15.3%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 110
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-32701 | unknown | — | 1.5 | 1y ago | Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-32709 | unknown | — | 1.5 | 1y ago | Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator. | |||
| CVE-2025-47729 | unknown | — | 1.5 | 1y ago | TeleMessage TM SGNL contains a hidden functionality vulnerability in which the archiving backend holds cleartext copies of messages from TM SGNL application users. | |||
| CVE-2025-35939 | unknown | — | 1.5 | 1y ago | Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a… | |||
| CVE-2025-34028 | unknown | — | 1.5 | 1y ago | Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code. | |||
| CVE-2025-31324 | unknown | — | 1.5 | 1y ago | SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries. | |||
| CVE-2025-1976 | unknown | — | 1.5 | 1y ago | Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges. | |||
| CVE-2025-42599 | unknown | — | 1.5 | 1y ago | Qualitia Active! Mail contains a stack-based buffer overflow vulnerability that allows a remote, unauthenticated attacker to execute arbitrary or trigger a denial-of-service via a specially crafted r… | |||
| CVE-2025-3928 | unknown | — | 1.5 | 1y ago | Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells. | |||
| CVE-2025-31201 | unknown | — | 1.5 | 1y ago | Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication. | |||
| CVE-2025-31200 | unknown | — | 1.5 | 1y ago | Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file. | |||
| CVE-2025-29824 | unknown | — | 1.5 | 1y ago | Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-31125 | unknown | — | 1.5 | 1y ago | Vite Vitejs contains an improper access control vulnerability that exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the n… | |||
| CVE-2025-30154 | unknown | — | 1.5 | 1y ago | reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs. | |||
| CVE-2025-1316 | unknown | — | 1.5 | 1y ago | Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The… | |||
| CVE-2025-24472 | unknown | — | 1.5 | 1y ago | Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests. | |||
| CVE-2025-30066 | unknown | — | 1.5 | 1y ago | tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading Github Actions Workflow Logs. These secrets may i… | |||
| CVE-2025-21590 | unknown | — | 1.5 | 1y ago | Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code. | |||
| CVE-2025-24984 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a phys… | |||
| CVE-2025-24991 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally. | |||
| CVE-2025-24983 | unknown | — | 1.5 | 1y ago | Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-24993 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-24985 | unknown | — | 1.5 | 1y ago | Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-25181 | unknown | — | 1.5 | 1y ago | Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter. | |||
| CVE-2025-22224 | unknown | — | 1.5 | 1y ago | VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local admi… | |||
| CVE-2025-22225 | unknown | — | 1.5 | 1y ago | VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of t… | |||
| CVE-2025-22226 | unknown | — | 1.5 | 1y ago | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to… | |||
| CVE-2025-24989 | unknown | — | 1.5 | 1y ago | Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. | |||
| CVE-2025-0111 | unknown | — | 1.5 | 1y ago | Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interfac… | |||
| CVE-2025-0108 | unknown | — | 1.5 | 1y ago | Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management … | |||
| CVE-2025-24200 | unknown | — | 1.5 | 1y ago | Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device. | |||
| CVE-2025-21418 | unknown | — | 1.5 | 1y ago | Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-21391 | unknown | — | 1.5 | 1y ago | Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in t… | |||
| CVE-2025-0994 | unknown | — | 1.5 | 1y ago | Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Servic… | |||
| CVE-2025-0411 | unknown | — | 1.5 | 1y ago | 7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user. | |||
| CVE-2025-23006 | unknown | — | 1.5 | 1y ago | SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacke… | |||
| CVE-2025-23209 | unknown | — | 1.5 | 1y ago | Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution. | |||
| CVE-2025-21334 | unknown | — | 1.5 | 1y ago | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-21335 | unknown | — | 1.5 | 1y ago | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-37928 | unknown | — | 1.0 | — | In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet a… | |||
| CVE-2025-64459 | unknown | — | 1.0 | 7mo ago | Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. | |||
| CVE-2025-32429 | unknown | — | 1.0 | 11mo ago | XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter | |||
| CVE-2025-50481 | unknown | — | 1.0 | 11mo ago | Mezzanine CMS vulnerable to Cross-site Scripting | |||
| CVE-2025-27533 | unknown | — | 1.0 | 1y ago | Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation | |||
| CVE-2025-1550 | unknown | — | 1.0 | 1y ago | Arbitrary Code Execution via Crafted Keras Config for Model Loading | |||
| CVE-2025-39809 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-quicki2c: Fix ACPI dsd ICRS/ISUB length The QuickI2C ACPI _DSD methods return ICRS and ISUB data with a… | |||
| CVE-2025-22013 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves th… | |||
| CVE-2025-37798 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it … | |||
| CVE-2025-37808 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq context through af_alg, use spin lock… | |||
| CVE-2025-37824 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() syzbot reported: tipc: Node number set to 1055423674 Oops: general … | |||
| CVE-2025-37844 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to … | |||
| CVE-2025-37834 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follows: Injecting memory failure for pfn 0x18b00e at … | |||
| CVE-2025-37838 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() func… | |||
| CVE-2025-37842 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spi c… | |||
| CVE-2025-26402 | unknown | — | — | — | Protection mechanism failure for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a l… | |||
| CVE-2025-26405 | unknown | — | — | — | Improper control of dynamically-managed code resources for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authentica… | |||
| CVE-2025-32735 | unknown | — | — | — | Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combin… | |||
| CVE-2025-54090 | unknown | — | — | — | A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. | |||
| CVE-2025-59023 | unknown | — | — | — | Crafted delegations or IP fragments can poison cached delegations in Recursor. | |||
| CVE-2025-59029 | unknown | — | — | — | An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY. | |||
| CVE-2025-30192 | unknown | — | — | — | An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spo… | |||
| CVE-2025-59030 | unknown | — | — | — | An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP. | |||
| CVE-2025-59024 | unknown | — | — | — | Crafted delegations or IP fragments can poison cached delegations in Recursor. | |||
| CVE-2025-12441 | unknown | — | — | — | Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2025-38592 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_devcd_dump: fix out-of-bounds via dev_coredumpv Currently both dev_coredumpv and skb_put_data in hci_devcd_dump us… | |||
| CVE-2025-21880 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmm_range_fault() as a non-fatal error when called from xe_vm_… | |||
| CVE-2025-0247 | unknown | — | — | — | Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t… | |||
| CVE-2025-0435 | unknown | — | — | — | Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Hi… | |||
| CVE-2025-0437 | unknown | — | — | — | Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-0445 | unknown | — | — | — | Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-0755 | unknown | — | — | — | The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum… | |||
| CVE-2025-13350 | unknown | — | — | — | Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(),… | |||
| CVE-2025-13633 | unknown | — | — | — | Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted H… | |||
| CVE-2025-13636 | unknown | — | — | — | Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafte… | |||
| CVE-2025-14607 | unknown | — | — | — | A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The… | |||
| CVE-2025-21660 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked When `ksmbd_vfs_kern_path_locked` met an error and it is not t… | |||
| CVE-2025-21670 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vsock/bpf: return early if transport is not assigned Some of the core functions can only be called if the transport has been assi… | |||
| CVE-2025-21673 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCP_Server_Info::hostname When shutting down the server in cifs_put_tcp_session(), cifsd thread m… | |||
| CVE-2025-21681 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to unregistering netdev with carrier Commit in a fixes tag attempted to fix the issue in the follow… | |||
| CVE-2025-21682 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: #… | |||
| CVE-2025-21690 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI w… | |||
| CVE-2025-21706 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only set fullmesh for subflow endp With the in-kernel path-manager, it is possible to change the 'fullmesh' flag. The … | |||
| CVE-2025-21709 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: kernel: be more careful about dup_mmap() failures and uprobe registering If a memory allocation fails during dup_mmap(), the mapl… | |||
| CVE-2025-21718 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is o… | |||
| CVE-2025-21769 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Add .owner to vmclock_miscdev_fops Without the .owner field, the module can be unloaded while /dev/vmclock0 is open… | |||
| CVE-2025-21775 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: ctucanfd: handle skb allocation failure If skb allocation fails, the pointer to struct can_frame is NULL. This is actually h… | |||
| CVE-2025-21797 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Add missing delayed work cancel for headset status The cancel_delayed_work_sync() call was missed, causing a u… | |||
| CVE-2025-21800 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset When bit offset for HWS_SET32 macro is negative, UBSAN complains… | |||
| CVE-2025-21804 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the d… | |||
| CVE-2025-21807 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: fix queue freeze vs limits lock order in sysfs store methods queue_attr_store() always freezes a device queue before calli… | |||
| CVE-2025-21815 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of-bounds warning of (1UL << order) in … | |||
| CVE-2025-21836 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: reallocate buf lists on upgrade IORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it was created… | |||
| CVE-2025-21860 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency when zswap_store_page() fails Commit b7c0ccdfbafd ("mm: zswap: support large folios in zswap_store()"… | |||
| CVE-2025-21872 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we (re)map the entire t… | |||
| CVE-2025-21886 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroy_unused_implicit_child_mr() to prevent hanging during pa… | |||
| CVE-2025-21889 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perf_iterate_ctx() The perf_iterate_ctx() function performs RCU list traversal but cur… | |||
| CVE-2025-21890 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpf_rx_rsc() idpf_rx_rsc() uses skb_transport_offset(skb) while the transport header is not set yet. … | |||
| CVE-2025-21895 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list Syskaller triggers a warning due to prev_epc->pmu != ne… | |||
| CVE-2025-21898 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in function_stat_show() Check whether denominator expression x * (x - 1) * 1000 mod {2^3… | |||
| CVE-2025-21914 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: slimbus: messaging: Free transaction ID in delayed interrupt scenario In case of interrupt delay for any reason, slim_do_transfer… |