31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 201–250 of 1,619 in KEV · page 5 of 33
| ID | Title | Summary |
|---|---|---|
| CVE-2025-24985 | Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability KEVCVSS 7.8Microsoft | Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code loc… |
| CVE-2025-24984 | Microsoft Windows NTFS Information Disclosure Vulnerability KEVCVSS 4.6Microsoft | Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized atta… |
| CVE-2025-24983 | Microsoft Windows Win32k Use-After-Free Vulnerability KEVCVSS 7.0Microsoft | Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. |
| CVE-2025-24893 | XWiki Platform Eval Injection Vulnerability KEVCVSS 9.8XWiki | XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch. |
| CVE-2025-24813 | Apache Tomcat Path Equivalence Vulnerability KEVCVSS 9.8Apache | Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a … |
| CVE-2025-24472 | Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability KEVCVSS 8.1Fortinet | Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF pr… |
| CVE-2025-24201 | Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability KEVCVSS 10.0Apple | Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to bre… |
| CVE-2025-24200 | Apple iOS and iPadOS Incorrect Authorization Vulnerability KEVCVSS 6.1Apple | Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device. |
| CVE-2025-24085 | Apple Multiple Products Use-After-Free Vulnerability KEVCVSS 10.0Apple | Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges. |
| CVE-2025-24054 | Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability KEVCVSS 5.4Microsoft | Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network. |
| CVE-2025-24016 | Wazuh Server Deserialization of Untrusted Data Vulnerability KEVCVSS 9.9Wazuh | Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers. |
| CVE-2025-23209 | Craft CMS Code Injection Vulnerability KEVCVSS 8.1Craft CMS | Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution. |
| CVE-2025-23006 | SonicWall SMA1000 Appliances Deserialization Vulnerability KEVCVSS 9.8SonicWall | SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can … |
| CVE-2025-22457 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability KEVCVSS 9.8Ivanti | Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to ac… |
| CVE-2025-22226 | VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability KEVCVSS 6.0VMware | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an at… |
| CVE-2025-22225 | VMware ESXi Arbitrary Write Vulnerability KEVCVSS 8.2VMware | VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrar… |
| CVE-2025-22224 | VMware ESXi and Workstation TOCTOU Race Condition Vulnerability KEVCVSS 8.2VMware | VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploita… |
| CVE-2025-21590 | Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability KEVCVSS 4.4Juniper | Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to… |
| CVE-2025-21480 | Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability KEVCVSS 8.6Qualcomm | Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execut… |
| CVE-2025-21479 | Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability KEVCVSS 8.6Qualcomm | Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execut… |
| CVE-2025-21418 | Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability KEVCVSS 7.8Microsoft | Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a lo… |
| CVE-2025-21391 | Microsoft Windows Storage Link Following Vulnerability KEVCVSS 7.1Microsoft | Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to dele… |
| CVE-2025-21335 | Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability KEVCVSS 7.8Microsoft | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. |
| CVE-2025-21334 | Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability KEVCVSS 7.8Microsoft | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. |
| CVE-2025-21333 | Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability KEVCVSS 7.8Microsoft | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges. |
| CVE-2025-21043 | Samsung Mobile Devices Out-of-Bounds Write Vulnerability KEVCVSS 9.8Samsung | Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code. |
| CVE-2025-21042 | Samsung Mobile Devices Out-of-Bounds Write Vulnerability KEVCVSS 9.8Samsung | Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbit… |
| CVE-2025-20393 | Cisco Multiple Products Improper Input Validation Vulnerability KEVCVSS 10.0Cisco | Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat a… |
| CVE-2025-20362 | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability KEVCVSS 8.6Cisco | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulner… |
| CVE-2025-20352 | Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability KEVCVSS 7.7Cisco | Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denia… |
| CVE-2025-20337 | Cisco Identity Services Engine Injection Vulnerability KEVCVSS 10.0Cisco | Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supp… |
| CVE-2025-20333 | Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability KEVCVSS 9.9Cisco | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerabilit… |
| CVE-2025-20281 | Cisco Identity Services Engine Injection Vulnerability KEVCVSS 10.0Cisco | Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supp… |
| CVE-2025-1976 | Broadcom Brocade Fabric OS Code Injection Vulnerability KEVCVSS 6.7Broadcom | Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full … |
| CVE-2025-15556 | Notepad++ Download of Code Without Integrity Check Vulnerability KEVCVSS 7.5Notepad++ | Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirec… |
| CVE-2025-14847 | MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability KEVCVSS 7.5MongoDB | MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protocol headers. This vulnerability may allow … |
| CVE-2025-14733 | WatchGuard Firebox Out of Bounds Write Vulnerability KEVCVSS 9.8WatchGuard | WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerability may allow a remote unauthenticated… |
| CVE-2025-14611 | Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability KEVCVSS 9.8Gladinet | Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulnerability degr… |
| CVE-2025-14174 | Google Chromium Out of Bounds Memory Access Vulnerability KEVCVSS 8.8Google | Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a … |
| CVE-2025-13223 | Google Chromium V8 Type Confusion Vulnerability KEVCVSS 8.8Google | Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption. |
| CVE-2025-1316 | Edimax IC-7100 IP Camera OS Command Injection Vulnerability KEVCVSS 9.8Edimax | Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execu… |
| CVE-2025-12480 | Gladinet Triofox Improper Access Control Vulnerability KEVCVSS 9.1Gladinet | Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete. |
| CVE-2025-11953 | React Native Community CLI OS Command Injection Vulnerability KEVCVSS 9.8React Native Community | React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metr… |
| CVE-2025-11371 | Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability KEVCVSS 7.5Gladinet | Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allows unintended disclosure of system files. |
| CVE-2025-10585 | Google Chromium V8 Type Confusion Vulnerability KEVCVSS 9.8Google | Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine. |
| CVE-2025-10035 | Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability KEVCVSS 9.8Fortra | Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserializ… |
| CVE-2025-0994 | Trimble Cityworks Deserialization Vulnerability KEVCVSS 8.8Trimble | Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer… |
| CVE-2025-0411 | 7-Zip Mark of the Web Bypass Vulnerability KEVCVSS 7.07-Zip | 7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary co… |
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability KEVCVSS 9.0Ivanti | Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution. |
| CVE-2025-0111 | Palo Alto Networks PAN-OS File Read Vulnerability KEVCVSS 6.5Palo Alto Networks | Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with netwo… |