17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 13151-13200 of 17282 CVEs Page 264 of 346
CVE-2025-41249
7.5
Spring Multiple Products

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized supe...

2025-09-16
CVE-2025-41248
7.5
Spring Multiple Products

The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super...

2025-09-16
CVE-2025-41246
Analyzed
7.6
Microsoft Multiple Products

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls

2025-09-29
CVE-2025-41244
KEV Analyzed
7.8
VMware Multiple Products

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability

2025-09-29
CVE-2025-41243
Analyzed
10
Intel Multiple Products

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable whe...

2025-09-16
CVE-2025-41240
Analyzed
10
Kubernetes Multiple Products

Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document ro...

2025-07-25
CVE-2025-41239
7.1
VMware Multiple Products

VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSo...

2025-07-15
CVE-2025-41238
Analyzed
9.3
VMware Multiple Products

VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bou...

2025-07-15
CVE-2025-41237
Analyzed
9.3
VMware Multiple Products

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds wri...

2025-07-15
CVE-2025-41236
Analyzed
9.3
VMware Multiple Products

VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local ad...

2025-07-15
CVE-2025-41224
8.8
Unknown Multiple Products

A vulnerability has been identified in RUGGEDCOM RMC8388 V5

2025-07-10
CVE-2025-41118
Analyzed
9.1
Unknown Multiple Products

Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage (COS...

2026-04-16
CVE-2025-41115
Analyzed
10
Unknown Multiple Products

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by in...

2025-11-22
CVE-2025-41075
7.5
LimeSurvey Multiple Products

Vulnerability in LimeSurvey 6

2025-11-22
CVE-2025-41074
7.5
LimeSurvey Multiple Products

Vulnerability in LimeSurvey 6

2025-11-22
CVE-2025-41068
7.5
Reachable Assertion Multiple Products

Reachable Assertion vulnerability in Open5GS up to version 2

2025-10-28
CVE-2025-41067
7.5
Reachable Assertion Multiple Products

Reachable Assertion vulnerability in Open5GS up to version 2

2025-10-28
CVE-2025-41034
Analyzed
9.8
Unknown Multiple Products

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the...

2025-09-04
CVE-2025-41033
Analyzed
9.8
Intel Multiple Products

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the...

2025-09-04
CVE-2025-41032
Analyzed
9.8
Intel Multiple Products

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the...

2025-09-04
CVE-2025-41015
7.5
Unknown Multiple Products

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304

2025-12-03
CVE-2025-41014
7.5
Unknown Multiple Products

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304

2025-12-03
CVE-2025-41013
Analyzed
9.8
Unknown Multiple Products

SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databa...

2025-12-04
CVE-2025-40949
Analyzed
9.1
Unknown Multiple Products

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX R...

2026-05-13
CVE-2025-40946
8.3
SUSE them to

A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6

2026-05-13
CVE-2025-40943
Analyzed
9.6
Unknown Multiple Products

Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering a legitimate...

2026-03-11
CVE-2025-40942
8.8
TeleControl Multiple Products

A vulnerability has been identified in TeleControl Server Basic (All versions < V3

2026-01-14
CVE-2025-40938
8.1
SIMATIC Multiple Products

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4

2025-12-10
CVE-2025-40937
8.3
SIMATIC Multiple Products

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4

2025-12-10
CVE-2025-40936
7.8
Unknown Multiple Products

A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29

2025-11-18
CVE-2025-40933
7.5
Apache Multiple Products

Apache::AuthAny::Cookie v0

2025-09-17
CVE-2025-40932
8.2
Apache Multiple Products

Apache::SessionX versions through 2

2026-02-28
CVE-2025-40930
Analyzed
7.5
Unknown Multiple Products

JSON::SIMD before version 1

2025-09-08
CVE-2025-40928
Analyzed
7.5
Unknown Multiple Products

JSON::XS before version 4

2025-09-08
CVE-2025-40927
Analyzed
7.3
Unknown Multiple Products

CGI::Simple versions before 1

2025-08-29
CVE-2025-40926
Analyzed
9.8
Perl (CPAN) Plack::Middleware::Session::Simple

Plack::Middleware::Session::Simple for Perl generates session IDs insecurely using predictable seeds. This allows attackers to guess session IDs and h...

2026-03-06
CVE-2025-40923
7.3
Unknown Multiple Products

Plack-Middleware-Session before version 0

2025-07-16
CVE-2025-40920
8.6
HTTP Multiple Products

Catalyst::Authentication::Credential::HTTP versions 1

2025-08-11
CVE-2025-40899
8.9
Infor Multiple Products

A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter

2026-04-16
CVE-2025-40898
8.1
Unknown Multiple Products

A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file

2025-12-20
CVE-2025-40897
Analyzed
8.1
Intel Multiple Products

An access control vulnerability was discovered in the Threat Intelligence functionality due to a specific access restriction not being properly enforc...

2026-04-16
CVE-2025-40892
8.9
Stored Multiple Products

A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to improper validation of an input parameter

2025-12-19
CVE-2025-40890
7.9
Stored Multiple Products

A Stored Cross-Site Scripting vulnerability was discovered in the Dashboards functionality due to improper validation of an input parameter

2025-11-26
CVE-2025-40889
8.1
Unknown Multiple Products

A path traversal vulnerability was discovered in the Time Machine functionality due to missing validation of two input parameters

2025-10-07
CVE-2025-40886
7.5
Unknown Multiple Products

A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter

2025-10-07
CVE-2025-40829
7.8
Unknown Multiple Products

A vulnerability has been identified in Simcenter Femap (All versions < V2512)

2025-12-13
CVE-2025-40827
7.8
Unknown Multiple Products

A vulnerability has been identified in Siemens Software Center (All versions < V3

2025-11-13
CVE-2025-40820
7.5
Unknown Multiple Products

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range

2025-12-11
CVE-2025-40816
7.6
Unknown Multiple Products

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO!...

2025-11-13
CVE-2025-40812
7.8
Unknown Multiple Products

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224

2025-10-14