17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 13801-13850 of 17282 CVEs Page 277 of 346
CVE-2025-25737
Analyzed
9.8
Intel Multiple Products

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password...

2025-08-27
CVE-2025-25736
Analyzed
9.8
Google Multiple Products

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-install...

2025-08-27
CVE-2025-25735
7.5
Kapsch Multiple Products

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3

2025-08-27
CVE-2025-25734
Analyzed
9.8
Kapsch TrafficCom Multiple Products

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthentic...

2025-08-27
CVE-2025-25613
7.5
Inc Multiple Products

FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless

2025-11-22
CVE-2025-25364
8.4
Unknown Multiple Products

A command injection vulnerability in the me

2025-12-24
CVE-2025-25341
Analyzed
7.5
Intel Multiple Products

A vulnerability exists in the libxmljs 1

2025-12-27
CVE-2025-25278
8.4
OpenHarmony Multiple Products

in OpenHarmony v5

2025-08-11
CVE-2025-25273
7.8
Intel Multiple Products

Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2

2025-08-12
CVE-2025-25271
8.8
Unknown Multiple Products

An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface

2025-07-10
CVE-2025-25269
8.4
Unknown Multiple Products

An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation

2025-07-10
CVE-2025-25268
8.8
Unknown Multiple Products

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due t...

2025-07-08
CVE-2025-25257
KEV Analyzed
9.8
Fortinet Multiple Products

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 thro...

2025-07-17
CVE-2025-25256
Analyzed
9.8
Fortinet Multiple Products

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3...

2025-08-12
CVE-2025-25249
Analyzed
8.1
Apple Multiple Products

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7

2026-01-14
CVE-2025-25235
Analyzed
8.6
Unknown Multiple Products

Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SEG) in SEG prior to 2

2025-08-11
CVE-2025-25231
Analyzed
7.5
Omnissa Multiple Products

Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability

2025-08-11
CVE-2025-2523
Analyzed
9.4
Unknown Multiple Products

The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An att...

2025-07-11
CVE-2025-25214
8.8
Unknown Multiple Products

A race condition vulnerability exists in the aVideoEncoder

2025-07-25
CVE-2025-25210
8.2
Unknown Multiple Products

Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16

2026-02-11
CVE-2025-2521
8.6
Unknown Multiple Products

The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access (CDA)

2025-07-11
CVE-2025-2520
7.5
Honeywell Multiple Products

The Honeywell Experion PKS contains an Uninitialized Variable in the common Epic Platform Analyzer (EPA) communications

2025-07-11
CVE-2025-25180
7.8
Software Multiple Products

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory page...

2025-07-14
CVE-2025-25174
Analyzed
10
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in beeteam368 BeeTeam368 Extensi...

2025-08-14
CVE-2025-25172
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in beeteam368 VidMov allows PHP...

2025-08-14
CVE-2025-2515
7.2
Unknown Multiple Products

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS

2025-12-26
CVE-2025-25018
8.7
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)

2025-10-10
CVE-2025-25017
8.2
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation in Kibana can lead to Cross-Site Scripting (XSS)

2025-10-10
CVE-2025-25011
7
Unknown Multiple Products

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions

2025-07-30
CVE-2025-25009
8.7
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload

2025-10-07
CVE-2025-24999
8.8
Unknown Multiple Products

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network

2025-08-12
CVE-2025-24990
KEV Analyzed
7.8
Microsoft Multiple Products

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems

2025-10-14
CVE-2025-24975
7.1
Unknown Multiple Products

Firebird is a relational database

2025-08-17
CVE-2025-24893
KEV
9.5
XWiki Platform

XWiki Platform Eval Injection Vulnerability - Active in CISA KEV catalog.

2025-10-30
CVE-2025-24857
7.6
Unknown Multiple Products

Improper access control for volatile memory containing boot code in Universal Boot Loader (U-Boot) before 2017

2025-12-11
CVE-2025-24853
Analyzed
7.5
Intel Multiple Products

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the vi...

2025-07-31
CVE-2025-24838
8.8
Intel Multiple Products

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2

2025-11-13
CVE-2025-24818
8
Arch application

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in L...

2026-04-08
CVE-2025-24817
8
Nokia Multiple Products

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in S...

2026-04-09
CVE-2025-24815
Analyzed
7.8
Nokia MantaRay NM

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation

2026-07-01
CVE-2025-24780
8.5
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designe...

2025-07-06
CVE-2025-24779
8.8
Deserialization Multiple Products

Deserialization of Untrusted Data vulnerability in NooTheme Yogi allows Object Injection

2025-07-16
CVE-2025-24777
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in awethemes Hillter allows Object Injection

2025-07-16
CVE-2025-24775
Analyzed
9.9
HP Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a Web Shell to a Web Server. This issue affects Forms:...

2025-08-14
CVE-2025-24766
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Royal Themes News Magazine...

2025-08-14
CVE-2025-24759
Analyzed
9.3
WordPress Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CMSJunkie - WordPress Business Directory Plugins...

2025-07-16
CVE-2025-24748
8.5
LambertGroup Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup All In One Slider Responsive allows...

2025-07-05
CVE-2025-24528
7.1
MIT Multiple Products

In MIT Kerberos 5 (aka krb5) before 1

2026-01-18
CVE-2025-24525
Analyzed
7.5
Keysight Multiple Products

Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the dev...

2025-10-01
CVE-2025-24496
7.5
Tenda Multiple Products

An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5

2025-08-20