Filter and search through 197,481 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-59098 | The Access Manager is offering a trace functionality to debug errors and issues with the device. The trace functionality is implemented as a simple TC... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-59097 | The exos 9300 application can be used to configure Access Managers (e.g. 92xx, 9230 and 9290). The configuration is done in a graphical user interface... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59096 | The default password for the extended admin user mode in the application U9ExosAdmin.exe ("Kaba 9300 Administration") is hard-coded in multiple locati... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59095 | The program libraries (DLL) and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59094 | A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe). Within this applica... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59093 | Exos 9300 instances are using a randomly generated database password to connect to the configured MSSQL server. The password is derived from static ra... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59092 | An RPC service, which is part of exos 9300, is reachable on port 4000, run by the process FSMobilePhoneInterface.exe. This service is used for interpr... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59091 | Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. Thi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59090 | On the exos 9300 server, a SOAP API is reachable on port 8002. This API does not require any authentication prior to sending requests. Therefore, netw... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59054 | dstack is a software development kit (SDK) to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59052 | ### Impact Angular uses a DI container (the "platform injector") to hold request-specific state during server-side rendering. For historical reasons,... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-59051 | The FreePBX Endpoint Manager module includes a Network Scanning feature that provides web-based access to nmap functionality for network device discov... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59047 | In matrix-sdk-base before 0.14.1, calling the `RoomMember::normalized_power_level()` method can cause a panic if a room member has a power level of `I... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-59045 | Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalw... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59042 | ### Impact Due to a special entry being appended to `sys.path` during the bootstrap process of a PyInstaller-frozen application, and due to the boots... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-59039 | ### Impact Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware detailed in the blog post below. This includes the ex... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59038 | ### Impact NPM users of prebid 10.9.2. The malicious code attempts to redirect crypto transactions on the site to the attackers' wallet. ### Patches ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-59037 | The DuckDB distribution for [Node.js](http://node.js/) on [npm](https://www.npmjs.com/) was compromised with malware (along with [several other packag... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-58912 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-58911 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |