Filter and search through 197,526 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-59432 | ### Impact A timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because `Arrays.equals` was used to compare secret... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-59427 | ### Summary Note: [originally posted on H1](https://hackerone.com/reports/3117837) but closed. Cross-posting over to here in abundance of caution ins... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-59421 | Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). A bad actor ca... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-5942 | Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59419 | ### Summary An SMTP Command Injection (CRLF Injection) vulnerability in Netty's SMTP codec allows a remote attacker who can control SMTP command param... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-59416 | The Scratch Channel is a news website. If the user makes a fork, they can change the admins and make an article. Since the API uses a POST request, it... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-5941 | Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor could trigger a memory leak by sending a crafted DNS pa... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59396 | The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 with the readwrite passwo... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-59387 | An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery Service). The remote attackers can then exploit the vulner... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59373 | A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivil... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59372 | A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to writ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59371 | An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vuln... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59370 | A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially exec... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59369 | A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59368 | An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted reque... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59367 | An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59366 | An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality,... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59365 | A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sendin... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-59343 | ### Impact v3.1.0, v2.1.3, v1.16.5 and below ### Patches Has been patched in 3.1.1, 2.1.4, and 1.16.6 ### Workarounds You can use the ignore option... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-59342 | ## Summary A path-traversal flaw in the handling of the `X-Zone-Id` HTTP header allows an attacker to cause the application to write files outside th... | 0.0 | 0 | Neutral | Yes | Yes |