Filter and search through 198,040 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-64328 | Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authentication command injection by an aut... | 0.0 | 0 | Neutral | Yes |
| No |
| CVE-2025-64304 | "FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64185 | Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, Open OnDemand packages create world writable locations in the GEM_PATH... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64178 | ### Impact The `/api/images/cache` which is used to download media posters from the server accepted an `url` parameter, which was directly passed to t... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64174 | ### Summary OpenMage versions v20.15.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64171 | ## Summary Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64162 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64161 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64160 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64159 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64158 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64151 | Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with unquoted file paths. A user with the write permission... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64125 | A vulnerability in Nuvation Energy nCloud VPN Service allowed Network Boundary Bridging.This issue affected the nCloud VPN Service and was fixed on 20... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64124 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MS... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64123 | A vulnerability in Nuvation Energy nCloud VPN Service allowed Network Boundary Bridging.This issue affected the nCloud VPN Service and was fixed on 20... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64122 | Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Signature Spoofing by Key Theft.This issue a... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64121 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Authentication Bypass.Th... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64120 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MS... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64119 | A vulnerability in Nuvation Battery Management System allows Authentication Bypass.This issue affects Battery Management System: through 2.3.9. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64118 | ### Summary Using `.t` (aka `.list`) with `{ sync: true }` to read tar entry contents returns uninitialized memory contents if tar file was changed o... | 0.0 | 0 | Neutral | No | Yes |