Filter and search through 198,015 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-6443 | Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on a... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-64389 | The web server of the device performs exchanges of sensitive information in clear text through an insecure protocol. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64388 | Denial of service of the web server through specific requests to this protocol | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64387 | The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64386 | The equipment grants a JWT token for each connection in the timeline, but during an active valid session, a hijacking of the token can be done. This w... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64385 | The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the web server or with the manufacturer’s software. Using... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6438 | CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause manipulation of SOAP API calls and XML external e... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64346 | ### Impact A malicious user could feed a specially crafted archive to this library causing RCE, modification of files or other bad things in the cont... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64342 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. When the ESP32 is in advertising mode, if it receives a connection request co... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64328 | Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authentication command injection by an aut... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-64304 | "FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64185 | Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, Open OnDemand packages create world writable locations in the GEM_PATH... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64178 | ### Impact The `/api/images/cache` which is used to download media posters from the server accepted an `url` parameter, which was directly passed to t... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64174 | ### Summary OpenMage versions v20.15.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64171 | ## Summary Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64162 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64161 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64160 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64159 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64158 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |