Search
Search Results (344184 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68695 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68694 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68693 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68692 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68691 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68690 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68689 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68688 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68687 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-8415 | 1 Redhat | 1 Cryostat | 2025-12-23 | 5.9 Medium |
| A vulnerability was found in the Cryostat HTTP API. Cryostat's HTTP API binds to all network interfaces, allowing possible external visibility and access to the API port if Network Policies are disabled, allowing an unauthenticated, malicious attacker to jeopardize the environment. | ||||
| CVE-2025-8304 | 2 Checkpoint, Microsoft | 2 Identity Agent, Windows | 2025-12-23 | 6.5 Medium |
| An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being accessible in the Windows Registry keys for Check Point Identity Agent running on a Terminal Server. | ||||
| CVE-2025-61739 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets. | ||||
| CVE-2025-61738 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network. | ||||
| CVE-2025-8305 | 1 Checkpoint | 1 Identity Agent | 2025-12-23 | 6.5 Medium |
| An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files. | ||||
| CVE-2025-26379 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets. | ||||
| CVE-2025-61740 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device. | ||||
| CVE-2022-50690 | 1 Wondershare | 1 Mirrorgo | 2025-12-23 | 8.4 High |
| Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges. | ||||
| CVE-2025-68480 | 1 Marshmallow Project | 1 Marshmallow | 2025-12-23 | 5.3 Medium |
| Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2. | ||||
| CVE-2023-52210 | 2 Tychesoftwares, Wordpress | 2 Product Delivery Date For Woocommerce Lite, Wordpress | 2025-12-23 | 5.3 Medium |
| Vulnerability in Tyche softwares Product Delivery Date for WooCommerce – Lite.This issue affects Product Delivery Date for WooCommerce – Lite: from n/a through 2.7.0. | ||||
| CVE-2025-7738 | 1 Redhat | 2 Ansible Automation Platform, Ansible Automation Platform Developer | 2025-12-23 | 4.4 Medium |
| A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse. | ||||