Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46386 | 2025-08-06 | N/A | N/A | ||
| CWE-639 Authorization Bypass Through User-Controlled Key | |||||
| CVE-2025-46389 | 2025-08-06 | N/A | N/A | ||
| CWE-620: Unverified Password Change | |||||
| CVE-2025-46391 | 2025-08-06 | N/A | N/A | ||
| CWE-284: Improper Access Control | |||||
| CVE-2025-46387 | 2025-08-06 | N/A | N/A | ||
| CWE-639 Authorization Bypass Through User-Controlled Key | |||||
| CVE-2025-22470 | 2025-08-06 | N/A | N/A | ||
| CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow crafted dangerous files to be uploaded. An arbitrary Lua script may be executed on the system with the root privilege. | |||||
| CVE-2025-22469 | 2025-08-06 | N/A | N/A | ||
| OS command injection vulnerability exists in CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1. An arbitrary OS command may be executed on the system with a certain non-administrative user privilege. | |||||
| CVE-2025-7771 | 2025-08-06 | N/A | N/A | ||
| ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions. | |||||
| CVE-2025-6013 | 2025-08-06 | N/A | N/A | ||
| Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24. | |||||
| CVE-2025-7202 | 2025-08-06 | N/A | N/A | ||
| A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an attacker to host a malicious webpage that remotely controlles the victim's lights. | |||||
| CVE-2025-8556 | 2025-08-06 | N/A | 3.7 LOW | ||
| A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange. | |||||
| CVE-2025-21464 | 2025-08-06 | N/A | 6.5 MEDIUM | ||
| Information disclosure while reading data from an image using specified offset and size parameters. | |||||
| CVE-2025-21452 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network. | |||||
| CVE-2025-21477 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Transient DOS while processing CCCH data when NW sends data with invalid length. | |||||
| CVE-2025-27066 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Transient DOS while processing an ANQP message. | |||||
| CVE-2025-27062 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption while handling client exceptions, allowing unauthorized channel access. | |||||
| CVE-2025-21456 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. | |||||
| CVE-2025-21455 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption while submitting blob data to kernel space though IOCTL. | |||||
| CVE-2025-27073 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Transient DOS while creating NDP instance. | |||||
| CVE-2025-27065 | 2025-08-06 | N/A | 7.5 HIGH | ||
| Transient DOS while processing a frame with malformed shared-key descriptor. | |||||
| CVE-2025-21465 | 2025-08-06 | N/A | 6.5 MEDIUM | ||
| Information disclosure while processing the hash segment in an MBN file. | |||||