CVEs Archive - Page 2 of 22

CVE-2024-37079 — Broadcom VMware vCenter Server — Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

CISA KEV•CVE-2024-37079•Broadcom VMware vCenter Server• January 23, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-13

Details NVD

CVE-2025-54313 — Prettier eslint-config-prettier — Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

CISA KEV•CVE-2025-54313•Prettier eslint-config-prettier• January 22, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-12

Details NVD

CVE-2025-31125 — Vite Vitejs — Vite Vitejs Improper Access Control Vulnerability

CISA KEV•CVE-2025-31125•Vite Vitejs• January 22, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-12

Details NVD

CVE-2025-34026 — Versa Concerto — Versa Concerto Improper Authentication Vulnerability

CISA KEV•CVE-2025-34026•Versa Concerto• January 22, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-12

Details NVD

CVE-2025-68645 — Synacor Zimbra Collaboration Suite (ZCS) — Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

CISA KEV•CVE-2025-68645•Synacor Zimbra Collaboration Suite (ZCS)• January 22, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-12

Details NVD

CVE-2026-20045 — Cisco Unified Communications Manager — Cisco Unified Communications Products Code Injection Vulnerability

CISA KEV•CVE-2026-20045•Cisco Unified Communications Manager• January 21, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-11

Details NVD

CVE-2026-20805 — Microsoft Windows — Microsoft Windows Information Disclosure Vulnerability

CISA KEV•CVE-2026-20805•Microsoft Windows• January 13, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-03

Details NVD

CVE-2025-8110 — Gogs Gogs — Gogs Path Traversal Vulnerability

CISA KEV•CVE-2025-8110•Gogs Gogs• January 12, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-02-02

Details NVD

CVE-2025-37164 — Hewlett Packard (HP) OneView — Hewlett Packard Enterprise OneView Code Injection Vulnerability

CISA KEV•CVE-2025-37164•Hewlett Packard (HP) OneView• January 7, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-28

Details NVD

CVE-2009-0556 — Microsoft Office — Microsoft Office PowerPoint Code Injection Vulnerability

CISA KEV•CVE-2009-0556•Microsoft Office• January 7, 2026

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-28

Details NVD

CVE-2025-14847 — MongoDB MongoDB and MongoDB Server — MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability

CISA KEV•CVE-2025-14847•MongoDB MongoDB and MongoDB Server• December 29, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-19

Details NVD

CVE-2023-52163 — Digiever DS-2105 Pro — Digiever DS-2105 Pro Missing Authorization Vulnerability

CISA KEV•CVE-2023-52163•Digiever DS-2105 Pro• December 22, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-12

Details NVD

CVE-2025-14733 — WatchGuard Firebox — WatchGuard Firebox Out of Bounds Write Vulnerability

CISA KEV•CVE-2025-14733•WatchGuard Firebox• December 19, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-26

Details NVD

CVE-2025-20393 — Cisco Multiple Products — Cisco Multiple Products Improper Input Validation Vulnerability

CISA KEV•CVE-2025-20393•Cisco Multiple Products• December 17, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-24

Details NVD

CVE-2025-40602 — SonicWall SMA1000 appliance — SonicWall SMA1000 Missing Authorization Vulnerability

CISA KEV•CVE-2025-40602•SonicWall SMA1000 appliance• December 17, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable

Due: 2025-12-24

Details NVD

CVE-2025-59374 — ASUS Live Update — ASUS Live Update Embedded Malicious Code Vulnerability

CISA KEV•CVE-2025-59374•ASUS Live Update• December 17, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-07

Details NVD

CVE-2025-59718 — Fortinet Multiple Products — Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability

CISA KEV•CVE-2025-59718•Fortinet Multiple Products• December 16, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-23

Details NVD

CVE-2025-43529 — Apple Multiple Products — Apple Multiple Products Use-After-Free WebKit Vulnerability

CISA KEV•CVE-2025-43529•Apple Multiple Products• December 15, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-05

Details NVD

CVE-2025-14611 — Gladinet CentreStack and Triofox — Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability

CISA KEV•CVE-2025-14611•Gladinet CentreStack and Triofox• December 15, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-05

Details NVD

CVE-2025-14174 — Google Chromium — Google Chromium Out of Bounds Memory Access Vulnerability

CISA KEV•CVE-2025-14174•Google Chromium• December 12, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-02

Details NVD

CVE-2018-4063 — Sierra Wireless AirLink ALEOS — Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability

CISA KEV•CVE-2018-4063•Sierra Wireless AirLink ALEOS• December 12, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-02

Details NVD

CVE-2025-58360 — OSGeo GeoServer — OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability

CISA KEV•CVE-2025-58360•OSGeo GeoServer• December 11, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-01

Details NVD

CVE-2025-62221 — Microsoft Windows — Microsoft Windows Use After Free Vulnerability

CISA KEV•CVE-2025-62221•Microsoft Windows• December 9, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-30

Details NVD

CVE-2025-6218 — RARLAB WinRAR — RARLAB WinRAR Path Traversal Vulnerability

CISA KEV•CVE-2025-6218•RARLAB WinRAR• December 9, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-30

Details NVD

« 1 2 3 4 … 10 »