CVEs Archive - Page 2 of 17

CVE-2025-2747 — Kentico Xperience CMS — Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability

CISA KEV•CVE-2025-2747•Kentico Xperience CMS• October 20, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-10

Details NVD

CVE-2025-2746 — Kentico Xperience CMS — Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability

CISA KEV•CVE-2025-2746•Kentico Xperience CMS• October 20, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-10

Details NVD

CVE-2022-48503 — Apple Multiple Products — Apple Multiple Products Unspecified Vulnerability

CISA KEV•CVE-2022-48503•Apple Multiple Products• October 20, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-10

Details NVD

CVE-2025-54253 — Adobe Experience Manager (AEM) Forms — Adobe Experience Manager Forms Code Execution Vulnerability

CISA KEV•CVE-2025-54253•Adobe Experience Manager (AEM) Forms• October 16, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-06

Details NVD

CVE-2016-7836 — SKYSEA Client View — SKYSEA Client View Improper Authentication Vulnerability

CISA KEV•CVE-2016-7836•SKYSEA Client View• October 14, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-04

Details NVD

CVE-2025-6264 — Rapid7 Velociraptor — Rapid7 Velociraptor Incorrect Default Permissions Vulnerability

CISA KEV•CVE-2025-6264•Rapid7 Velociraptor• October 14, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-04

Details NVD

CVE-2025-59230 — Microsoft Windows — Microsoft Windows Improper Access Control Vulnerability

CISA KEV•CVE-2025-59230•Microsoft Windows• October 14, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-04

Details NVD

CVE-2025-24990 — Microsoft Windows — Microsoft Windows Untrusted Pointer Dereference Vulnerability

CISA KEV•CVE-2025-24990•Microsoft Windows• October 14, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-04

Details NVD

CVE-2025-47827 — IGEL IGEL OS — IGEL OS Use of a Key Past its Expiration Date Vulnerability

CISA KEV•CVE-2025-47827•IGEL IGEL OS• October 14, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-04

Details NVD

CVE-2021-43798 — Grafana Labs Grafana — Grafana Path Traversal Vulnerability

CISA KEV•CVE-2021-43798•Grafana Labs Grafana• October 9, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-30

Details NVD

CVE-2025-27915 — Synacor Zimbra Collaboration Suite (ZCS) — Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

CISA KEV•CVE-2025-27915•Synacor Zimbra Collaboration Suite (ZCS)• October 7, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-28

Details NVD

CVE-2025-61882 — Oracle E-Business Suite — Oracle E-Business Suite Unspecified Vulnerability

CISA KEV•CVE-2025-61882•Oracle E-Business Suite• October 7, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-28

Details NVD

CVE-2010-3765 — Mozilla Multiple Products — Mozilla Multiple Products Remote Code Execution Vulnerability

CISA KEV•CVE-2010-3765•Mozilla Multiple Products• October 6, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-27

Details NVD

CVE-2011-3402 — Microsoft Windows — Microsoft Windows Remote Code Execution Vulnerability

CISA KEV•CVE-2011-3402•Microsoft Windows• October 6, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-27

Details NVD

CVE-2013-3918 — Microsoft Windows — Microsoft Windows Out-of-Bounds Write Vulnerability

CISA KEV•CVE-2013-3918•Microsoft Windows• October 6, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-27

Details NVD

CVE-2021-43226 — Microsoft Windows — Microsoft Windows Privilege Escalation Vulnerability

CISA KEV•CVE-2021-43226•Microsoft Windows• October 6, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-27

Details NVD

CVE-2010-3962 — Microsoft Internet Explorer — Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability

CISA KEV•CVE-2010-3962•Microsoft Internet Explorer• October 6, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-27

Details NVD

CVE-2021-22555 — Linux Kernel — Linux Kernel Heap Out-of-Bounds Write Vulnerability

CISA KEV•CVE-2021-22555•Linux Kernel• October 6, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-27

Details NVD

CVE-2025-4008 — Smartbedded Meteobridge — Smartbedded Meteobridge Command Injection Vulnerability

CISA KEV•CVE-2025-4008•Smartbedded Meteobridge• October 2, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-23

Details NVD

CVE-2025-21043 — Samsung Mobile Devices — Samsung Mobile Devices Out-of-Bounds Write Vulnerability

CISA KEV•CVE-2025-21043•Samsung Mobile Devices• October 2, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-23

Details NVD

CVE-2015-7755 — Juniper ScreenOS — Juniper ScreenOS Improper Authentication Vulnerability

CISA KEV•CVE-2015-7755•Juniper ScreenOS• October 2, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-23

Details NVD

CVE-2017-1000353 — Jenkins Jenkins — Jenkins Remote Code Execution Vulnerability

CISA KEV•CVE-2017-1000353•Jenkins Jenkins• October 2, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-23

Details NVD

CVE-2014-6278 — GNU GNU Bash — GNU Bash OS Command Injection Vulnerability

CISA KEV•CVE-2014-6278•GNU GNU Bash• October 2, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-23

Details NVD

CVE-2021-21311 — Adminer Adminer — Adminer Server-Side Request Forgery Vulnerability

CISA KEV•CVE-2021-21311•Adminer Adminer• September 29, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-10-20

Details NVD

« 1 2 3 4 … 8 »