CVEs Archive - Page 6 of 30

CVE-2025-59718 — Fortinet Multiple Products — Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability

CISA KEV•CVE-2025-59718•Fortinet Multiple Products• December 16, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-23

Details NVD

CVE-2025-43529 — Apple Multiple Products — Apple Multiple Products Use-After-Free WebKit Vulnerability

CISA KEV•CVE-2025-43529•Apple Multiple Products• December 15, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-05

Details NVD

CVE-2025-14611 — Gladinet CentreStack and Triofox — Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability

CISA KEV•CVE-2025-14611•Gladinet CentreStack and Triofox• December 15, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-05

Details NVD

CVE-2025-14174 — Google Chromium — Google Chromium Out of Bounds Memory Access Vulnerability

CISA KEV•CVE-2025-14174•Google Chromium• December 12, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-02

Details NVD

CVE-2018-4063 — Sierra Wireless AirLink ALEOS — Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability

CISA KEV•CVE-2018-4063•Sierra Wireless AirLink ALEOS• December 12, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-02

Details NVD

CVE-2025-58360 — OSGeo GeoServer — OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability

CISA KEV•CVE-2025-58360•OSGeo GeoServer• December 11, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2026-01-01

Details NVD

CVE-2025-62221 — Microsoft Windows — Microsoft Windows Use After Free Vulnerability

CISA KEV•CVE-2025-62221•Microsoft Windows• December 9, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-30

Details NVD

CVE-2025-6218 — RARLAB WinRAR — RARLAB WinRAR Path Traversal Vulnerability

CISA KEV•CVE-2025-6218•RARLAB WinRAR• December 9, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-30

Details NVD

CVE-2025-66644 — Array Networks ArrayOS AG — Array Networks ArrayOS AG OS Command Injection Vulnerability

CISA KEV•CVE-2025-66644•Array Networks ArrayOS AG• December 8, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-29

Details NVD

CVE-2022-37055 — D-Link Routers — D-Link Routers Buffer Overflow Vulnerability

CISA KEV•CVE-2022-37055•D-Link Routers• December 8, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-29

Details NVD

CVE-2025-55182 — Meta React Server Components — Meta React Server Components Remote Code Execution Vulnerability

CISA KEV•CVE-2025-55182•Meta React Server Components• December 5, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-26

Details NVD

CVE-2021-26828 — OpenPLC ScadaBR — OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

CISA KEV•CVE-2021-26828•OpenPLC ScadaBR• December 3, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-24

Details NVD

CVE-2025-48572 — Android Framework — Android Framework Privilege Escalation Vulnerability

CISA KEV•CVE-2025-48572•Android Framework• December 2, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-23

Details NVD

CVE-2025-48633 — Android Framework — Android Framework Information Disclosure Vulnerability

CISA KEV•CVE-2025-48633•Android Framework• December 2, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-23

Details NVD

CVE-2021-26829 — OpenPLC ScadaBR — OpenPLC ScadaBR Cross-site Scripting Vulnerability

CISA KEV•CVE-2021-26829•OpenPLC ScadaBR• November 28, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-19

Details NVD

CVE-2025-61757 — Oracle Fusion Middleware — Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability

CISA KEV•CVE-2025-61757•Oracle Fusion Middleware• November 21, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-12

Details NVD

CVE-2025-13223 — Google Chromium V8 — Google Chromium V8 Type Confusion Vulnerability

CISA KEV•CVE-2025-13223•Google Chromium V8• November 19, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-10

Details NVD

CVE-2025-58034 — Fortinet FortiWeb — Fortinet FortiWeb OS Command Code Injection Vulnerability

CISA KEV•CVE-2025-58034•Fortinet FortiWeb• November 18, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-25

Details NVD

CVE-2025-64446 — Fortinet FortiWeb — Fortinet FortiWeb Path Traversal Vulnerability

CISA KEV•CVE-2025-64446•Fortinet FortiWeb• November 14, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-21

Details NVD

CVE-2025-9242 — WatchGuard Firebox — WatchGuard Firebox Out-of-Bounds Write Vulnerability

CISA KEV•CVE-2025-9242•WatchGuard Firebox• November 12, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-03

Details NVD

CVE-2025-62215 — Microsoft Windows — Microsoft Windows Race Condition Vulnerability

CISA KEV•CVE-2025-62215•Microsoft Windows• November 12, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-03

Details NVD

CVE-2025-12480 — Gladinet Triofox — Gladinet Triofox Improper Access Control Vulnerability

CISA KEV•CVE-2025-12480•Gladinet Triofox• November 12, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-03

Details NVD

CVE-2025-21042 — Samsung Mobile Devices — Samsung Mobile Devices Out-of-Bounds Write Vulnerability

CISA KEV•CVE-2025-21042•Samsung Mobile Devices• November 10, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-12-01

Details NVD

CVE-2025-11371 — Gladinet CentreStack and Triofox — Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability

CISA KEV•CVE-2025-11371•Gladinet CentreStack and Triofox• November 4, 2025

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due: 2025-11-25

Details NVD

« 1 … 4 5 6 7 8 … 13 »