Total
33506 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-47255 | 1 2n | 1 Access Commander | 2025-09-04 | 4.7 Medium |
| In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions. | ||||
| CVE-2024-47254 | 1 2n | 1 Access Commander | 2025-09-04 | 6.3 Medium |
| In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the system. | ||||
| CVE-2024-34537 | 1 Typo3 | 1 Typo3 | 2025-09-03 | 4.9 Medium |
| TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. The fixed versions are 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS, and 13.3.1. | ||||
| CVE-2025-9461 | 1 Diyhi | 1 Bbs | 2025-09-03 | 4.3 Medium |
| A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-3831 | 1 Checkpoint | 1 Harmony Sase | 2025-09-03 | 8.1 High |
| Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. | ||||
| CVE-2024-49972 | 1 Linux | 1 Linux Kernel | 2025-09-03 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Deallocate DML memory if allocation fails [Why] When DC state create DML memory allocation fails, memory is not deallocated subsequently, resulting in uninitialized structure that is not NULL. [How] Deallocate memory if DML memory allocation fails. | ||||
| CVE-2025-46762 | 1 Apache | 1 Parquet | 2025-09-02 | 8.1 High |
| Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be executed. The exploit is only applicable if the client code of parquet-avro uses the "specific" or the "reflect" models deliberately for reading Parquet files. ("generic" model is not impacted) Users are recommended to upgrade to 1.15.2 or set the system property "org.apache.parquet.avro.SERIALIZABLE_PACKAGES" to an empty string on 1.15.1. Both are sufficient to fix the issue. | ||||
| CVE-2024-49395 | 3 Mutt, Neomutt, Redhat | 3 Mutt, Neomutt, Enterprise Linux | 2025-09-02 | 5.3 Medium |
| In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. | ||||
| CVE-2025-3735 | 1 Panelizer \(obsolete\) Project | 1 Panelizer \(obsolete\) | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Panelizer (obsolete).This issue affects Panelizer (obsolete): *.*. | ||||
| CVE-2025-3736 | 1 Simple Gtm Project | 1 Simple Gtm | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Simple GTM.This issue affects Simple GTM: *.*. | ||||
| CVE-2025-3737 | 1 Google Maps\ | 1 Store Locator Project | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Google Maps: Store Locator.This issue affects Google Maps: Store Locator: *.*. | ||||
| CVE-2025-3738 | 1 Google Optimize Project | 1 Google Optimize | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Google Optimize.This issue affects Google Optimize: *.*. | ||||
| CVE-2025-3903 | 1 Ueditor Project | 1 Ueditor | 2025-09-02 | 7.3 High |
| Vulnerability in Drupal UEditor - 百度编辑器.This issue affects UEditor - 百度编辑器: *.*. | ||||
| CVE-2025-3904 | 1 Sportsleague Project | 1 Sportsleague | 2025-09-02 | 7.3 High |
| Vulnerability in Drupal Sportsleague.This issue affects Sportsleague: *.*. | ||||
| CVE-2025-3060 | 1 Flattern Project | 1 Flattern | 2025-09-02 | 6.6 Medium |
| Vulnerability in Drupal Flattern – Multipurpose Bootstrap Business Profile.This issue affects Flattern – Multipurpose Bootstrap Business Profile: *.*. | ||||
| CVE-2024-13299 | 1 Boozallen | 1 Megamenu Framework | 2025-09-02 | 6.6 Medium |
| Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework: *.*. | ||||
| CVE-2024-13300 | 1 Print Anything Project | 1 Print Anything | 2025-09-02 | 6.6 Medium |
| Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*. | ||||
| CVE-2024-13310 | 1 Git Utilities Project | 1 Git Utilities | 2025-09-02 | 6.5 Medium |
| Vulnerability in Drupal Git Utilities for Drupal.This issue affects Git Utilities for Drupal: *.*. | ||||
| CVE-2024-13311 | 1 Allow All File Extensions For File Fields Project | 1 Allow All File Extensions For File Fields | 2025-09-02 | 7.3 High |
| Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields: *.*. | ||||
| CVE-2024-13285 | 1 Wkhtmltopdf | 1 Wkhtmltopdf | 2025-09-02 | 9.8 Critical |
| Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*. | ||||