Medium
|
19 May 2025 |
19 May 2025 |
CPAI-2024-1618
|
|
CVE-2024-12510
|
Xerox Versalink C7025 Server-Side Request Forgery (CVE-2024-12510)
|
Critical
|
6 Jan 2025 |
19 May 2025 |
CPAI-2024-1218
|
|
CVE-2024-12987
|
DrayTek Vigor Command Injection (CVE-2024-12987)
|
High
|
18 May 2025 |
18 May 2025 |
CPAI-2025-0254
|
|
CVE-2025-43865
|
React Router Cross-Site Scripting (CVE-2025-43865)
|
High
|
18 May 2025 |
18 May 2025 |
CPAI-2024-1656
|
|
CVE-2024-27778
|
Fortinet FortiSandbox Command Injection (CVE-2024-27778)
|
Medium
|
18 May 2025 |
18 May 2025 |
CPAI-2024-1629
|
|
CVE-2024-45440
|
Drupal Information Disclosure (CVE-2024-45440)
|
Critical
|
15 Apr 2025 |
18 May 2025 |
CPAI-2025-0125
|
|
|
Sensitive Configuration File Disclosure
|
High
|
15 May 2025 |
15 May 2025 |
CPAI-2024-1654
|
|
CVE-2024-13163
|
Ivanti Endpoint Manager Insecure Deserialization (CVE-2024-13163)
|
High
|
15 May 2025 |
15 May 2025 |
CPAI-2024-1650
|
|
CVE-2024-6651
|
WordPress File Upload Plugin Cross-Site Scripting (CVE-2024-6651)
|
High
|
15 May 2025 |
15 May 2025 |
CPAI-2025-0289
|
|
CVE-2025-31644
|
F5 BIG-IP Command Injection (CVE-2025-31644)
|
Medium
|
15 May 2025 |
15 May 2025 |
CPAI-2024-1648
|
|
CVE-2024-36465
|
ZABBIX SQL Injection (CVE-2024-36465)
|
High
|
15 May 2025 |
15 May 2025 |
CPAI-2023-2054
|
|
CVE-2023-50991
|
Tenda I29 Firmware Buffer Overflow (CVE-2023-50991)
|
Medium
|
15 May 2025 |
15 May 2025 |
CPAI-2025-0281
|
|
CVE-2025-3987
|
TOTOLINK N150RT Firmware Command Injection (CVE-2025-3987)
|
Medium
|
15 May 2025 |
15 May 2025 |
CPAI-2025-0278
|
|
CVE-2025-2094
|
TOTOLINK EX1800T Firmware Command Injection (CVE-2025-2094)
|
Medium
|
15 May 2025 |
15 May 2025 |
CPAI-2025-0272
|
|
CVE-2025-3980
|
Wowjoy Information Disclosure (CVE-2025-3980)
|
High
|
15 May 2025 |
15 May 2025 |
CPAI-2025-0271
|
|
CVE-2025-3988 CVE-2025-3989 CVE-2025-3990 CVE-2025-3991 CVE-2025-3992 CVE-2025-3993 CVE-2025-4462
|
TOTOLINK N150RT Buffer Overflow (CVE-2025-3988; CVE-2025-3989; CVE-2025-3990; CVE-2025-3991; CVE-2025-3992; CVE-2025-3993; CVE-2025-4462)
|
Medium
|
15 May 2025 |
15 May 2025 |
CPAI-2024-1636
|
|
CVE-2024-9917
|
HuangDou UTCMS Remote Code Execution (CVE-2024-9917)
|
Critical
|
27 Apr 2025 |
15 May 2025 |
CPAI-2025-0246
|
|
CVE-2025-31324 CVE-2025-42999
|
SAP NetWeaver Remote Code Execution (CVE-2025-31324; CVE-2025-42999)
|
High
|
13 May 2025 |
14 May 2025 |
CPAI-2025-0292
|
Microsoft CVE-2025-30397
|
CVE-2025-30397
|
Microsoft Scripting Engine Memory Corruption (CVE-2025-30397)
|
Medium
|
14 May 2025 |
14 May 2025 |
CPAI-2024-1649
|
|
CVE-2024-57004
|
Roundcube Webmail Cross-Site Scripting (CVE-2024-57004)
|
High
|
14 May 2025 |
14 May 2025 |
CPAI-2015-1689
|
|
CVE-2015-5625
|
OpenDocMan Cross-Site Scripting (CVE-2015-5625)
|
Critical
|
14 May 2025 |
14 May 2025 |
CPAI-2025-0274
|
|
CVE-2025-27007
|
WordPress OttoKit Plugin Authentication Bypass (CVE-2025-27007)
|
High
|
14 May 2025 |
14 May 2025 |
CPAI-2015-1686
|
|
CVE-2015-3783
|
Apple SceneKit Buffer Overflow (CVE-2015-3783)
|
High
|
13 May 2025 |
13 May 2025 |
CPAI-2025-0298
|
Adobe APSB25-52
|
CVE-2025-43560
|
Adobe ColdFusion Improper Input Validation (APSB25-52: CVE-2025-43560)
|
High
|
13 May 2025 |
13 May 2025 |
CPAI-2025-0297
|
Adobe APSB25-52
|
CVE-2025-43564
|
Adobe ColdFusion Incorrect Authorization (APSB25-52: CVE-2025-43564)
|
High
|
13 May 2025 |
13 May 2025 |
CPAI-2025-0296
|
Adobe APSB25-52
|
CVE-2025-43565
|
Adobe ColdFusion Improper Access Control (APSB25-52: CVE-2025-43565)
|
High
|
13 May 2025 |
13 May 2025 |
CPAI-2025-0295
|
Adobe APSB25-52
|
CVE-2025-43563
|
Adobe ColdFusion Improper Access Control (APSB25-52: CVE-2025-43563)
|
High
|
13 May 2025 |
13 May 2025 |
CPAI-2025-0294
|
Adobe APSB25-52
|
CVE-2025-43561
|
Adobe ColdFusion Improper Access Control (APSB25-52: CVE-2025-43561)
|
High
|
13 May 2025 |
13 May 2025 |
CPAI-2025-0290
|
Microsoft CVE-2025-29971
|
CVE-2025-29971
|
Microsoft Web Threat Defense Denial of Service (CVE-2025-29971)
|
Medium
|
13 May 2025 |
13 May 2025 |
CPAI-2017-1959
|
|
CVE-2017-17664
|
Digium Asterisk Out of Bounds Write (CVE-2017-17664)
|
Medium
|
12 May 2025 |
12 May 2025 |
CPAI-2024-1645
|
|
CVE-2024-39932
|
Gogs Argument Injection (CVE-2024-39932)
|
Critical
|
12 May 2025 |
12 May 2025 |
CPAI-2024-1643
|
|
CVE-2024-24116
|
Ruijie RG-NBS2009G-P Authentication Bypass (CVE-2024-24116)
|
Critical
|
12 May 2025 |
12 May 2025 |
CPAI-2024-1642
|
|
CVE-2024-10081
|
CodeChecker Authentication Bypass (CVE-2024-10081)
|
Critical
|
12 May 2025 |
12 May 2025 |
CPAI-2023-2052
|
|
CVE-2023-41887
|
OpenRefine Remote Code Execution (CVE-2023-41887)
|
High
|
12 May 2025 |
12 May 2025 |
CPAI-2024-1639
|
|
CVE-2024-47962
|
Delta Electronics CNCSoft-G2 Remote Code Execution (CVE-2024-47962)
|
Medium
|
12 May 2025 |
12 May 2025 |
CPAI-2022-2215
|
|
CVE-2022-45402
|
Apache Airflow Open Redirect (CVE-2022-45402)
|
High
|
12 May 2025 |
12 May 2025 |
CPAI-2025-0252
|
|
CVE-2025-43864
|
React Router Denial of Service (CVE-2025-43864)
|
Critical
|
12 May 2025 |
12 May 2025 |
CPAI-2020-4305
|
|
CVE-2020-26214
|
Alerta Authentication Bypass (CVE-2020-26214)
|
High
|
20 Apr 2025 |
12 May 2025 |
CPAI-2024-1604
|
|
CVE-2024-45324
|
Fortinet Multiple Products Format String Injection (CVE-2024-45324)
|
High
|
16 Mar 2025 |
12 May 2025 |
CPAI-2025-0094
|
|
CVE-2025-24799
|
GLPI SQL Injection (CVE-2025-24799)
|
High
|
11 May 2025 |
11 May 2025 |
CPAI-2025-0273
|
|
CVE-2025-32819 CVE-2025-32820 CVE-2025-32821
|
SonicWall SMA100 Remote Code Execution (CVE-2025-32819; CVE-2025-32820; CVE-2025-32821)
|
Critical
|
11 May 2025 |
11 May 2025 |
CPAI-2024-1637
|
|
CVE-2024-52961
|
Fortinet FortiSandbox Command Injection (CVE-2024-52961)
|
Critical
|
11 May 2025 |
11 May 2025 |
CPAI-2025-0263
|
|
CVE-2025-28137
|
TOTOLINK A810R Firmware Command Injection (CVE-2025-28137)
|
Critical
|
11 May 2025 |
11 May 2025 |
CPAI-2019-3280
|
|
CVE-2019-16932
|
WordPress Themeisle Visualizer Plugin Server-Side Request Forgery (CVE-2019-16932)
|
Critical
|
11 May 2025 |
11 May 2025 |
CPAI-2020-4307
|
|
CVE-2020-24881
|
OsTicket Server-Side Request Forgery (CVE-2020-24881)
|
Critical
|
27 Apr 2025 |
11 May 2025 |
CPAI-2025-0224
|
|
CVE-2025-34028
|
Commvault Command Center Remote Code Execution (CVE-2025-34028)
|
High
|
11 May 2025 |
11 May 2025 |
CPAI-2025-0202
|
|
CVE-2025-27423
|
Vim Command Injection (CVE-2025-27423)
|
Critical
|
8 May 2025 |
8 May 2025 |
CPAI-2025-0268
|
|
CVE-2025-2778
|
SysAid On-Premise Command Injection (CVE-2025-2778)
|
High
|
4 May 2025 |
8 May 2025 |
CPAI-2023-2049
|
|
CVE-2023-44221
|
SonicWall SMA Command Injection (CVE-2023-44221)
|
High
|
8 May 2025 |
8 May 2025 |
CPAI-2024-1633
|
|
CVE-2024-13179
|
Ivanti Avalanche Directory Traversal (CVE-2024-13179)
|
Critical
|
8 May 2025 |
8 May 2025 |
CPAI-2019-3277
|
|
CVE-2019-17382
|
Zabbix Authentication Bypass (CVE-2019-17382)
|