CVEs from 2025
Total
8,928
critical
critical 1,313
high
high 1,950
medium
medium 1,966
low
low 200
% Critical
14.7%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22060 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM information, … | |||
| CVE-2025-22063 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is use… | |||
| CVE-2025-22067 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock() If requested_clk > 128, cdns_mrvl_xspi_setup_clock()… | |||
| CVE-2025-22064 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration … | |||
| CVE-2025-22065 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpf_remove() twice. First via… | |||
| CVE-2025-22071 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufs_create_context() Leak fixes back in 2008 missed one case - if we are trying to set affinity and spufs_… | |||
| CVE-2025-22066 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_car… | |||
| CVE-2025-22068 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ublk: make sure ubq->canceling is set when queue is frozen Now ublk driver depends on `ubq->canceling` for deciding if the reques… | |||
| CVE-2025-22070 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default AC… | |||
| CVE-2025-22075 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") ad… | |||
| CVE-2025-22072 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "[POWERPC] spufs: Fix gang destroy leaks" we used to have a problem with gang lifeti… | |||
| CVE-2025-22073 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufs_new_file() failure It's called from spufs_fill_dir(), and caller of that will do spufs_rmdir() in case… | |||
| CVE-2025-22074 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix r_count dec/increment mismatch r_count is only increased when there is an oplock break wait, so r_count inc/decrement … | |||
| CVE-2025-22077 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e… | |||
| CVE-2025-22076 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: exfat: fix missing shutdown check xfstests generic/730 test failed because after deleting the device that still had dirty data, t… | |||
| CVE-2025-22078 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: staging: vchiq_arm: Fix possible NPR of keep-alive thread In case vchiq_platform_conn_state_changed() is never called or fails be… | |||
| CVE-2025-22088 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed… | |||
| CVE-2025-22079 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate l_tree_depth to avoid out-of-bounds access The l_tree_depth field is 16-bit (__le16), but the actual maximum dept… | |||
| CVE-2025-22080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer overflow in hdr_first_de() The "de_off" and "used" variables come from the disk so they both need to ch… | |||
| CVE-2025-22081 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a couple integer overflows on 32bit systems On 32bit systems the "off + sizeof(struct NTFS_DE)" addition can have a… | |||
| CVE-2025-22082 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iio_backend_debugfs_write_reg() … | |||
| CVE-2025-22084 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: w1: fix NULL pointer dereference in probe The w1_uart_probe() function calls w1_uart_serdev_open() (which includes devm_serdev_de… | |||
| CVE-2025-22095 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators … | |||
| CVE-2025-22094 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpa counters… | |||
| CVE-2025-22096 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msm_parse_deps() The SUBMIT_ERROR() macro turns the error code negative. This extra '-' operation tu… | |||
| CVE-2025-22098 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dp: Fix a deadlock in zynqmp_dp_ignore_hpd_set() Instead of attempting the same mutex twice, lock and unlock it. Thi… | |||
| CVE-2025-39915 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: phy: transfer phy_config_inband() locking responsibility to phylink Problem description =================== Lockdep reports… | |||
| CVE-2025-38598 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free in amdgpu_userq_suspend+0x51a/0x5a0 [ +0.000020] BUG: KASAN: slab-use-after-free in amdgpu_userq_… | |||
| CVE-2025-13638 | unknown | — | — | — | Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2025-13721 | unknown | — | — | — | Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2025-7656 | unknown | — | — | — | Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-68754 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres … | |||
| CVE-2025-40357 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in __smc_diag_dump The syzbot report a crash: Oops: general protection fault, probably f… | |||
| CVE-2025-38517 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: lib/alloc_tag: do not acquire non-existent lock in alloc_tag_top_users() alloc_tag_top_users() attempts to lock alloc_tag_cttype-… | |||
| CVE-2025-21824 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 ("gpu: host1x: Fix boot regression for Tegra") caused a use of … | |||
| CVE-2025-37741 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. [1] When calling "ioctl$LOOP_SET_… | |||
| CVE-2025-40230 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP (Transparent Huge Page) mapped … | |||
| CVE-2025-68736 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened … | |||
| CVE-2025-32318 | unknown | — | — | — | In Skia, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is n… | |||
| CVE-2025-48050 | unknown | — | — | — | In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current working directory. NOTE: the Supplier disputes the significance of this repor… | |||
| CVE-2025-39831 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of service_task and into open/close The fbnic driver was presenting with the following locking ass… | |||
| CVE-2025-59798 | unknown | — | — | — | Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. | |||
| CVE-2025-38497 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs… | |||
| CVE-2025-68327 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Fix synchronous external abort on unbind A synchronous external abort occurs on the Renesas RZ/G3S SoC if unb… | |||
| CVE-2025-71232 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, [61110.449331] qla… | |||
| CVE-2025-38002 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/fdinfo: grab ctx->uring_lock around io_uring_show_fdinfo() Not everything requires locking in there, which is why the 'h… | |||
| CVE-2025-68265 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin request_queue lifetime The namespaces can access the controller's admin request_queue, and stale references on th… | |||
| CVE-2025-71087 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavf_config_rss_reg() There are off-by-one bugs when configuring RSS hash key and lookup table, ca… | |||
| CVE-2025-38577 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fs_evict_inode As syzbot [1] reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 0… | |||
| CVE-2025-21973 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats… | |||
| CVE-2025-37988 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNT_TREE_BENEATH handling by do_move_mount() Normally do_lock_mount(path, _) is locking a mountpoint pin… | |||
| CVE-2025-21912 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpio: rcar: Use raw_spinlock to protect register access Use raw_spinlock in order to fix spurious messages about invalid context … | |||
| CVE-2025-64390 | unknown | — | — | 9h ago | A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed JAR file. | |||
| CVE-2025-71312 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfs_mount_options leak in ntfs_fill_super() In ntfs_fill_super(), the fc->fs_private pointer is set to NULL withou… | |||
| CVE-2025-71311 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize new folios before use KMSAN reports an uninitialized value in longest_match_std(), invoked from ntfs_compres… | |||
| CVE-2025-71309 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in ni_read_folio_cmpr Syzbot reported a task hung in ni_readpage_cmpr (now ni_read_folio_cmpr). This is ca… | |||
| CVE-2025-71308 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aie_destroy_context() is invoked during error handling i… | |||
| CVE-2025-71307 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug This patch removes the MCU halt and wait for halt procedures durin… | |||
| CVE-2025-71306 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in is_bprm_creds_for_exec() KASAN reported a stack-out-of-bounds access in ima_appraise_measurement … | |||
| CVE-2025-71305 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: drm/display/dp_mst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong… | |||
| CVE-2025-71304 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disab… | |||
| CVE-2025-71303 | unknown | — | — | 7d ago | In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpm_on When autosuspend is triggered, driver rpm_on flag is set to indicate that … | |||
| CVE-2025-14575 | unknown | — | — | 15d ago | An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attacker to load a rogue CA certificate as a trusted syste… | |||
| CVE-2025-54518 | unknown | — | — | 19d ago | <p>This vulnerability was found and addressed by AMD. We are documenting it in the Security Update Guide to encourage customers to install the May 2026 version of Windows as soon as possible.</p> <p>… | |||
| CVE-2025-62188 | unknown | — | — | 2mo ago | Apache DolphinScheduler vulnerable to sensitive information disclosure | |||
| CVE-2025-64505 | unknown | — | — | 2mo ago | visionOS 26.4 | |||
| CVE-2025-43376 | unknown | — | — | 2mo ago | iOS 18.7.7 and iPadOS 18.7.7 | |||
| CVE-2025-14524 | unknown | — | — | 2mo ago | When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass… | |||
| CVE-2025-43534 | unknown | — | — | 2mo ago | iOS 18.7.7 and iPadOS 18.7.7 | |||
| CVE-2025-70952 | unknown | — | — | 2mo ago | pf4j is vulnerable to Path Traversal or Zip Slip attack through improper handling of zip entry names | |||
| CVE-2025-59775 | unknown | — | — | 2mo ago | macOS Sonoma 14.8.5 | |||
| CVE-2025-54920 | unknown | — | — | 3mo ago | Apache Spark: Spark History Server Code Execution Vulnerability | |||
| CVE-2025-66249 | unknown | — | — | 3mo ago | Apache Livy: Unauthorized directory access | |||
| CVE-2025-60012 | unknown | — | — | 3mo ago | Apache Livy: Restrict file access | |||
| CVE-2025-66024 | unknown | — | — | 3mo ago | XWiki Blog Application home page vulnerable to Stored XSS via Post Title | |||
| CVE-2025-66168 | unknown | — | — | 3mo ago | Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound | |||
| CVE-2025-15599 | unknown | — | — | 3mo ago | DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting missing textarea rawtext elemen… | |||
| CVE-2025-59060 | unknown | — | — | 3mo ago | Apache Ranger Vulnerable to Improper Validation of Certificate with Host Mismatch | |||
| CVE-2025-59059 | unknown | — | — | 3mo ago | Apache Ranger has a Code Injection vulnerability | |||
| CVE-2025-12150 | unknown | — | — | 3mo ago | Keycloak REST Services has a WebAuthn Attestation Statement Verification Bypass | |||
| CVE-2025-13590 | unknown | — | — | 3mo ago | carbon-apimgt does not properly restrict uploaded files | |||
| CVE-2025-66614 | unknown | — | — | 4mo ago | Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were… | |||
| CVE-2025-33042 | unknown | — | — | 4mo ago | Apache Avro Java SDK is Vulnerable to Code Injection | |||
| CVE-2025-11537 | unknown | — | — | 4mo ago | Keycloak logs sensitive headers | |||
| CVE-2025-14778 | unknown | — | — | 4mo ago | Keycloak Affected by Broken Access Control Vulnerability in the UserManagedPermissionService | |||
| CVE-2025-68458 | unknown | — | — | 4mo ago | Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts out… | |||
| CVE-2025-68157 | unknown | — | — | 4mo ago | Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) enforces allowedUris only for the initial URL, bu… | |||
| CVE-2025-13881 | unknown | — | — | 4mo ago | Keycloak Admin API allows an administrator with limited privileges to retrieve sensitive custom attributes | |||
| CVE-2025-14969 | unknown | — | — | 4mo ago | Hibernate Reactive Vulnerable to DoS via Connection Pool Exhaustion | |||
| CVE-2025-27821 | unknown | — | — | 4mo ago | Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability | |||
| CVE-2025-22234 | unknown | — | — | 4mo ago | Spring Security has a broken timing attack mitigation implemented in DaoAuthenticationProvide | |||
| CVE-2025-14083 | unknown | — | — | 4mo ago | Keycloak Admin REST API exposes backend schema and rules | |||
| CVE-2025-14559 | unknown | — | — | 4mo ago | Keycloak services allows the issuance of access and refresh tokens for disabled users | |||
| CVE-2025-65482 | unknown | — | — | 4mo ago | XDocReport affected by an XML External Entity (XXE) vulnerability | |||
| CVE-2025-64087 | unknown | — | — | 4mo ago | XDocReport affected by a Server-Side Template Injection (SSTI) vulnerability | |||
| CVE-2025-59355 | unknown | — | — | 5mo ago | Apache Linkis: Password Exposure | |||
| CVE-2025-29847 | unknown | — | — | 5mo ago | Apache Linkis: Arbitrary File Read via Double URL Encoding Bypass | |||
| CVE-2025-15104 | unknown | — | — | 5mo ago | Nu Html Checker (validator.nu) contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources, including localhost services.… | |||
| CVE-2025-69725 | unknown | — | — | 5mo ago | An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain. | |||
| CVE-2025-71140 | unknown | — | — | 5mo ago | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and de… |