Total
280 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16873 | 2 Google, Microsoft | 2 Chrome, Xamarin.forms | 2026-02-23 | 6.8 MEDIUM | 4.7 MEDIUM |
| <p>A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute arbitrary Javascript code on a target system.</p> <p>For the attack to be successful, the targeted user would need to browse to a malicious website or a website serving the malicious code through Xamarin.Forms.</p> <p>The security update addresses this vulnerability by preventing the malicious Javascript from running in the WebView.</p> | |||||
| CVE-2025-70998 | 1 Utt | 2 810, 810 Firmware | 2026-02-19 | N/A | 9.8 CRITICAL |
| UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script. | |||||
| CVE-2025-64781 | 1 Groupsession | 1 Groupsession | 2026-02-17 | N/A | 4.7 MEDIUM |
| In GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1, "External page display restriction" is set to "Do not limit" in the initial configuration. With this configuration, the user may be redirected to an arbitrary website when accessing a specially crafted URL. | |||||
| CVE-2026-25894 | 1 Frangoteam | 1 Fuxa | 2026-02-13 | N/A | 9.8 CRITICAL |
| FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10. | |||||
| CVE-2026-25499 | 1 Bpg | 1 Terraform Provider | 2026-02-11 | N/A | 7.5 HIGH |
| Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been patched in version 0.93.1. | |||||
| CVE-2025-69970 | 1 Frangoteam | 1 Fuxa | 2026-02-10 | N/A | 9.3 CRITICAL |
| FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticated remote attackers to access sensitive API endpoints, modify projects, and control industrial equipment immediately after installation. | |||||
| CVE-2025-5591 | 1 Kentico | 1 Xperience | 2026-01-22 | N/A | 5.4 MEDIUM |
| Kentico Xperience 13 is vulnerable to a stored cross-site scripting attack via a form component, allowing an attacker to hijack a victim user’s session and perform actions in their security context. | |||||
| CVE-2025-35021 | 1 Antek | 2 Abilis Cpx 2000, Abilis Cpx Firmware | 2026-01-13 | N/A | 6.5 MEDIUM |
| By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections. | |||||
| CVE-2023-33949 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2026-01-09 | N/A | 5.3 MEDIUM |
| In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true. | |||||
| CVE-2024-30124 | 1 Hcltech | 1 Sametime | 2026-01-08 | N/A | 4.0 MEDIUM |
| HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously. | |||||
| CVE-2025-56332 | 1 Pangolin | 1 Pangolin | 2026-01-07 | N/A | 9.1 CRITICAL |
| Authentication Bypass in fosrl/pangolin v1.6.2 and before allows attackers to access Pangolin resource via Insecure Default Configuration | |||||
| CVE-2025-66482 | 1 Misskey | 1 Misskey | 2026-01-06 | N/A | 6.5 MEDIUM |
| Misskey is an open source, federated social media platform. Attackers who use an untrusted reverse proxy or not using a reverse proxy at all can bypass IP rate limiting by adding a forged X-Forwarded-For header. Starting with version 2025.9.1, an option (`trustProxy`) has been added in config file to prevent this from happening. However, it is initialized with an insecure default value before version 2025.12.0-alpha.2, making it still vulnerable if the configuration is not set correctly. This is patched in v2025.12.0-alpha.2 by flipping default value of `trustProxy` to `false`. Users of a trusted reverse proxy who are unsure if they manually overode this value should check their config for optimal behavior. Users are running Misskey with a trusted reverse proxy should not be affected by this vulnerability. From v2025.9.1 to v2025.11.1, workaround is available. Set `trustProxy: false` in config file. | |||||
| CVE-2025-64135 | 1 Jenkins | 1 Eggplant Runner | 2025-12-22 | N/A | 5.9 MEDIUM |
| Jenkins Eggplant Runner Plugin 0.0.1.301.v963cffe8ddb_8 and earlier sets the Java system property `jdk.http.auth.tunneling.disabledSchemes` to an empty value, disabling a protection mechanism of the Java runtime. | |||||
| CVE-2025-43797 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-16 | N/A | 5.4 MEDIUM |
| In Liferay Portal 7.1.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions, the default membership type of a newly created site is “Open” which allows any registered users to become a member of the site. A remote attacker with site membership can potentially view, add or edit content on the site. | |||||
| CVE-2025-13357 | 1 Hashicorp | 1 Terraform Provider | 2025-12-10 | N/A | 7.4 HIGH |
| Vault’s Terraform Provider incorrectly set the default deny_null_bind parameter for the LDAP auth method to false by default, potentially resulting in an insecure configuration. If the underlying LDAP server allowed anonymous or unauthenticated binds, this could result in authentication bypass. This vulnerability, CVE-2025-13357, is fixed in Vault Terraform Provider v5.5.0. | |||||
| CVE-2025-48629 | 1 Google | 1 Android | 2025-12-08 | N/A | 7.8 HIGH |
| In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48621 | 1 Google | 1 Android | 2025-12-08 | N/A | 7.3 HIGH |
| In DefaultTransitionHandler.java, there is a possible way to enable a tapjacking attack due to a insecure default. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2025-38523 | 1 Linux | 1 Linux Kernel | 2025-11-18 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbd_response slab to allow usercopy The handling of received data in the smbdirect client code involves using copy_to_iter() to copy data from the smbd_reponse struct's packet trailer to a folioq buffer provided by netfslib that encapsulates a chunk of pagecache. If, however, CONFIG_HARDENED_USERCOPY=y, this will result in the checks then performed in copy_to_iter() oopsing with something like the following: CIFS: Attempting to mount //172.31.9.1/test CIFS: VFS: RDMA transport established usercopy: Kernel memory exposure attempt detected from SLUB object 'smbd_response_0000000091e24ea1' (offset 81, size 63)! ------------[ cut here ]------------ kernel BUG at mm/usercopy.c:102! ... RIP: 0010:usercopy_abort+0x6c/0x80 ... Call Trace: <TASK> __check_heap_object+0xe3/0x120 __check_object_size+0x4dc/0x6d0 smbd_recv+0x77f/0xfe0 [cifs] cifs_readv_from_socket+0x276/0x8f0 [cifs] cifs_read_from_socket+0xcd/0x120 [cifs] cifs_demultiplex_thread+0x7e9/0x2d50 [cifs] kthread+0x396/0x830 ret_from_fork+0x2b8/0x3b0 ret_from_fork_asm+0x1a/0x30 The problem is that the smbd_response slab's packet field isn't marked as being permitted for usercopy. Fix this by passing parameters to kmem_slab_create() to indicate that copy_to_iter() is permitted from the packet region of the smbd_response slab objects, less the header space. | |||||
| CVE-2025-48927 | 1 Smarsh | 1 Telemessage | 2025-11-05 | N/A | 5.3 MEDIUM |
| The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025. | |||||
| CVE-2022-47196 | 1 Ghost | 1 Ghost | 2025-11-04 | N/A | 5.4 MEDIUM |
| An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `codeinjection_head` for a post. | |||||