Total
11427 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24510 | 2026-06-17 | N/A | 6.5 MEDIUM | ||
| A vulnerability has been identified in MS/TP Point Pickup Module (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation. | |||||
| CVE-2025-24504 | 2026-06-17 | N/A | N/A | ||
| An improper input validation the CSRF filter results in unsanitized user input written to the application logs. | |||||
| CVE-2025-24501 | 2026-06-17 | N/A | N/A | ||
| An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request. | |||||
| CVE-2025-24499 | 2026-06-17 | N/A | 7.2 HIGH | ||
| A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly validate input while loading the configuration files. This could allow an authenticated remote attacker to execute arbitrary shell commands on the device. | |||||
| CVE-2025-24486 | 2026-06-17 | N/A | 7.8 HIGH | ||
| Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-24484 | 2026-06-17 | N/A | 7.8 HIGH | ||
| Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-24446 | 1 Adobe | 1 Coldfusion | 2026-06-17 | N/A | 9.1 CRITICAL |
| ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution. Exploitation of this issue does not require user interaction, but admin panel privileges are required, and scope is changed. | |||||
| CVE-2025-24325 | 2026-06-17 | N/A | 8.8 HIGH | ||
| Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-24319 | 1 F5 | 1 Big-ip Next Central Manager | 2026-06-17 | N/A | 6.5 MEDIUM |
| When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-24308 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Improper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and M50FCP may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-24299 | 1 Intel | 1 Computing Improvement Program | 2026-06-17 | N/A | 8.8 HIGH |
| Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via network access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||
| CVE-2025-24296 | 2026-06-17 | N/A | 6.0 MEDIUM | ||
| Improper input validation in some firmware for the Intel(R) E810 Ethernet before version 4.6 may allow a privileged user to enable denial of service via local access. | |||||
| CVE-2025-24274 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.8 HIGH |
| An input validation issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A malicious app may be able to gain root privileges. | |||||
| CVE-2025-24255 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 8.4 HIGH |
| A file access issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox. | |||||
| CVE-2025-24191 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system. | |||||
| CVE-2025-24074 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2026-06-17 | N/A | 7.8 HIGH |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24073 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 7.8 HIGH |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24062 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 5 more | 2026-06-17 | N/A | 7.8 HIGH |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24060 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2026-06-17 | N/A | 7.8 HIGH |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24058 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2026-06-17 | N/A | 7.8 HIGH |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||||