Total
8015 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34708 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-05-29 | N/A | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2024-56193 | 2025-05-29 | N/A | 5.1 MEDIUM | ||
| There is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-5064 | 1 Google | 1 Chrome | 2025-05-29 | N/A | 5.4 MEDIUM |
| Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2025-5281 | 1 Google | 1 Chrome | 2025-05-29 | N/A | 5.4 MEDIUM |
| Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2022-28638 | 2 Hp, Hpe | 77 Apollo 4200 Gen10 Server, Apollo 4500, Apollo R2000 Chassis and 74 more | 2025-05-29 | N/A | 7.8 HIGH |
| An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities. | |||||
| CVE-2023-29857 | 1 Teslamate | 1 Teslamate | 2025-05-28 | N/A | 5.3 MEDIUM |
| An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link. | |||||
| CVE-2024-7704 | 1 Weaver | 1 E-cology | 2025-05-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecology_dev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-25734 | 1 Wyrestorm | 2 Apollo Vx20, Apollo Vx20 Firmware | 2025-05-28 | N/A | 7.5 HIGH |
| An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts. | |||||
| CVE-2025-31494 | 1 Agpt | 1 Autogpt | 2025-05-28 | N/A | 3.5 LOW |
| AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebSocket API transmitted node execution updates to subscribers based on the graph_id+graph_version. Additionally, there was no check prohibiting users from subscribing with another user's graph_id+graph_version. As a result, node execution updates from one user's graph execution could be received by another user within the same instance. This vulnerability does not occur between different instances or between users and non-users of the platform. Single-user instances are not affected. In private instances with a user white-list, the impact is limited by the fact that all potential unintended recipients of these node execution updates must have been admitted by the administrator. This vulnerability is fixed in 0.6.1. | |||||
| CVE-2025-41654 | 2025-05-28 | N/A | 8.2 HIGH | ||
| An unauthenticated remote attacker can access information about running processes via the SNMP protocol. The amount of returned data can trigger a reboot by the watchdog. | |||||
| CVE-2025-31218 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 6.2 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to observe the hostnames of new network connections. | |||||
| CVE-2025-31220 | 1 Apple | 2 Ipados, Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A malicious app may be able to read sensitive location information. | |||||
| CVE-2025-31225 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-27 | N/A | 7.1 HIGH |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and iPadOS 18.5. Call history from deleted apps may still appear in spotlight search results. | |||||
| CVE-2025-31236 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31242 | 1 Apple | 2 Ipados, Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access sensitive user data. | |||||
| CVE-2025-31250 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31256 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes. | |||||
| CVE-2025-4751 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-05-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected is an unknown function of the file /index.data. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-38749 | 1 Olivethemes | 1 Olive One Click Demo Import | 2025-05-27 | N/A | 5.3 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2. | |||||
| CVE-2025-32983 | 1 Netscout | 1 Ngeniusone | 2025-05-27 | N/A | 7.5 HIGH |
| NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. | |||||