Total
387 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43310 | 1 Keylime | 1 Keylime | 2025-05-27 | N/A | 9.8 CRITICAL |
| A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. This could lead to a remote code execution. | |||||
| CVE-2023-35622 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-05-22 | N/A | 7.5 HIGH |
| Windows DNS Spoofing Vulnerability | |||||
| CVE-2021-27853 | 3 Cisco, Ieee, Ietf | 308 Catalyst 3650-12x48fd-e, Catalyst 3650-12x48fd-l, Catalyst 3650-12x48fd-s and 305 more | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. | |||||
| CVE-2025-1104 | 1 Dlink | 2 Dhp-w310av, Dhp-w310av Firmware | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authentication bypass by spoofing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2021-27862 | 2 Ieee, Ietf | 2 Ieee 802.2, P802.1q | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers). | |||||
| CVE-2021-27861 | 2 Ieee, Ietf | 2 Ieee 802.2, P802.1q | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers) | |||||
| CVE-2021-27854 | 2 Ieee, Ietf | 2 Ieee 802.2, P802.1q | 2025-05-21 | N/A | 4.7 MEDIUM |
| Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse. | |||||
| CVE-2025-48027 | 2025-05-16 | N/A | 5.4 MEDIUM | ||
| The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary controls DNS resolution for pginaloginserver. | |||||
| CVE-2024-22520 | 1 Dronetag | 1 Drone Scanner | 2025-05-15 | N/A | 8.2 HIGH |
| An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones via transmission of crafted data packets. | |||||
| CVE-2024-13685 | 1 Wpase | 1 Admin And Site Enhancements | 2025-05-14 | N/A | 5.3 MEDIUM |
| The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10. | |||||
| CVE-2024-31008 | 1 Wuzhicms | 1 Wuzhicms | 2025-05-13 | N/A | 6.5 MEDIUM |
| An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file. | |||||
| CVE-2025-24091 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-12 | N/A | 5.5 MEDIUM |
| An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service. | |||||
| CVE-2025-28128 | 1 Mytel | 1 Telecom Online Account System | 2025-05-12 | N/A | 7.0 HIGH |
| An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request. | |||||
| CVE-2025-27695 | 2025-05-12 | N/A | 4.9 MEDIUM | ||
| Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by Spoofing vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure. | |||||
| CVE-2022-42983 | 1 Anji-plus | 1 Aj-report | 2025-05-10 | N/A | 8.8 HIGH |
| anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens. | |||||
| CVE-2024-58126 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-58127 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2025-31170 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-58125 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-58124 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-07 | N/A | 8.4 HIGH |
| Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||