Skip to main content
CVE-2025-32828 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32827 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32826 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32825 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32824 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32823 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32822 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32475 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-31353 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-31352 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-31351 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-31350 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-31349 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-31343 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-30032 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-30031 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-30030 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-30003 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-30002 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-29905 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-20236 HIGH This Week

A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Webex Teams
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-3620 HIGH PATCH This Week

Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Google Denial Of Service Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-3619 HIGH PATCH This Week

Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Google Buffer Overflow Heap Overflow Chrome +2
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-22041 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_sessions_deregister() In multichannel mode, UAF issue can occur in session_deregister when the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-22040 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-32869 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-32868 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-30960 HIGH This Week

Missing Authorization vulnerability in NotFound FS Poster.5.8. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2025-31478 HIGH This Week

Zulip is an open-source team collaboration tool. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zulip Server
NVD GitHub
CVSS 3.1
8.2
EPSS
0.2%
CVE-2025-2291 HIGH This Week

Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure PostgreSQL Pgbouncer Debian Linux
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2025-22069 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler Naresh Kamboju reported a "Bad. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Linux
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22023 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 ("usb: xhci: ensure skipped isoc TDs are returned. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-58093 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22097 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Memory Corruption Linux Denial Of Service Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22083 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint If vhost_scsi_set_endpoint is called multiple times without a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22035 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix use-after-free in print_graph_function_flags during tracer switching Kairui reported a UAF issue in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-23133 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22085 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Google +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22068 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ublk: make sure ubq->canceling is set when queue is frozen Now ublk driver depends on `ubq->canceling` for deciding if the request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22067 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock() If requested_clk > 128, cdns_mrvl_xspi_setup_clock(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Linux Linux Kernel Red Hat
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-25230 HIGH This Week

Omnissa Horizon Client for Windows contains an LPE Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22088 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22022 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 (one with start/stop. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Amd Memory Corruption Buffer Overflow Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22020 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Denial Of Service Lenovo +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22126 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: md: fix mddev uaf while iterating all_mddevs list While iterating all_mddevs list from md_notify_reboot() and md_exit(),. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22056 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-39566 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Hostel allows Blind SQL Injection.1.5.6. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.2%
CVE-2025-39518 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RedefiningTheWeb BMA Lite allows SQL Injection.4.2. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.2%
CVE-2025-39592 HIGH This Week

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Unlock Lite allows PHP Local File Inclusion.3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure LFI PHP
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-39584 HIGH This Week

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter Eventin allows PHP Local File Inclusion.0.25. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure LFI PHP
NVD
CVSS 3.1
7.5
EPSS
0.4%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy