Skip to main content
CVE-2024-42516 HIGH POC PATCH This Week

HTTP response splitting vulnerability in Apache HTTP Server core allows network-based attackers without authentication to inject arbitrary HTTP headers and content into responses by manipulating Content-Type headers in proxied or hosted applications, potentially enabling cache poisoning, session hijacking, or XSS attacks. Affects Apache HTTP Server versions prior to 2.4.64, with a critical note that the initial patch in 2.4.59 was incomplete. This is a regression/incomplete fix of CVE-2023-38709, indicating patch evasion and suggesting active exploitation interest.

Apache Information Disclosure Http Server Red Hat Suse +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-52434 HIGH PATCH This Week

Apache Tomcat contains a race condition vulnerability in the APR/Native connector that can be triggered during concurrent HTTP/2 connection handling, particularly when clients initiate connection closes. The vulnerability affects Tomcat 9.0.0.M1 through 9.0.106 (and EOL versions 8.5.0-8.5.100), allowing remote unauthenticated attackers to cause denial of service through improper synchronization of shared resources. With a CVSS score of 7.5 and network-accessible attack vector requiring no authentication, this represents a high-severity availability impact, though no active public exploitation has been confirmed.

Apache Race Condition Tomcat Java Denial Of Service +2
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-53506 HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Tomcat Denial Of Service Java Red Hat +1
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-43204 HIGH PATCH This Week

CVE-2024-43204 is a Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server when mod_proxy is loaded, allowing unauthenticated attackers to initiate outbound proxy requests to attacker-controlled URLs. The vulnerability requires an uncommon configuration where mod_headers is used to modify Content-Type headers based on user-supplied HTTP request values. Apache recommends immediate upgrade to version 2.4.64 to remediate this high-integrity-impact issue.

Apache SSRF Http Server Red Hat Suse +1
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-53634 HIGH PATCH This Week

CVE-2025-53634 is a Denial of Service (DoS) vulnerability in Chall-Manager's HTTP Gateway that lacks request timeout mechanisms, allowing unauthenticated attackers to execute Slow Loris attacks and exhaust server resources. The vulnerability affects Chall-Manager versions prior to v0.1.4 and has a CVSS score of 7.5 (High) with zero authentication requirements. While the vulnerability itself is not marked as actively exploited in public KEV databases, the patch is already available, and the architectural recommendation to isolate Chall-Manager deep within infrastructure significantly reduces real-world exposure.

Denial Of Service Chall Manager Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-47252 HIGH POC PATCH This Week

CVE-2024-47252 is a security vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Information Disclosure TLS Http Server Red Hat +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-52520 HIGH PATCH This Week

CVE-2025-52520 is an integer overflow vulnerability in Apache Tomcat's multipart upload handling that allows unauthenticated remote attackers to bypass size limits and trigger denial of service. The vulnerability affects Tomcat versions 11.0.0-M1 through 11.0.8, 10.1.0-M1 through 10.1.42, 9.0.0.M1 through 9.0.106, and EOL version 8.5.0 through 8.5.100, requiring only network access with no authentication. With a CVSS score of 7.5 (High severity) and an attack vector rated as Network/Low complexity, this represents a significant availability risk for unpatched deployments.

Apache Tomcat Integer Overflow Java Denial Of Service +2
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-2520 HIGH This Week

CVE-2025-2520 is an uninitialized variable vulnerability in Honeywell Experion PKS's Epic Platform Analyzer (EPA) communications module that enables remote attackers to manipulate communication channels and trigger pointer dereference errors, resulting in denial of service. The vulnerability affects multiple Experion PKS product lines across versions 520.1-520.2 TCU9 and 530-530 TCU3, with a CVSS score of 7.5 indicating high availability impact. No evidence of active exploitation (KEV status) or public POC availability is indicated; however, the network-accessible attack vector and lack of authentication requirements elevate real-world risk for critical industrial control environments.

Denial Of Service Honeywell Null Pointer Dereference
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-43394 HIGH PATCH This Week

CVE-2024-43394 is a Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server on Windows (versions 2.4.0-2.4.63) that allows unauthenticated remote attackers to leak NTLM credential hashes to malicious servers through unvalidated request input processed by mod_rewrite or Apache expressions. The vulnerability exploits Windows SMB/UNC path handling to trigger NTLM authentication, potentially compromising domain credentials. This is a high-severity issue affecting all default Windows installations without explicit UNC path filtering.

Apache SSRF Windows Information Disclosure Http Server +3
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-44251 HIGH This Week

Ecovacs Deebot T10 version 1.7.2 transmits Wi-Fi credentials in cleartext during the device pairing process, allowing network-adjacent attackers to intercept sensitive authentication material without authentication or user interaction. This high-severity information disclosure vulnerability (CVSS 7.5) affects the initial device setup phase and could enable unauthorized network access or further lateral movement within the target network.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-49812 HIGH PATCH This Week

CVE-2025-49812 is an HTTP request smuggling/desynchronization vulnerability in Apache HTTP Server's mod_ssl that allows man-in-the-middle attackers to hijack HTTPS sessions by exploiting improper handling of TLS upgrades. Only Apache HTTP Server versions through 2.4.63 with 'SSLEngine optional' configurations are affected, enabling session hijacking with high confidentiality and integrity impact. The vulnerability requires network-level access and careful timing but does not require user interaction or privileges; upgrade to 2.4.64 (which removes TLS upgrade support entirely) is the recommended mitigation.

Apache TLS Session Fixation Http Server Red Hat +2
NVD
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-46788 HIGH PATCH This Week

CVE-2025-46788 is an improper certificate validation vulnerability in Zoom Workplace for Linux versions before 6.4.13 that allows unauthenticated network-based attackers to conduct information disclosure attacks with high complexity requirements. The vulnerability enables unauthorized users to intercept or access sensitive information through network access by bypassing SSL/TLS certificate validation mechanisms. While the CVSS score is 7.4 (high), the attack complexity is high (AC:H), suggesting exploitation requires specific conditions; KEV status and active exploitation data are not currently available, warranting monitoring for disclosure.

Information Disclosure Workplace Desktop
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-38340 HIGH PATCH This Week

CVE-2025-38340 is an out-of-bounds (OOB) memory read vulnerability in the Linux kernel's cs_dsp firmware module, specifically within the cs_dsp_mock_bin_add_name_or_info() KUnit test function. The vulnerability occurs when source string length is incorrectly rounded up during memory allocation, causing KASAN to detect out-of-bounds access. Local unprivileged users (PR:L) can trigger this vulnerability to read sensitive kernel memory, potentially disclosing confidential information or causing denial of service. This is a test/kernel development vulnerability with limited real-world impact as it resides in KUnit test code rather than production firmware paths.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-38330 HIGH PATCH This Week

CVE-2025-38330 is an out-of-bounds memory read vulnerability in the Linux kernel's cs_dsp firmware driver, specifically within KUnit test code for control cache initialization. The vulnerability allows a local attacker with low privileges to read sensitive kernel memory, potentially leading to information disclosure and denial of service. This is a kernel testing/development issue rather than a production runtime vulnerability, with no evidence of active exploitation in the wild.

Buffer Overflow Linux Denial Of Service Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-38329 HIGH PATCH This Week

CVE-2025-38329 is an out-of-bounds (OOB) memory read vulnerability in the Linux kernel's cs_dsp (Cirrus Logic DSP) firmware module, specifically within KUnit test code handling WMFW (Wolfson Microcontroller Firmware) info structures. The vulnerability occurs when source string length is incorrectly rounded up to allocation size, allowing local attackers with low privileges to read sensitive kernel memory, potentially disclosing cryptographic material or other sensitive data. While confined to test code rather than production kernel paths, this represents a real information disclosure risk for systems with KUnit testing enabled or during development/debug kernels.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-38286 HIGH PATCH This Week

CVE-2025-38286 is an out-of-bounds array access vulnerability in the Linux kernel's AT91 GPIO pinctrl driver caused by insufficient validation of device tree alias values during probe. A local attacker with low privileges can trigger an out-of-bounds read or write to the gpio_chips array, potentially leading to information disclosure or denial of service. The vulnerability affects Linux kernel versions with the vulnerable at91_gpio_probe() function and is not currently listed in CISA KEV, indicating limited evidence of active exploitation.

Buffer Overflow Linux Denial Of Service Debian Linux Linux Kernel +2
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-5023 HIGH This Week

CVE-2025-5023 is a hard-coded credential vulnerability in Mitsubishi Electric's EcoGuideTAB photovoltaic system monitor (models PV-DR004J and PV-DR004JA, all versions) that allows attackers within Wi-Fi range to disclose sensitive power generation data, tamper with stored information, or cause denial-of-service. The vulnerability is chained with CVE-2025-5022 and affects products discontinued in 2015 with support ended in 2020, making patching unlikely; real-world risk is moderate despite the 7.1 CVSS score due to the product's age and narrow deployment window.

Information Disclosure
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-38342 HIGH PATCH This Week

CVE-2025-38342 is an out-of-bounds (OOB) read vulnerability in the Linux kernel's software_node_get_reference_args() function that occurs when processing malformed device tree property values. A local attacker with unprivileged user privileges can trigger an OOB read by crafting a malicious software node property, potentially leading to information disclosure or denial of service. The vulnerability affects Linux kernel versions with the vulnerable software node implementation and has a CVSS score of 7.1 indicating high severity; exploitation status and POC availability are not confirmed in public sources, but the local attack vector with low complexity makes this a moderate real-world priority for privilege escalation chains.

Buffer Overflow Linux Information Disclosure
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-38320 HIGH PATCH This Week

CVE-2025-38320 is a security vulnerability (CVSS 7.1). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Linux Stack Overflow Denial Of Service Debian Linux Linux Kernel +2
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-38292 HIGH PATCH This Week

CVE-2025-38292 is a use-after-free vulnerability in the Linux kernel's ath12k WiFi driver (ath12k_dp_rx_msdu_coalesce function) where the is_continuation boolean field is accessed after the skb (socket buffer) containing it has been freed. This affects local attackers with low privileges who can trigger network packet processing, potentially leading to information disclosure or denial of service. The vulnerability has not been reported as actively exploited in KEV, but the high CVSS score (7.1) and local attack vector indicate moderate real-world risk, particularly in systems where unprivileged users can influence WiFi packet handling.

Linux Use After Free Denial Of Service Memory Corruption Linux Kernel +2
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-7365 HIGH PATCH This Week

CVE-2025-7365 is an account takeover vulnerability in Keycloak affecting authenticated users during IdP-initiated account merging workflows. An attacker with valid authentication can manipulate the account merge process to change an email address to match a victim's email, triggering a verification email to the victim that lacks sender attribution-enabling phishing. Successful exploitation grants the attacker full account access to the victim's Keycloak account with high confidentiality, integrity, and availability impact (CVSS 7.1). No public POC or active KEV status has been confirmed at this time, but the attack requires low technical complexity and user interaction (clicking a verification link).

Information Disclosure
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy