Total
34068 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46762 | 1 Apache | 1 Parquet | 2025-09-02 | 8.1 High |
| Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be executed. The exploit is only applicable if the client code of parquet-avro uses the "specific" or the "reflect" models deliberately for reading Parquet files. ("generic" model is not impacted) Users are recommended to upgrade to 1.15.2 or set the system property "org.apache.parquet.avro.SERIALIZABLE_PACKAGES" to an empty string on 1.15.1. Both are sufficient to fix the issue. | ||||
| CVE-2025-3735 | 1 Panelizer \(obsolete\) Project | 1 Panelizer \(obsolete\) | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Panelizer (obsolete).This issue affects Panelizer (obsolete): *.*. | ||||
| CVE-2025-3736 | 1 Simple Gtm Project | 1 Simple Gtm | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Simple GTM.This issue affects Simple GTM: *.*. | ||||
| CVE-2025-3737 | 1 Google Maps\ | 1 Store Locator Project | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Google Maps: Store Locator.This issue affects Google Maps: Store Locator: *.*. | ||||
| CVE-2025-3738 | 1 Google Optimize Project | 1 Google Optimize | 2025-09-02 | 5.9 Medium |
| Vulnerability in Drupal Google Optimize.This issue affects Google Optimize: *.*. | ||||
| CVE-2025-3903 | 1 Ueditor Project | 1 Ueditor | 2025-09-02 | 7.3 High |
| Vulnerability in Drupal UEditor - 百度编辑器.This issue affects UEditor - 百度编辑器: *.*. | ||||
| CVE-2025-3904 | 1 Sportsleague Project | 1 Sportsleague | 2025-09-02 | 7.3 High |
| Vulnerability in Drupal Sportsleague.This issue affects Sportsleague: *.*. | ||||
| CVE-2025-3060 | 1 Flattern Project | 1 Flattern | 2025-09-02 | 6.6 Medium |
| Vulnerability in Drupal Flattern – Multipurpose Bootstrap Business Profile.This issue affects Flattern – Multipurpose Bootstrap Business Profile: *.*. | ||||
| CVE-2024-13299 | 1 Boozallen | 1 Megamenu Framework | 2025-09-02 | 6.6 Medium |
| Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework: *.*. | ||||
| CVE-2024-13300 | 1 Print Anything Project | 1 Print Anything | 2025-09-02 | 6.6 Medium |
| Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*. | ||||
| CVE-2024-13310 | 1 Git Utilities Project | 1 Git Utilities | 2025-09-02 | 6.5 Medium |
| Vulnerability in Drupal Git Utilities for Drupal.This issue affects Git Utilities for Drupal: *.*. | ||||
| CVE-2024-13311 | 1 Allow All File Extensions For File Fields Project | 1 Allow All File Extensions For File Fields | 2025-09-02 | 7.3 High |
| Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields: *.*. | ||||
| CVE-2024-13285 | 1 Wkhtmltopdf | 1 Wkhtmltopdf | 2025-09-02 | 9.8 Critical |
| Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*. | ||||
| CVE-2025-0986 | 1 Ibm | 2 Power9 System Firmware, Powervm Hypervisor | 2025-09-01 | 4.5 Medium |
| IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration. | ||||
| CVE-2025-2898 | 1 Ibm | 1 Maximo Application Suite | 2025-09-01 | 7.5 High |
| IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations. | ||||
| CVE-2020-17159 | 1 Redhat | 1 Language Support For Java | 2025-08-28 | 7.8 High |
| Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | ||||
| CVE-2020-17158 | 1 Microsoft | 1 Dynamics 365 | 2025-08-28 | 8.8 High |
| Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | ||||
| CVE-2020-17156 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2025-08-28 | 7.8 High |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2020-17153 | 1 Microsoft | 1 Edge | 2025-08-28 | 4.3 Medium |
| Microsoft Edge for Android Spoofing Vulnerability | ||||
| CVE-2020-17152 | 1 Microsoft | 1 Dynamics 365 | 2025-08-28 | 8.8 High |
| Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | ||||