Total
323356 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-14437 | 2 Wordpress, Wpmudev | 2 Wordpress, Hummingbird | 2025-12-19 | 7.5 High |
| The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials. | ||||
| CVE-2023-44247 | 1 Fortinet | 1 Fortios | 2025-12-19 | 6.5 Medium |
| A double free vulnerability [CWE-415] vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests. | ||||
| CVE-2025-10729 | 1 Qt | 1 Qt | 2025-12-19 | 8.6 High |
| The module will parse a <pattern> node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free. | ||||
| CVE-2025-43541 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2025-12-19 | 4.3 Medium |
| A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2025-43501 | 2 Apple, Webkitgtk | 8 Ios, Ipados, Iphone Os and 5 more | 2025-12-19 | 4.3 Medium |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-37164 | 1 Hpe | 1 Oneview | 2025-12-19 | 10 Critical |
| A remote code execution issue exists in HPE OneView. | ||||
| CVE-2025-68491 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68490 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68489 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68488 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68487 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68486 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68485 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68484 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-68483 | 2025-12-19 | N/A | ||
| Not used | ||||
| CVE-2025-54515 | 2 Amd, Arm | 4 Alveo, Versal, Cortex-a and 1 more | 2025-12-19 | N/A |
| The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state. | ||||
| CVE-2019-3863 | 5 Debian, Libssh2, Netapp and 2 more | 15 Debian Linux, Libssh2, Ontap Select Deploy Administration Utility and 12 more | 2025-12-19 | N/A |
| A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing in an out of bounds memory write error. | ||||
| CVE-2025-48507 | 2 Amd, Arm | 3 Kria Som, Zynq Ultrascale+, Trusted Firmware-a | 2025-12-19 | N/A |
| The security state of the calling processor into Arm® Trusted Firmware (TF-A) is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC. | ||||
| CVE-2025-54100 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2025-12-19 | 7.8 High |
| Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-62221 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2025-12-19 | 7.8 High |
| Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||||