Total
8367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48644 | 1 Eptura | 1 Archibus | 2025-05-30 | N/A | 6.1 MEDIUM |
| An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on. | |||||
| CVE-2022-45167 | 1 Archibus | 1 Archibus Web Central | 2025-05-30 | N/A | 4.3 MEDIUM |
| An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to access the profile information of all connected users. | |||||
| CVE-2025-30224 | 2025-05-29 | N/A | N/A | ||
| MyDumper is a MySQL Logical Backup Tool. The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted MySQL servers without explicitly disabling the local infile capability. Mydumper has the local infile option enabled by default and does not have an option to disable it. This can lead to an unexpected arbitrary file read if the Mydumper tool connects to an untrusted server. This vulnerability is fixed in 0.18.2-8. | |||||
| CVE-2022-34712 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2016 and 1 more | 2025-05-29 | N/A | 5.5 MEDIUM |
| Windows Defender Credential Guard Information Disclosure Vulnerability | |||||
| CVE-2022-34710 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | N/A | 5.5 MEDIUM |
| Windows Defender Credential Guard Information Disclosure Vulnerability | |||||
| CVE-2022-34708 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-05-29 | N/A | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2025-5064 | 1 Google | 1 Chrome | 2025-05-29 | N/A | 5.4 MEDIUM |
| Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2025-5281 | 1 Google | 1 Chrome | 2025-05-29 | N/A | 5.4 MEDIUM |
| Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2022-28638 | 2 Hp, Hpe | 77 Apollo 4200 Gen10 Server, Apollo 4500, Apollo R2000 Chassis and 74 more | 2025-05-29 | N/A | 7.8 HIGH |
| An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities. | |||||
| CVE-2023-29857 | 1 Teslamate | 1 Teslamate | 2025-05-28 | N/A | 5.3 MEDIUM |
| An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link. | |||||
| CVE-2024-7704 | 1 Weaver | 1 E-cology | 2025-05-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecology_dev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-25734 | 1 Wyrestorm | 2 Apollo Vx20, Apollo Vx20 Firmware | 2025-05-28 | N/A | 7.5 HIGH |
| An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts. | |||||
| CVE-2025-31218 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 6.2 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to observe the hostnames of new network connections. | |||||
| CVE-2025-31220 | 1 Apple | 2 Ipados, Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A malicious app may be able to read sensitive location information. | |||||
| CVE-2025-31225 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-27 | N/A | 7.1 HIGH |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and iPadOS 18.5. Call history from deleted apps may still appear in spotlight search results. | |||||
| CVE-2025-31236 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31242 | 1 Apple | 2 Ipados, Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access sensitive user data. | |||||
| CVE-2025-31250 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31256 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes. | |||||
| CVE-2025-4751 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-05-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected is an unknown function of the file /index.data. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||