Total
310474 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-38380 | 1 Linux | 1 Linux Kernel | 2025-09-17 | 7.0 High |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-1087 | 2025-09-17 | N/A | ||
| Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript execution in the context of the application. | ||||
| CVE-2025-10535 | 1 Mozilla | 1 Firefox | 2025-09-17 | 7.5 High |
| This vulnerability affects Firefox < 143. | ||||
| CVE-2025-10534 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-09-17 | 8.1 High |
| This vulnerability affects Firefox < 143 and Thunderbird < 143. | ||||
| CVE-2022-43023 | 1 Opencats | 1 Opencats | 2025-09-17 | 6.5 Medium |
| OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function. | ||||
| CVE-2022-43022 | 1 Opencats | 1 Opencats | 2025-09-17 | 6.5 Medium |
| OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function. | ||||
| CVE-2022-43021 | 1 Opencats | 1 Opencats | 2025-09-17 | 6.5 Medium |
| OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable. | ||||
| CVE-2024-5754 | 1 Zephyrproject | 1 Zephyr | 2025-09-17 | 8.2 High |
| BT: Encryption procedure host vulnerability | ||||
| CVE-2024-6137 | 2 Zephyrproject, Zephyrproject-rtos | 2 Zephyr, Zephyr | 2025-09-17 | 7.6 High |
| BT: Classic: SDP OOB access in get_att_search_list | ||||
| CVE-2025-43327 | 1 Apple | 2 Macos, Safari | 2025-09-17 | 6.5 Medium |
| The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing. | ||||
| CVE-2025-43329 | 1 Apple | 6 Ios, Ipados, Iphone Os and 3 more | 2025-09-17 | 8.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26, tvOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to break out of its sandbox. | ||||
| CVE-2025-43331 | 1 Apple | 1 Macos | 2025-09-17 | 4 Medium |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data. | ||||
| CVE-2024-6259 | 2 Zephyrproject, Zephyrproject-rtos | 2 Zephyr, Zephyr | 2025-09-17 | 7.6 High |
| BT: HCI: adv_ext_report Improper discarding in adv_ext_report | ||||
| CVE-2025-43333 | 1 Apple | 1 Macos | 2025-09-17 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to gain root privileges. | ||||
| CVE-2025-43337 | 1 Apple | 1 Macos | 2025-09-17 | 5.5 Medium |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. | ||||
| CVE-2025-34080 | 1 Contec | 1 Conprosys Hmi System | 2025-09-17 | 6.1 Medium |
| The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7. | ||||
| CVE-2025-43340 | 1 Apple | 1 Macos | 2025-09-17 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox. | ||||
| CVE-2025-43342 | 1 Apple | 8 Ios, Ipados, Iphone Os and 5 more | 2025-09-17 | 9.8 Critical |
| A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-43343 | 1 Apple | 8 Ios, Ipados, Iphone Os and 5 more | 2025-09-17 | 9.8 Critical |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 26, Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-43344 | 1 Apple | 8 Ios, Ipados, Iphone Os and 5 more | 2025-09-17 | 3.3 Low |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause unexpected system termination. | ||||