Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-66601 | 1 Yokogawa | 1 Fast\/tools | 2026-03-05 | N/A | 6.1 MEDIUM |
|
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
specify MIME types. When an attacker performs a content sniffing attack,
malicious scripts could be executed.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
|
|||||
| CVE-2025-66603 | 1 Yokogawa | 1 Fast\/tools | 2026-03-05 | N/A | 9.8 CRITICAL |
|
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts
the OPTIONS method. An attacker could potentially use this information to carry
out other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
|
|||||
| CVE-2024-2617 | 2026-03-04 | N/A | 7.2 HIGH | ||
|
A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update,
if secure update feature was not enabled on all
CMUs of a RTU500. If a
malicious actor successfully exploits this vulnerability, they
could use it to update the RTU500 with unsigned firmware.
|
|||||
| CVE-2025-13333 | 1 Ibm | 1 Websphere Application Server | 2026-02-20 | N/A | 4.4 MEDIUM |
|
IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during system administration of security settings.
|
|||||
| CVE-2026-1486 | 2026-02-10 | N/A | 8.8 HIGH | ||
|
A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer) retrieves the IdP configuration but does not filter for isEnabled=false. If an administrator disables an IdP (e.g., due to a compromise or offboarding), an entity possessing that IdP's signing key can still generate valid JWT assertions that Keycloak ...
Show More |
|||||
| CVE-2025-66607 | 2026-02-09 | N/A | N/A | ||
|
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The response header
contains an insecure setting. Users could be redirected to malicious sites by
an attacker.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
|
|||||
| CVE-2025-66600 | 2026-02-09 | N/A | N/A | ||
|
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product lacks
HSTS (HTTP Strict Transport Security) configuration. When an attacker performs
a Man in the middle (MITM) attack, communications with the web server could be
sniffed.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
|
|||||
| CVE-2025-62002 | 1 Bullwall | 1 Ransomware Containment | 2026-01-15 | N/A | 4.3 MEDIUM |
|
BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection can be configured by the user. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also be affected.
|
|||||
| CVE-2025-25255 | 1 Fortinet | 2 Fortios, Fortiproxy | 2026-01-14 | N/A | 5.3 MEDIUM |
|
An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user to bypass the domain fronting protection feature via crafted HTTP requests.
|
|||||
| CVE-2025-69234 | 1 Navercorp | 1 Whale | 2026-01-13 | N/A | 9.1 CRITICAL |
|
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.
|
|||||
| CVE-2025-66323 | 1 Huawei | 1 Harmonyos | 2025-12-09 | N/A | 5.3 MEDIUM |
|
Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-3448 | 4 Fedoraproject, Oracle, Redhat and 1 more | 4 Fedora, Communications Cloud Native Core Network Function Cloud Native Environment, Enterprise Linux and 1 more | 2025-12-03 | 4.3 MEDIUM | 4.0 MEDIUM |
|
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
|
|||||
| CVE-2025-58308 | 1 Huawei | 1 Harmonyos | 2025-12-02 | N/A | 7.3 HIGH |
|
Vulnerability of improper criterion security check in the call module.
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
|
|||||
| CVE-2020-25686 | 4 Arista, Debian, Fedoraproject and 1 more | 4 Eos, Debian Linux, Fedora and 1 more | 2025-11-04 | 4.3 MEDIUM | 3.7 LOW |
|
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is ...
Show More |
|||||
| CVE-2020-25684 | 4 Arista, Debian, Fedoraproject and 1 more | 4 Eos, Debian Linux, Fedora and 1 more | 2025-11-04 | 4.3 MEDIUM | 3.7 LOW |
|
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a qu ...
Show More |
|||||
| CVE-2025-43262 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 5.1 MEDIUM |
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. USB Restricted Mode may not be applied to accessories connected during boot.
|
|||||
| CVE-2025-32086 | 2025-11-03 | N/A | 7.2 HIGH | ||
|
Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-2324 | 1 Sonicwall | 1 Hosted Email Security | 2025-10-31 | N/A | 7.5 HIGH |
|
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions
|
|||||
| CVE-2025-10457 | 1 Zephyrproject | 1 Zephyr | 2025-10-29 | N/A | 4.3 MEDIUM |
|
The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely on identifier matching.
|
|||||
| CVE-2024-7965 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2025-10-24 | N/A | 8.8 HIGH |
|
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2025-62583 | 1 Navercorp | 1 Whale | 2025-10-21 | N/A | 9.8 CRITICAL |
|
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.
|
|||||
| CVE-2025-62585 | 1 Navercorp | 1 Whale | 2025-10-21 | N/A | 7.5 HIGH |
|
Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.
|
|||||
| CVE-2025-31969 | 1 Hcltech | 1 Unica | 2025-10-20 | N/A | 4.0 MEDIUM |
|
HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.
|
|||||
| CVE-2025-59147 | 1 Oisf | 1 Suricata | 2025-10-06 | N/A | 7.5 HIGH |
|
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. ...
Show More |
|||||
| CVE-2025-49011 | 1 Authzed | 1 Spicedb | 2025-09-04 | N/A | 3.7 LOW |
|
SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrow’ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, requests may return a negative response when a positive response is expected. Version 1.44.2 fixes the issue. As a workaround, do not use caveats in the schema over an arrow’ed relation.
|
|||||
| CVE-2020-9295 | 1 Fortinet | 3 Antivirus Engine, Forticlient, Fortios | 2025-08-14 | N/A | 4.7 MEDIUM |
|
FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6.00144 and below and FortiClient 6.2 running AV engine version 6.00137 and below may not immediately detect certain types of malformed or non-standard RAR archives, potentially containing malicious files. Based on the samples provided, FortiClient will detect the malicious files upon trying extraction by real-time scanning and FortiGate will detect the malicious archive if Virus Outbreak Prevention is ...
Show More |
|||||
| CVE-2021-42017 | 1 Siemens | 54 Ruggedcom I800, Ruggedcom I801, Ruggedcom I802 and 51 more | 2025-08-12 | 4.3 MEDIUM | 5.9 MEDIUM |
|
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, RUGGEDCOM i802, RUGGEDCOM i803, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM RMC30, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RP110, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600T, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS401, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416Pv2 V4.X, RUGGEDC ...
Show More |
|||||
| CVE-2025-8204 | 1 Comodo | 1 Dragon | 2025-07-31 | 2.6 LOW | 3.1 LOW |
|
A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179. Affected by this vulnerability is an unknown functionality of the component HSTS Handler. The manipulation leads to security check for standard. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any ...
Show More |
|||||
| CVE-2021-26105 | 1 Fortinet | 1 Fortisandbox | 2025-07-24 | N/A | 6.8 MEDIUM |
|
A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests.
|
|||||
| CVE-2024-55599 | 1 Fortinet | 3 Fortios, Fortiproxy, Fortisase | 2025-07-22 | N/A | 5.3 MEDIUM |
|
An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices.
|
|||||
| CVE-2024-25545 | 1 Weave | 1 Weave Desktop | 2025-06-17 | N/A | 7.8 HIGH |
|
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a crafted script to the nwjs framework component.
|
|||||
| CVE-2022-38732 | 1 Netapp | 1 Snapcenter | 2025-05-20 | N/A | 7.5 HIGH |
|
SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.
|
|||||
| CVE-2017-6032 | 1 Schneider-electric | 2 Modbus, Modbus Firmware | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-force attacks.
|
|||||
| CVE-2017-12303 | 1 Cisco | 1 Asyncos | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. The vulnerability is due to incorrect and different file hash values when AMP scans the file. An attacker could exploit this vulnerability by sending a crafted email file attachment through the target ...
Show More |
|||||
| CVE-2014-4843 | 1 Ibm | 1 Curam Social Program Management | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.
|
|||||
| CVE-2016-3017 | 1 Ibm | 6 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 3 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.
|
|||||
| CVE-2016-10229 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
|
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.
|
|||||
| CVE-2017-7177 | 1 Openinfosecfoundation | 1 Suricata | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
|
|||||
| CVE-2017-8152 | 1 Huawei | 2 Honor 5s, Honor 5s Firmware | 2025-04-20 | 4.9 MEDIUM | 4.6 MEDIUM |
|
Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings.
|
|||||
| CVE-2021-26328 | 1 Amd | 48 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 45 more | 2025-04-09 | N/A | 4.4 MEDIUM |
|
Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss of memory integrity for SNP guests.
|
|||||