10

CVSS3.1

CVE-2025-20393 - Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerabโ€ฆ

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is duโ€ฆ

๐Ÿ“… Published: Dec. 17, 2025, 4:47 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 4:07 p.m.

6.5

CVSS4.0

CVE-2025-26381 - OpenBlue Mobile Web Application configuration issue for optional for OpenBlue Workplace (formerly Fโ€ฆ

Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information.

๐Ÿ“… Published: Dec. 17, 2025, 4:13 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.7

CVSS4.0

CVE-2025-43873 - iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application commandโ€ฆ

Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.

๐Ÿ“… Published: Dec. 17, 2025, 3:53 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.7

CVSS4.0

CVE-2025-14727 - NGINX Ingress Controller vulnerability

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-targetย annotation validation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

๐Ÿ“… Published: Dec. 17, 2025, 3:48 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 4:07 p.m.

10

CVSS3.1

CVE-2025-44005 - github.com/smallstep/certificates: github.com/smallstep/certificates: Authorization bypass allows uโ€ฆ

An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.

๐Ÿ“… Published: Dec. 17, 2025, 3:16 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.6

CVSS4.0

CVE-2025-14266 - CSRF in Ercom Cryptobox administration console

CSRF in Ercom Cryptobox administration console allows attacker to trigger some actions on behalf of a Cryptobox administrator. The attack requires the administrator to browse a malicious web site or to click a link while he has an open session on the administration console.

๐Ÿ“… Published: Dec. 17, 2025, 1:38 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-14828 -

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

๐Ÿ“… Published: Dec. 17, 2025, 1:36 p.m. ๐Ÿ”„ Last Modified: Dec. 17, 2025, 6:14 p.m.

7.1

CVSS4.0

CVE-2025-61736 - iSTAR- Improper Validation of Certificate Expiration

Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.

๐Ÿ“… Published: Dec. 17, 2025, 12:36 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.2

CVSS3.1

CVE-2025-14097 - Remote Code Execution Vulnerability in Radiometer Products

A vulnerability in the application software of multiple Radiometer products may allow remote code execution and unauthorized device management when specific internal conditions are met. Exploitation requires that a remote connection is established with additional information obtained through other โ€ฆ

๐Ÿ“… Published: Dec. 17, 2025, 12:36 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.4

CVSS3.1

CVE-2025-14096 - Credential Disclosure vulnerability in Radiometer Products

A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is due to a weakness in the design and insufficient credential protection in operating system. Other related CVE's areโ€ฆ

๐Ÿ“… Published: Dec. 17, 2025, 12:19 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 345141
Page 2151 of 34,515
ยซ previous page ยป next page
Filters