10

CVSS3.1

CVE-2025-65037 - Azure Container Apps Remote Code Execution Vulnerability

Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.

πŸ“… Published: Dec. 18, 2025, 10:02 p.m. πŸ”„ Last Modified: April 16, 2026, 2:19 p.m.

10

CVSS3.1

CVE-2025-65041 - Microsoft Partner Center Elevation of Privilege Vulnerability

Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.

πŸ“… Published: Dec. 18, 2025, 10:02 p.m. πŸ”„ Last Modified: April 16, 2026, 2:19 p.m.

9.9

CVSS3.1

CVE-2025-64663 - Custom Question Answering Elevation of Privilege Vulnerability

Custom Question Answering Elevation of Privilege Vulnerability

πŸ“… Published: Dec. 18, 2025, 10:02 p.m. πŸ”„ Last Modified: April 16, 2026, 2:19 p.m.

3.1

CVSS3.1

CVE-2025-65046 - Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Spoofing Vulnerability

πŸ“… Published: Dec. 18, 2025, 10:01 p.m. πŸ”„ Last Modified: April 16, 2026, 2:19 p.m.

6.5

CVSS3.1

CVE-2025-68383 - Filebeat Improper Validation of Specified Index, Position, or Offset in Input

Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a malformed Syslog mes…

πŸ“… Published: Dec. 18, 2025, 10 p.m. πŸ”„ Last Modified: Dec. 23, 2025, 5:59 p.m.

6.9

CVSS4.0

CVE-2025-13427 - Authentication Bypass in Dialogflow CX Messenger

An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific API …

πŸ“… Published: Dec. 18, 2025, 9:57 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2025-68382 - Packetbeat Out-of-bounds Read

Out-of-bounds read (CWE-125) allows an unauthenticated remote attacker to perform a buffer overflow (CAPEC-100) via the NFS protocol dissector, leading to a denial-of-service (DoS) through a reliable process crash when handling truncated XDR-encoded RPC messages.

πŸ“… Published: Dec. 18, 2025, 9:56 p.m. πŸ”„ Last Modified: Dec. 23, 2025, 5:43 p.m.

6.5

CVSS3.1

CVE-2025-68381 - Packetbeat Improper Bounds Check

Improper Bounds Check (CWE-787) in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow (CAPEC-100) and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number.

πŸ“… Published: Dec. 18, 2025, 9:51 p.m. πŸ”„ Last Modified: Dec. 23, 2025, 5:42 p.m.

5.3

CVSS3.1

CVE-2025-68388 -

Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat.

πŸ“… Published: Dec. 18, 2025, 9:33 p.m. πŸ”„ Last Modified: Dec. 23, 2025, 5:43 p.m.

8.7

CVSS4.0

CVE-2025-34452 - Streama Subtitle Download Path Traversal and SSRF Leading to Arbitrary File Write

Streama versions 1.10.0 through 1.10.5 and prior to commit b7c8767 contain aΒ combination of path traversal and server-side request forgery (SSRF) vulnerabilities in that allow an authenticated attacker to write arbitrary files to the server filesystem. The issue exists in the subtitle download func…

πŸ“… Published: Dec. 18, 2025, 9:30 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 345926
Page 2179 of 34,593
Β« previous page Β» next page
Filters