8.3

CVSS4.0

CVE-2025-4640 - Out-of-bounds Write in pcl

Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 orโ€ฆ

๐Ÿ“… Published: May 14, 2025, 6:06 p.m. ๐Ÿ”„ Last Modified: May 16, 2025, 2:43 p.m.

7.1

CVSS4.0

CVE-2025-0131 - GlobalProtect App: Incorrect Privilege Management Vulnerability in OPSWAT MetaDefender Endpoint Secโ€ฆ

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtectโ„ข app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, executioโ€ฆ

๐Ÿ“… Published: May 14, 2025, 6:06 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 6:28 p.m.

8.8

CVSS4.0

CVE-2025-4639 - Improper Restriction of XML External Entity Reference in Peergos

CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder() method of WebDav servlet in Peergos. This issue affects Peergos through version 1.1.0.

๐Ÿ“… Published: May 14, 2025, 6:04 p.m. ๐Ÿ”„ Last Modified: May 16, 2025, 2:43 p.m.

9.2

CVSS4.0

CVE-2025-4638 - Improper Pointer Arithmetic in pcl

A vulnerability exists in the inftrees.c component of the zlib library, which is bundled within the PointCloudLibrary (PCL). This issue may allow context-dependent attackers to cause undefined behavior by exploiting improper pointer arithmetic. Since version 1.14.0, PCL by default uses a zlib instโ€ฆ

๐Ÿ“… Published: May 14, 2025, 5:59 p.m. ๐Ÿ”„ Last Modified: Oct. 21, 2025, 2:10 p.m.

8.7

CVSS4.0

CVE-2025-4637 - Divide By Zero in dlib

Divide By Zero vulnerability in davisking dlib allows remote attackers to cause a denial of service via a crafted file. .This issue affects dlib: before <19.24.7.

๐Ÿ“… Published: May 14, 2025, 5:51 p.m. ๐Ÿ”„ Last Modified: May 16, 2025, 2:43 p.m.

4.3

CVSS3.1

CVE-2025-46786 - Zoom Workplace Apps - Cross-site Scripting

Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access.

๐Ÿ“… Published: May 14, 2025, 5:42 p.m. ๐Ÿ”„ Last Modified: Nov. 6, 2025, 7:51 p.m.

4.3

CVSS3.1

CVE-2025-4664 -

Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: May 14, 2025, 5:41 p.m. ๐Ÿ”„ Last Modified: June 6, 2025, 1 a.m.

6.5

CVSS3.1

CVE-2025-46785 - Zoom Workplace Apps for Windows - Buffer Over-read

Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

๐Ÿ“… Published: May 14, 2025, 5:41 p.m. ๐Ÿ”„ Last Modified: Aug. 19, 2025, 7:14 p.m.

6.5

CVSS3.1

CVE-2025-30668 - Zoom Workplace Apps - NULL Pointer Dereference

Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.

๐Ÿ“… Published: May 14, 2025, 5:39 p.m. ๐Ÿ”„ Last Modified: Nov. 4, 2025, 9:34 p.m.

8.2

CVSS4.0

CVE-2025-0130 - PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafteโ€ฆ

A missing exception check in Palo Alto Networks PAN-OSยฎ software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this cโ€ฆ

๐Ÿ“… Published: May 14, 2025, 5:37 p.m. ๐Ÿ”„ Last Modified: Oct. 6, 2025, 4:18 p.m.
Total resulsts: 343446
Page 4837 of 34,345
ยซ previous page ยป next page
Filters