Total
3839 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19937 | 1 Videolan | 1 Vlc For Mobile | 2025-05-06 | 6.6 Medium |
| A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone. | ||||
| CVE-2022-2572 | 1 Octopus | 1 Octopus Server | 2025-05-06 | 9.8 Critical |
| In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were still valid after the access was revoked. | ||||
| CVE-2025-0217 | 2025-05-05 | N/A | ||
| BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions. | ||||
| CVE-2025-25504 | 2025-05-05 | 6.5 Medium | ||
| An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h, v1.86v, and v1.70 allows attackers with network access to connect to the device over TCP port 4444 without authentication and execute arbitrary commands with root privileges. | ||||
| CVE-2022-22935 | 1 Saltstack | 1 Salt | 2025-05-05 | 3.7 Low |
| An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master. | ||||
| CVE-2022-22730 | 1 Intel | 1 Edge Insights For Industrial | 2025-05-05 | 9.8 Critical |
| Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||||
| CVE-2021-0193 | 1 Ibm | 1 In-band Manageability | 2025-05-05 | 7.2 High |
| Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. | ||||
| CVE-2024-38099 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-05-05 | 5.9 Medium |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | ||||
| CVE-2022-38744 | 1 Rockwellautomation | 1 Factorytalk Alarms And Events | 2025-05-05 | 7.5 High |
| An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML. | ||||
| CVE-2023-52160 | 6 Debian, Fedoraproject, Google and 3 more | 7 Debian Linux, Fedora, Android and 4 more | 2025-05-05 | 6.5 Medium |
| The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. | ||||
| CVE-2024-47659 | 1 Linux | 1 Linux Kernel | 2025-05-04 | 8.8 High |
| In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets. So, 1) returned packets are incorrectly labeled ('foo' instead of 'bar') 2) 'bar' can write to 'foo' without being authorized to write. Here is a scenario how to see this: * Take two machines, let's call them C and S, with active Smack in the default state (no settings, no rules, no labeled hosts, only builtin labels) * At S, add Smack rule 'foo bar w' (labels 'foo' and 'bar' are instantiated at S at this moment) * At S, at label 'bar', launch a program that listens for incoming tcp/ipv4 connections * From C, at label 'foo', connect to the listener at S. (label 'foo' is instantiated at C at this moment) Connection succeedes and works. * Send some data in both directions. * Collect network traffic of this connection. All packets in both directions are labeled with the CIPSO of the label 'foo'. Hence, label 'bar' writes to 'foo' without being authorized, and even without ever being known at C. If anybody cares: exactly the same happens with DCCP. This behavior 1st manifested in release 2.6.29.4 (see Fixes below) and it looks unintentional. At least, no explanation was provided. I changed returned packes label into the 'bar', to bring it into line with the Smack documentation claims. | ||||
| CVE-2024-46695 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-05-04 | 4.4 Medium |
| In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashing enabled. The end of the kerneldoc comment for __vfs_setxattr_noperm() states: * This function requires the caller to lock the inode's i_mutex before it * is executed. It also assumes that the caller will make the appropriate * permission checks. nfsd_setattr() does do permissions checking via fh_verify() and nfsd_permission(), but those don't do all the same permissions checks that are done by security_inode_setxattr() and its related LSM hooks do. Since nfsd_setattr() is the only consumer of security_inode_setsecctx(), simplest solution appears to be to replace the call to __vfs_setxattr_noperm() with a call to __vfs_setxattr_locked(). This fixes the above issue and has the added benefit of causing nfsd to recall conflicting delegations on a file when a client tries to change its security label. | ||||
| CVE-2024-21410 | 1 Microsoft | 1 Exchange Server | 2025-05-03 | 9.8 Critical |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | ||||
| CVE-2024-21390 | 1 Microsoft | 1 Authenticator | 2025-05-03 | 7.1 High |
| Microsoft Authenticator Elevation of Privilege Vulnerability | ||||
| CVE-2024-21427 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more | 2025-05-03 | 7.5 High |
| Windows Kerberos Security Feature Bypass Vulnerability | ||||
| CVE-2022-39019 | 1 M-files | 1 Hubshare | 2025-05-02 | 6.3 Medium |
| Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server. | ||||
| CVE-2022-39018 | 1 M-files | 1 Hubshare | 2025-05-02 | 8.2 High |
| Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL. | ||||
| CVE-2025-46631 | 2025-05-02 | 6.5 Medium | ||
| Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a /goform/telnet web request. | ||||
| CVE-2025-46630 | 2025-05-02 | 6.5 Medium | ||
| Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request. | ||||
| CVE-2025-46348 | 2025-05-02 | 10 Critical | ||
| YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated. This could result in a malicious attacker making numerous requests to create archives and fill up the file system, or by downloading the archive which contains sensitive site information. This issue has been patched in version 4.5.4. | ||||