Total
309452 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-16963 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2025-08-28 | 7.8 High |
| Windows Backup Engine Elevation of Privilege Vulnerability | ||||
| CVE-2020-16962 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2025-08-28 | 7.8 High |
| Windows Backup Engine Elevation of Privilege Vulnerability | ||||
| CVE-2020-16961 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2025-08-28 | 7.8 High |
| Windows Backup Engine Elevation of Privilege Vulnerability | ||||
| CVE-2020-16960 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2025-08-28 | 7.8 High |
| Windows Backup Engine Elevation of Privilege Vulnerability | ||||
| CVE-2020-16959 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2025-08-28 | 7.8 High |
| Windows Backup Engine Elevation of Privilege Vulnerability | ||||
| CVE-2020-16958 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2025-08-28 | 7.8 High |
| Windows Backup Engine Elevation of Privilege Vulnerability | ||||
| CVE-2020-16971 | 1 Microsoft | 1 Azure Sdk For Java | 2025-08-28 | 7.4 High |
| Azure SDK for Java Security Feature Bypass Vulnerability | ||||
| CVE-2025-5068 | 1 Google | 1 Chrome | 2025-08-28 | 8.8 High |
| Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-34158 | 1 Plex | 1 Plex Media Server | 2025-08-28 | 8.5 High |
| Plex Media Server (PMS) 1.41.7.x through 1.42.0.x before 1.42.1 is affected by incorrect resource transfer between spheres. | ||||
| CVE-2025-9140 | 2 51mis, Shanghai Lingdang Information Technology | 2 Lingdang Crm, Lingdang Crm | 2025-08-28 | 6.3 Medium |
| A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Upgrading to version 8.6.5.4 can resolve this issue. The affected component should be upgraded. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+." | ||||
| CVE-2025-30438 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-08-28 | 5.5 Medium |
| This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was started. | ||||
| CVE-2025-1432 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-08-28 | 7.8 High |
| A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-8901 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-28 | 8.8 High |
| Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-8879 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-28 | 8.8 High |
| Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High) | ||||
| CVE-2025-8011 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-28 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-8010 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-28 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-2950 | 1 Ibm | 1 I | 2025-08-28 | 5.4 Medium |
| IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior. | ||||
| CVE-2025-2947 | 1 Ibm | 1 I | 2025-08-28 | 7.2 High |
| IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system. | ||||
| CVE-2024-22314 | 1 Ibm | 1 Storage Defender Resiliency Service | 2025-08-28 | 5.9 Medium |
| IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
| CVE-2024-46528 | 1 Kubesphere | 1 Kubesphere | 2025-08-28 | 4.3 Medium |
| An Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks. | ||||