Full List

Search

Recent Vulnerabilities

• CVE-2025-4637 • published on May 14, 2025 Divide By Zero vulnerability in davisking dlib allows remote attackers to cause a denial of service via a crafted file. .This issue affects dlib: before 19.24.7.

  ---

• CVE-2025-46786 • published on May 14, 2025 Improper neutralization of special elements in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access.

  ---

• CVE-2025-4664 • published on May 14, 2025 Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  ---

• CVE-2025-46785 • published on May 14, 2025 Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

  ---

• CVE-2025-30668 • published on May 14, 2025 Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.

  ---

• CVE-2025-0130 • published on May 14, 2025 A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this condition will cause the firewall to enter maintenance mode. This issue does not affect Cloud NGFW or Prisma Access.

  ---

• CVE-2025-30667 • published on May 14, 2025 NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

  ---

• CVE-2025-30666 • published on May 14, 2025 NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

  ---

• CVE-2025-30665 • published on May 14, 2025 NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

  ---

• CVE-2025-30664 • published on May 14, 2025 Improper neutralization of special elements in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.

  ---

• CVE-2025-30663 • published on May 14, 2025 Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.

  ---

• CVE-2025-47710 • published on May 14, 2025 Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

  ---

• CVE-2025-47709 • published on May 14, 2025 Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

  ---

• CVE-2025-47708 • published on May 14, 2025 Cross-Site Request Forgery (CSRF) vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Cross Site Request Forgery.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

  ---

• CVE-2025-47707 • published on May 14, 2025 Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

  ---

• CVE-2025-47706 • published on May 14, 2025 Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

  ---

• CVE-2025-47705 • published on May 14, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal IFrame Remove Filter allows Cross-Site Scripting (XSS).This issue affects IFrame Remove Filter: from 0.0.0 before 2.0.5.

  ---

• CVE-2025-47704 • published on May 14, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Klaro Cookie & Consent Management allows Cross-Site Scripting (XSS).This issue affects Klaro Cookie & Consent Management: from 0.0.0 before 3.0.5.

  ---

• CVE-2025-47703 • published on May 14, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.14.

  ---

• CVE-2025-47702 • published on May 14, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting (XSS).This issue affects oEmbed Providers: from 0.0.0 before 2.2.2.

  ---