ALERTAS CVE
Common Vulnerabilities and Exposures
O QUE É UMA VULNERABILIDADE?
Uma vulnerabilidade é uma ou mais fraquezas num produto que podem ser exploradas, causando impacto negativo na confidencialidade, integridade ou disponibilidade. Corresponde a um conjunto de condições ou comportamentos que permite a violação de uma política de segurança, seja esta explícita ou implícita.
A sigla CVE significa Common Vulnerabilities and Exposures (Vulnerabilidades e Exposições Comuns). A CVE é um dicionário de identificadores únicos para vulnerabilidades de segurança em software e hardware. Cada identificador CVE é único e serve para rastrear e divulgar informação sobre vulnerabilidades específicas. Estes identificadores facilitam a comunicação e a partilha de informação entre investigadores, empresas de segurança e utilizadores finais, permitindo uma melhor compreensão e mitigação dos riscos de segurança.
- Os identificadores CVE
(CVE IDs) atribuídos através do registo permitem que os intervenientes nos programas identifiquem e correlacionem rapidamente informações sobre vulnerabilidades, ajudando a proteger os sistemas contra ataques. - Os CVE IDs são atribuídos por entidades designadas
(CVE Numbering Authorities – CNAs) , que operam de forma voluntária por organizações participantes.
Estes alertas são fornecidos pela plataforma gratuita https://intel.intruder.io/, que acompanha vulnerabilidades CVE com resumos por IA, níveis de risco, exploits conhecidos e menções nas redes sociais.
| Severidade | CVE | Descrição |
|---|---|---|
| 9.8 CRITICAL | CVE-2026-1340 | Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability |
| 7.8 HIGH | CVE-2026-3502 | TrueConf Client Download of Code Without Integrity Check Vulnerability |
| 9.1 CRITICAL | CVE-2026-35616 | Fortinet FortiClient EMS Improper Access Control Vulnerability |
| 9.3 CRITICAL | CVE-2026-3055 | Citrix NetScaler Out-of-Bounds Read Vulnerability |
| 9.8 CRITICAL | CVE-2025-53521 | F5 BIG-IP Remote Code Execution Vulnerability |
| 9.4 CRITICAL | CVE-2026-33634 | Aqua Security Trivy Embedded Malicious Code Vulnerability |
| 9.8 CRITICAL | CVE-2017-7921 | Hikvision Multiple Products Improper Authentication Vulnerability |
| 9.8 CRITICAL | CVE-2021-22681 | Rockwell Multiple Products Insufficient Protected Credentials Vulnerability |
| 7.8 HIGH | CVE-2021-30952 | Apple Multiple Products Integer Overflow or Wraparound Vulnerability |
| 7.8 HIGH | CVE-2023-41974 | Apple iOS and iPadOS Use-After-Free Vulnerability |
| 8.8 HIGH | CVE-2023-43000 | Apple Multiple products Use-After-Free Vulnerability |
| 9.3 CRITICAL | CVE-2026-33017 | Langflow Code Injection Vulnerability |
| 10.0 CRITICAL | CVE-2026-20131 | Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability |
| 8.8 HIGH | CVE-2026-20963 | Microsoft SharePoint Deserialization of Untrusted Data Vulnerability |
| 9.8 CRITICAL | CVE-2025-26399 | SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability |
| 8.6 HIGH | CVE-2026-1603 | Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability |
| 7.2 HIGH | CVE-2025-66376 | Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability |
| 4.3 MEDIUM | CVE-2025-47813 | Wing FTP Server Information Disclosure Vulnerability |
| 10.0 CRITICAL | CVE-2025-68613 | n8n Improper Control of Dynamically-Managed Code Resources Vulnerability |
| 7.8 HIGH | CVE-2026-21385 | Qualcomm Multiple Chipsets Memory Corruption Vulnerability |
| 8.1 HIGH | CVE-2026-22719 | Broadcom VMware Aria Operations Command Injection Vulnerability |
| 8.7 HIGH | CVE-2026-25108 | Soliton Systems K.K. FileZen OS Command Injection Vulnerability |
| 9.9 CRITICAL | CVE-2025-49113 | RoundCube Webmail Deserialization of Untrusted Data Vulnerability |
| 7.5 HIGH | CVE-2021-22054 | Omnissa Workspace ONE Server-Side Request Forgery |
| 7.2 HIGH | CVE-2025-68461 | RoundCube Webmail Cross-site Scripting Vulnerability |
| 6.8 MEDIUM | CVE-2021-22175 | GitLab Server-Side Request Forgery (SSRF) Vulnerability |
| 10.0 CRITICAL | CVE-2026-22769 | Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability |
| 8.8 HIGH | CVE-2008-0015 | Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability |
| 9.8 CRITICAL | CVE-2020-7796 | Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability |
| 7.2 HIGH | CVE-2024-7694 | TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability |
| 8.8 HIGH | CVE-2026-2441 | Google Chromium CSS Use-After-Free Vulnerability |
| 9.9 CRITICAL | CVE-2026-1731 | BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability |
| 9.8 CRITICAL | CVE-2024-43468 | Microsoft Configuration Manager SQL Injection Vulnerability |
| 7.7 HIGH | CVE-2025-15556 | Notepad++ Download of Code Without Integrity Check Vulnerability |
| 8.1 HIGH | CVE-2025-40536 | SolarWinds Web Help Desk Security Control Bypass Vulnerability |
| 7.8 HIGH | CVE-2026-20700 | Apple Multiple Buffer Overflow Vulnerability |
| 8.8 HIGH | CVE-2026-21510 | Microsoft Windows Shell Protection Mechanism Failure Vulnerability |
| 8.8 HIGH | CVE-2026-21513 | Microsoft MSHTML Framework Security Feature Bypass Vulnerability |
| 7.8 HIGH | CVE-2026-21514 | Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability |
| 7.8 HIGH | CVE-2026-21519 | Microsoft Windows Type Confusion Vulnerability |
| 6.2 MEDIUM | CVE-2026-21525 | Microsoft Windows NULL Pointer Dereference Vulnerability |
| 7.8 HIGH | CVE-2026-21533 | Windows Remote Desktop Services Elevation of Privilege Vulnerability |
| 9.8 CRITICAL | CVE-2025-11953 | React Native Community CLI OS Command Injection Vulnerability |
| 9.3 CRITICAL | CVE-2026-24423 | SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability |
| 9.8 CRITICAL | CVE-2019-19006 | Sangoma FreePBX Improper Authentication Vulnerability |
| 6.8 MEDIUM | CVE-2021-39935 | GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability |
| 9.8 CRITICAL | CVE-2025-40551 | SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability |
| 8.6 HIGH | CVE-2025-64328 | Sangoma FreePBX OS Command Injection Vulnerability |
| 9.8 CRITICAL | CVE-2026-1281 | Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability |
| 9.4 CRITICAL | CVE-2026-24858 | Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability |
| 7.8 HIGH | CVE-2018-14634 | Linux Kernel Integer Overflow Vulnerability |
| 10.0 CRITICAL | CVE-2025-52691 | SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability |
| 7.8 HIGH | CVE-2026-21509 | Microsoft Office Security Feature Bypass Vulnerability |
| 9.3 CRITICAL | CVE-2026-23760 | SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability |
| 9.8 CRITICAL | CVE-2026-24061 | GNU InetUtils Argument Injection Vulnerability |
| 8.2 HIGH | CVE-2026-20045 | Cisco Unified Communications Products Code Injection Vulnerability |
| 10.0 CRITICAL | CVE-2025-37164 | HPE OneView Code Injection Vulnerability |
| 5.5 MEDIUM | CVE-2026-20805 | Microsoft Windows Information Disclosure Vulnerability |
| 9.8 CRITICAL | CVE-2024-37079 | Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability |
| 5.3 MEDIUM | CVE-2025-31125 | Vite Vitejs Improper Access Control Vulnerability |
| 9.2 CRITICAL | CVE-2025-34026 | Versa Concerto Improper Authentication Vulnerability |
| 7.5 HIGH | CVE-2025-54313 | Prettier eslint-config-prettier Embedded Malicious Code Vulnerability |
| 9.8 CRITICAL | CVE-2024-6047 | GeoVision Devices OS Command Injection Vulnerability |
| 9.8 CRITICAL | CVE-2024-11120 | GeoVision Devices OS Command Injection Vulnerability |
| 8.1 HIGH | CVE-2025-27363 | FreeType Out-of-Bounds Write Vulnerability |
| 9.8 CRITICAL | CVE-2025-3248 | Langflow Missing Authentication Vulnerability |
| 10.0 CRITICAL | CVE-2025-34028 | Commvault Command Center Path Traversal Vulnerability |
| 9.0 CRITICAL | CVE-2024-58136 | Yiiframework Yii Improper Protection of Alternate Path Vulnerability |
| 7.5 HIGH | CVE-2024-21287 | Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability |
| 10.0 CRITICAL | CVE-2024-1212 | Progress Kemp LoadMaster OS Command Injection Vulnerability |
| 9.3 CRITICAL | CVE-2024-0012 | Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability |
| 6.9 MEDIUM | CVE-2024-9474 | Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability |
| 9.9 CRITICAL | CVE-2024-9463 | Palo Alto Networks Expedition OS Command Injection Vulnerability |
| 9.2 CRITICAL | CVE-2024-9465 | Palo Alto Networks Expedition SQL Injection Vulnerability |
| 8.6 HIGH | CVE-2025-1976 | Broadcom Brocade Fabric OS Code Injection Vulnerability |
| 9.8 CRITICAL | CVE-2025-42599 | Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability |
| 8.7 HIGH | CVE-2025-3928 | Commvault Web Server Unspecified Vulnerability |
| 9.0 CRITICAL | CVE-2025-30406 | Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability |
| 7.8 HIGH | CVE-2025-29824 | Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability |
| 9.8 CRITICAL | CVE-2025-31161 | CrushFTP Authentication Bypass Vulnerability |
| 9.8 CRITICAL | CVE-2024-20439 | Cisco Smart Licensing Utility Static Credential Vulnerability |
| 10.0 CRITICAL | CVE-2025-31324 | SAP NetWeaver Unrestricted File Upload Vulnerability |
| 9.1 CRITICAL | CVE-2025-29927 | is an authorization bypass vulnerability affecting Next.js, a React framework. |
| 9.8 CRITICAL | CVE-2025-1974 | is a vulnerability within the Ingress NGINX Controller for Kubernetes, specifically affecting the admission controller component. |
| 8.8 HIGH | CVE-2025-24514 | is one of several critical vulnerabilities collectively named "IngressNightmare" found in the Ingress NGINX Controller for Kubernetes. |
| 8.8 HIGH | CVE-2025-1098 | is one of five critical vulnerabilities disclosed in the Ingress NGINX Controller for Kubernetes. |
| 8.8 HIGH | CVE-2025-1097 | is a security vulnerability found in the ingress-nginx controller for Kubernetes. |
| 4.8 MEDIUM | CVE-2025-24513 | is a security vulnerability found in the ingress-nginx component of Kubernetes. |
| 8.8 HIGH | CVE-2024-12695 | is an out-of-bounds write vulnerability found in the V8 JavaScript engine of Google Chrome versions prior to 131.0.6778.204. |
| 8.6 HIGH | CVE-2025-30154 | refers to a security vulnerability found in the reviewdog/action-setup GitHub Action. |
| 9.3 CRITICAL | CVE-2025-1316 | Edimax IC-7100 IP Camera OS Command Injection Vulnerability |
| 8.6 HIGH | CVE-2024-48248 | NAKIVO Backup and Replication Absolute Path Traversal Vulnerability |
| 8.1 HIGH | CVE-2025-24472 | Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability |
| 8.6 HIGH | CVE-2025-30066 | tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability |
| 6.7 MEDIUM | CVE-2025-21590 | Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability |
| 7.0 HIGH | CVE-2025-24983 | Microsoft Windows Win32k Use-After-Free Vulnerability |
| 4.6 MEDIUM | CVE-2025-24984 | Microsoft Windows NTFS Information Disclosure Vulnerability |
| 7.8 HIGH | CVE-2025-24985 | Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability |
| 5.5 MEDIUM | CVE-2025-24991 | Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability |
| 7.8 HIGH | CVE-2025-24993 | Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability |
| 7.0 HIGH | CVE-2025-26633 | Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability |
| 5.8 MEDIUM | CVE-2025-25181 | Advantive VeraCore SQL Injection Vulnerability |
| 9.9 CRITICAL | CVE-2024-57968 | Advantive VeraCore Unrestricted File Upload Vulnerability |
| 9.8 CRITICAL | CVE-2024-13159 | Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability |
| 9.8 CRITICAL | CVE-2024-13160 | Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability |
| 9.8 CRITICAL | CVE-2024-13161 | Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability |
| 8.2 HIGH | CVE-2025-22225 | VMware ESXi Arbitrary Write Vulnerability |
| 9.3 CRITICAL | CVE-2025-22224 | VMware ESXi and Workstation TOCTOU Race Condition Vulnerability |
| 7.1 HIGH | CVE-2025-22226 | VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability |
| 8.7 HIGH | CVE-2024-49035 | Microsoft Partner Center Improper Access Control Vulnerability |
| 8.8 HIGH | CVE-2024-20953 | Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability |
| 7.1 HIGH | CVE-2025-0111 | Palo Alto Networks PAN-OS File Read Vulnerability |
| 8.1 HIGH | CVE-2025-23209 | Craft CMS Code Injection Vulnerability |
| 8.8 HIGH | CVE-2025-0108 | Palo Alto PAN-OS Authentication Bypass Vulnerability |
| 8.8 HIGH | CVE-2024-40891 | Zyxel DSL CPE OS Command Injection Vulnerability |
| 8.8 HIGH | CVE-2024-40890 | Zyxel DSL CPE OS Command Injection Vulnerability |
| 7.8 HIGH | CVE-2025-21418 | Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability |
| 7.1 HIGH | CVE-2025-21391 | Microsoft Windows Storage Link Following Vulnerability |
| 7.5 HIGH | CVE-2024-29059 | Microsoft .NET Framework Information Disclosure Vulnerability |
| 7.0 HIGH | CVE-2025-0411 | 7-Zip Mark of the Web Bypass Vulnerability |
| 9.8 CRITICAL | CVE-2024-21413 | Microsoft Outlook Improper Input Validation Vulnerability |
| 8.6 HIGH | CVE-2025-0994 | Trimble Cityworks Deserialization Vulnerability |
| 10.0 CRITICAL | CVE-2024-50603 | Aviatrix Controllers OS Command Injection Vulnerability |
| 6.9 MEDIUM | CVE-2020-11023 | JQuery Cross-Site Scripting (XSS) Vulnerability |
| 6.6 MEDIUM | CVE-2024-12686 | BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability |
| 9.6 CRITICAL | CVE-2024-48365 | Qlik Sense HTTP Tunneling Vulnerability |
| 9.0 CRITICAL | CVE-2025-0282 | Ivanti Connect Secure Vulnerability |
| 7.4 HIGH | CVE-2024-20767 | Adobe ColdFusion Improper Access Control Vulnerability |
| 7.8 HIGH | CVE-2024-35250 | Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability |
| 10.0 CRITICAL | CVE-2024-51378 | CyberPanel Incorrect Default Permissions Vulnerability |
| 9.8 CRITICAL | CVE-2020-2883 | Oracle WebLogic Server Unspecified Vulnerability |
| 8.7 HIGH | CVE-2024-3393 | Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability |
| 9.8 CRITICAL | CVE-2024-12356 | BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability |
| 9.1 CRITICAL | CVE-2021-40407 | Reolink RLC-410W IP Camera OS Command Injection Vulnerability |
| 7.8 HIGH | CVE-2024-49138 | Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability |
| 9.8 CRITICAL | CVE-2024-11680 | ProjectSend Improper Authentication Vulnerability |
| 7.5 HIGH | CVE-2024-11667 | Zyxel Multiple Firewalls Path Traversal Vulnerability |
| 9.8 CRITICAL | CVE-2024-38812 | VMware vCenter Server Heap-Based Buffer Overflow Vulnerability |
| 7.5 HIGH | CVE-2024-38813 | VMware vCenter Server Privilege Escalation Vulnerability |
| 7.8 HIGH | CVE-2024-48990 | A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable |
| 7.8 HIGH | CVE-2024-48991 | A vulnerability that allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter |
| 7.8 HIGH | CVE-2024-48992 | A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable |
| 7.8 HIGH | CVE-2024-11003 | A vulnerability that allows local attackers to execute arbitrary shell commands as root by taking advantage of an issue in the libmodule-scandeps-perl package (before version 1.36) |
| 9.8 CRITICAL | CVE-2024-43639 | Windows Kerberos Remote Code Execution Vulnerability |
| 7.5 HIGH | CVE-2024-49040 | Microsoft Exchange Server Spoofing Vulnerability |
| 8.1 HIGH | CVE-2024-43625 | HyperV VMSwitch Elevation of Privilege Vulnerability |
| 6.5 MEDIUM | CVE-2024-43451 | NTLM Hash Disclosure Spoofing Vulnerability |
| 8.8 HIGH | CVE-2024-49039 | Windows Task Scheduler Elevation of Privilege Vulnerability |
| 7.8 HIGH | CVE-2024-49019 | Active Directory Certificate Services Elevation of Privilege Vulnerability |
| 9.8 CRITICAL | CVE-2024-43498 | NET and Visual Studio Remote Code Execution Vulnerability |
| 9.9 CRITICAL | CVE-2024-43602 | Azure CycleCloud Remote Code Execution Vulnerability |
| 10.0 CRITICAL | CVE-2021-41277 | Metabase GeoJSON API Local File Inclusion Vulnerability |
| 6.5 MEDIUM | CVE-2024-43451 | Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability |
| 8.8 HIGH | CVE-2024-49039 | Microsoft Windows Task Scheduler Privilege Escalation Vulnerability |
| 10.0 CRITICAL | CVE-2024-51567 | CyberPanel Incorrect Default Permissions Vulnerability |
| 9.3 CRITICAL | CVE-2024-5910 | Palo Alto Expedition Missing Authentication Vulnerability |
| 7.2 HIGH | CVE-2024-8957 | PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability |
| 9.1 CRITICAL | CVE-2024-8956 | PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability |
| 5.8 MEDIUM | CVE-2024-20481 | Cisco ASA and FTD Denial-of-Service Vulnerability |
| 9.8 CRITICAL | CVE-2024-47575 | Fortinet FortiManager Missing Authentication Vulnerability |
| 7.2 HIGH | CVE-2024-38094 | Microsoft SharePoint Deserialization Vulnerability |
| 9.8 CRITICAL | CVE-2024-9537 | ScienceLogic SL1 Unspecified Vulnerability |
| 9.8 CRITICAL | CVE-2024-40711 | Veeam Backup and Replication Deserialization Vulnerability |
| 7.0 HIGH | CVE-2024-30088 | Microsoft Windows Kernel TOCTOU Race Condition Vulnerability |
| 9.1 CRITICAL | CVE-2024-28987 | SolarWinds Web Help Desk Hardcoded Credential Vulnerability |
| 9.8 CRITICAL | CVE-2024-23113 | Fortinet Multiple Products Format String Vulnerability |
| 6.5 MEDIUM | CVE-2024-9379 | Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability |
| 7.2 HIGH | CVE-2024-9380 | Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability |
| 7.8 HIGH | CVE-2024-43047 | Qualcomm Multiple Chipsets Use-After-Free Vulnerability |
| 7.8 HIGH | CVE-2024-43572 | Microsoft Windows Management Console Remote Code Execution Vulnerability |
| 6.5 MEDIUM | CVE-2024-43573 | Microsoft Windows MSHTML Platform Spoofing Vulnerability |
| 10.0 CRITICAL | CVE-2024-45519 | Synacor Zimbra Collaboration Command Execution Vulnerability |
| 9.6 CRITICAL | CVE-2024-29824 | Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability |
| 5.8 MEDIUM | CVE-2021-4043 | Motion Spell GPAC Null Pointer Dereference Vulnerability |
| 9.8 CRITICAL | CVE-2024-7593 | Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability |
| 9.4 CRITICAL | CVE-2024-8963 | Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability |
| 9.8 CRITICAL | CVE-2024-27348 | Apache HugeGraph-Server Improper Access Control Vulnerability |
| 8.8 HIGH | CVE-2020-0618 | Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability |
| 7.8 HIGH | CVE-2019-1069 | Microsoft Windows Task Scheduler Privilege Escalation Vulnerability |
| 9.8 CRITICAL | CVE-2022-21445 | Oracle JDeveloper Remote Code Execution Vulnerability |
| 9.8 CRITICAL | CVE-2020-14644 | Oracle WebLogic Server Remote Code Execution Vulnerability |
| 10.0 CRITICAL | CVE-2014-0497 | Adobe Flash Player Integer Underflow Vulnerability |
| 9.3 CRITICAL | CVE-2013-0643 | Adobe Flash Player Incorrect Default Permissions Vulnerability |
| 9.3 CRITICAL | CVE-2013-0648 | Adobe Flash Player Code Execution Vulnerability |
| 10.0 CRITICAL | CVE-2014-0502 | Adobe Flash Player Double Free Vulnerability |
| 8.8 HIGH | CVE-2024-43461 | Microsoft Windows MSHTML Platform Spoofing Vulnerability |
| 9.8 CRITICAL | CVE-2024-6670 | Progress WhatsUp Gold SQL Injection Vulnerability |
| 7.2 HIGH | CVE-2024-8190 | Ivanti Cloud Services Appliance OS Command Injection Vulnerability |
| 7.3 HIGH | CVE-2024-38226 | Microsoft Publisher Security Feature Bypass Vulnerability |
| 9.8 CRITICAL | CVE-2024-43491 | Microsoft Windows Update Remote Code Execution Vulnerability |
| 7.8 HIGH | CVE-2024-38014 | Microsoft Windows Installer Privilege Escalation Vulnerability |
| 5.4 MEDIUM | CVE-2024-38217 | Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability |
| 7.8 HIGH | CVE-2017-1000253 | Linux Kernel PIE Stack Buffer Corruption Vulnerability |
| 9.8 CRITICAL | CVE-2024-40766 | SonicWall SonicOS Improper Access Control Vulnerability |
| 9.2 CRITICAL | CVE-2024-7262 | Kingsoft WPS Office Path Traversal Vulnerability |
| 8.8 HIGH | CVE-2024-7965 | Google Chromium V8 Inappropriate Implementation Vulnerability |
| 8.8 HIGH | CVE-2024-7971 | Google Chromium V8 Type Confusion Vulnerability |
| 7.8 HIGH | CVE-2024-4610 | ARM Mali GPU Kernel Driver Use-After-Free Vulnerability |
| 9.8 CRITICAL | CVE-2024-4577 | PHP-CGI OS Command Injection Vulnerability |
| 8.6 HIGH | CVE-2024-24919 | Check Point Quantum Security Gateways Information Disclosure Vulnerability |
| 7.8 HIGH | CVE-2024-1086 | Linux Kernel Use-After-Free Vulnerability |
| 8.7 HIGH | CVE-2024-4978 | Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability |
| 9.8 CRITICAL | CVE-2024-38856 | Apache OFBiz Incorrect Authorization Vulnerability |
| 8.4 HIGH | CVE-2022-0185 | Linux Kernel Heap-Based Buffer Overflow |
| 8.8 HIGH | CVE-2024-38189 | Microsoft Project Remote Code Execution Vulnerability |
| 7.8 HIGH | CVE-2024-38178 | Microsoft Windows Scripting Engine Memory Corruption Vulnerability |
| 6.5 MEDIUM | CVE-2024-38213 | Microsoft Windows SmartScreen Security Feature Bypass Vulnerability |
| 7.8 HIGH | CVE-2024-38193 | Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability |
| 7.0 HIGH | CVE-2024-38106 | Microsoft Windows Kernel Privilege Escalation Vulnerability |
| 7.8 HIGH | CVE-2024-38107 | Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability |
| 9.3 CRITICAL | CVE-2024-4879 | ServiceNow Improper Input Validation Vulnerability |
| 9.2 CRITICAL | CVE-2024-5217 | ServiceNow Incomplete List of Disallowed Inputs Vulnerability |
| 5.3 MEDIUM | CVE-2024-39891 | Twilio Authy Information Disclosure Vulnerability |
| 9.2 CRITICAL | CVE-2024-36401 | OSGeo GeoServer GeoTools Eval Injection Vulnerability |
| 7.8 HIGH | CVE-2024-38080 | Microsoft Windows Hyper-V Privilege Escalation Vulnerability |
| 7.5 HIGH | CVE-2024-38112 | Microsoft Windows MSHTML Platform Spoofing Vulnerability |
| 7.8 HIGH | CVE-2022-2586 | Linux Kernel Use-After-Free Vulnerability |
| 9.8 CRITICAL | CVE-2024-4358 | Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability |
| 8.8 HIGH | CVE-2024-4761 | Google Chromium V8 Out-of-Bounds Memory Write Vulnerability |
| 8.8 HIGH | CVE-2024-4947 | Google Chromium V8 Type Confusion Vulnerability |
| 9.6 CRITICAL | CVE-2024-4671 | Google Chromium in Visuals Use-After-Free Vulnerability |
| 10.0 CRITICAL | CVE-2024-4040 | CrushFTP VFS Sandbox Escape Vulnerability |
| 10.0 CRITICAL | CVE-2024-1709 | ConnectWise ScreenConnect Authentication Bypass Vulnerability |
| 7.5 HIGH | CVE-2024-21351 | Windows SmartScreen Security Feature Bypass Vulnerability |
| 8.1 HIGH | CVE-2024-21412 | Internet Shortcut Files Security Feature Bypass Vulnerability |
| 10.0 CRITICAL | CVE-2023-22527 | Atlassian Confluence Data Center and Server Template Injection Vulnerability |
| 9.8 CRITICAL | CVE-2021-33044 | Dahua IP Camera Authentication Bypass Vulnerability |
| 9.8 CRITICAL | CVE-2021-33045 | Dahua IP Camera Authentication Bypass Vulnerability |
| 7.2 HIGH | CVE-2021-31196 | Microsoft Exchange Server Information Disclosure Vulnerability |
| 9.8 CRITICAL | CVE-2024-23897 | Jenkins Command Line Interface (CLI) Path Traversal Vulnerability |
| 9.8 CRITICAL | CVE-2024-28986 | SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability |
| 7.2 HIGH | CVE-2024-36971 | Android Kernel Remote Code Execution Vulnerability |
| 9.8 CRITICAL | CVE-2024-32113 | Apache OFBiz Path Traversal Vulnerability |
| 9.8 CRITICAL | CVE-2023-45249 | Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability |
| 8.8 HIGH | CVE-2012-4792 | Microsoft Internet Explorer Use-After-Free Vulnerability |
| 9.8 CRITICAL | CVE-2024-34102 | Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability |
| 8.6 HIGH | CVE-2024-28995 | SolarWinds Serv-U Path Traversal Vulnerability |
| 6.5 MEDIUM | CVE-2022-22948 | VMware vCenter Server Incorrect Default File Permissions Vulnerability |
| 9.8 CRITICAL | CVE-2024-23692 | Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability |
| 6.0 MEDIUM | CVE-2024-20399 | Cisco NX-OS Command Injection Vulnerability |
| 10.0 CRITICAL | CVE-2022-24816 | GeoSolutionsGroup JAI-EXT Code Injection Vulnerability |
| 6.1 MEDIUM | CVE-2020-13965 | Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability |
| 7.8 HIGH | CVE-2024-32896 | Android Pixel Privilege Escalation Vulnerability |
| 7.8 HIGH | CVE-2024-26169 | Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability |
| 7.4 HIGH | CVE-2017-3506 | Oracle WebLogic Server OS Command Injection Vulnerability |
| 8.8 HIGH | CVE-2014-100005 | D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability |
| 7.5 HIGH | CVE-2021-40655 | D-Link DIR-605 Router Information Disclosure Vulnerability |
| 9.8 CRITICAL | CVE-2023-43208 | NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability |
| 8.8 HIGH | CVE-2014-100005 | D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability |
| 7.5 HIGH | CVE-2021-40655 | D-Link DIR-605 Router Information Disclosure Vulnerability |
| 7.8 HIGH | CVE-2024-30051 | Microsoft DWM Core Library Privilege Escalation Vulnerability |
| 8.8 HIGH | CVE-2024-30040 | Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability |
| 10.0 CRITICAL | CVE-2023-7028 | GitLab Community and Enterprise Editions Improper Access Control Vulnerability |
| 8.8 HIGH | CVE-2024-29988 | Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability |
| 8.6 HIGH | CVE-2024-20353 | Cisco ASA and FTD Denial of Service Vulnerability |
| 6.0 MEDIUM | CVE-2024-20359 | Cisco ASA and FTD Privilege Escalation Vulnerability |
| 7.8 HIGH | CVE-2022-38028 | Microsoft Windows Print Spooler Privilege Escalation Vulnerability |
| 10.0 CRITICAL | CVE-2024-3400 | Palo Alto Networks PAN-OS Command Injection Vulnerability |
| 9.8 CRITICAL | CVE-2024-3272 | D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability |
| 7.3 HIGH | CVE-2024-3273 | D-Link Multiple NAS Devices Command Injection Vulnerability |
| 5.5 MEDIUM | CVE-2024-29745 | Android Pixel Information Disclosure Vulnerability |
| 7.8 MEDIUM | CVE-2024-29748 | Android Pixel Privilege Escalation Vulnerability |
| 8.4 HIGH | CVE-2023-29360 | Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability |
| 7.2 HIGH | CVE-2023-24955 | Microsoft SharePoint Server Code Injection Vulnerability |
| 9.8 CRITICAL | CVE-2023-48788 | Fortinet FortiClient EMS SQL Injection Vulnerability |
| 9.8 CRITICAL | CVE-2021-44529 | Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability |
| 9.8 CRITICAL | CVE-2019-7256 | Nice Linear eMerge E3-Series OS Command Injection Vulnerability |
| 9.9 CRITICAL | CVE-2023-46808 | (Authenticated Remote File Write) for Ivanti Neurons for ITSM |
| 8.8 HIGH | CVE-2023-41724 | (Remote Code Execution) for Ivanti Standalone Sentry |
| 9.8 CRITICAL | CVE-2024-27198 | JetBrains TeamCity Authentication Bypass Vulnerability |
| 7.8 HIGH | CVE-2024-23225 | Apple iOS and iPadOS Memory Corruption Vulnerability |
| 7.8 HIGH | CVE-2024-23296 | Apple iOS and iPadOS Memory Corruption Vulnerability |
| 5.5 MEDIUM | CVE-2023-21237 | Android Pixel Information Disclosure Vulnerability |
| 9.8 CRITICAL | CVE-2021-36380 | Sunhillo SureLine OS Command Injection Vulnerablity |
| 7.8 HIGH | CVE-2024-21338 | Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability |
| 7.5 HIGH | CVE-2020-3259 | Cisco ASA and FTD Information Disclosure Vulnerability |
| 9.8 CRITICAL | CVE-2024-21410 | Microsoft Exchange Server Privilege Escalation Vulnerability |
| 6.1 MEDIUM | CVE-2023-43770 | Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability |
| 8.2 HIGH | CVE-2023-6549 | Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability |
| 5.5 MEDIUM | CVE-2023-6548 | Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability |
| 8.8 HIGH | CVE-2024-0519 | Google Chromium V8 Out-of-Bounds Memory Access Vulnerability |
| 9.8 CRITICAL | CVE-2023-35082 | Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability |
| 8.1 HIGH | CVE-2024-21412 | Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability |
| 7.6 HIGH | CVE-2024-21351 | Microsoft Windows SmartScreen Security Feature Bypass Vulnerability |
| 9.8 CRITICAL | CVE-2024-21762 | Fortinet FortiOS Out-of-Bound Write Vulnerability |
| 8.8 HIGH | CVE-2023-4762 | Google Chromium V8 Type Confusion Vulnerability |
| 9.8 CRITICAL | CVE-2023-34048 | VMware vCenter Server Out-of-Bounds Write Vulnerability |
| 9.1 CRITICAL | CVE-2024-21887 | Ivanti Connect Secure and Policy Secure Command Injection Vulnerability |
| 7.8 HIGH | CVE-2023-7101 | Spreadsheet::ParseExcel Remote Code Execution Vulnerability |
| 8.8 HIGH | CVE-2023-7024 | Google Chromium WebRTC Heap Buffer Overflow Vulnerability |
| 8.8 HIGH | CVE-2023-5217 | Google Chrome libvpx Heap Buffer Overflow Vulnerability |
| 9.8 CRITICAL | CVE-2023-47246 | SysAid Server Path Traversal Vulnerability |
| 8.2 HIGH | CVE-2023-46805 | Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability |
| 8.8 HIGH | CVE-2023-46748 | F5 BIG-IP SQL Injection Vulnerability |
| 9.8 CRITICAL | CVE-2023-46747 | F5 BIG-IP Authentication Bypass Vulnerability |
| 10.0 CRITICAL | CVE-2023-46604 | Apache ActiveMQ Deserialization of Untrusted Data Vulnerability |
| 7.5 HIGH | CVE-2023-44487 | HTTP/2 Rapid Reset Attack Vulnerability |
| 6.5 MEDIUM | CVE-2023-42916 | Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability |
| 5.5 MEDIUM | CVE-2023-4211 | Arm Mali GPU Kernel Driver Use-After-Free Vulnerability |
| 8.8 HIGH | CVE-2023-41993 | Apple Multiple Products WebKit Code Execution Vulnerability |
| 7.8 HIGH | CVE-2023-41992 | Apple Multiple Products Kernel Privilege Escalation Vulnerability |
| 5.5 MEDIUM | CVE-2023-41991 | Apple Multiple Products Improper Certificate Validation Vulnerability |
| 7.8 HIGH | CVE-2023-41990 | Apple Multiple Products Code Execution Vulnerability |
| 5.3 MEDIUM | CVE-2023-41763 | Microsoft Skype for Business Privilege Escalation Vulnerability |
| 5.3 MEDIUM | CVE-2023-41721 | UniFi Network Application |
| 7.8 HIGH | CVE-2023-38831 | RARLAB WinRAR Code Execution Vulnerability |
| 9.8 CRITICAL | CVE-2023-38203 | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability |
| 9.8 CRITICAL | CVE-2023-38035 | Ivanti Sentry Authentication Bypass Vulnerability |
| 7.5 HIGH | CVE-2023-36884 | Microsoft Office and Windows HTML Remote Code Execution Vulnerability |
| 7.8 HIGH | CVE-2023-36874 | Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability |
| 5.3 MEDIUM | CVE-2023-36851 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
| 5.3 MEDIUM | CVE-2023-36846 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
| 9.8 CRITICAL | CVE-2023-36845 | Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability |
| 5.3 MEDIUM | CVE-2023-36844 | Juniper Junos OS EX Series PHP External Variable Modification Vulnerability |
| 7.8 HIGH | CVE-2023-36802 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability |
| 6.5 MEDIUM | CVE-2023-36761 | Microsoft Word Information Disclosure Vulnerability |
| 7.8 HIGH | CVE-2023-36631 | Lack of access control in wfc.exe in Malwarebytes Binisoft |
| 6.5 MEDIUM | CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability |
| 9.6 CRITICAL | CVE-2023-36019 | Microsoft Power Platform Connector Spoofing Vulnerability |
| 5.3 MEDIUM | CVE-2023-36012 | DHCP Server Service Information Disclosure Vulnerability |
| 7.5 HIGH | CVE-2023-35643 | DHCP Server Service Information Disclosure Vulnerability |
| 8.1 HIGH | CVE-2023-35628 | Windows MSHTML Platform Remote Code Execution Vulnerability |
| 8.8 HIGH | CVE-2023-35630 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
| 6.5 MEDIUM | CVE-2023-35636 | Microsoft Outlook Information Disclosure Vulnerability |
| 8.8 HIGH | CVE-2023-35639 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| 8.8 HIGH | CVE-2023-35641 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
| 6.5 MEDIUM | CVE-2023-35642 | Internet Connection Sharing (ICS) Denial-of-Service Vulnerability |
| 9.6 CRITICAL | CVE-2023-36019 | Microsoft Power Platform Connector Spoofing Vulnerability |
| 7.5 HIGH | CVE-2023-35638 | DHCP Server Service Denial-of-Service Vulnerability |
| 7.5 HIGH | CVE-2023-35643 | DHCP Server Service Information Disclosure Vulnerability |
| 5.3 MEDIUM | CVE-2023-36012 | DHCP Server Service Information Disclosure Vulnerability |
| 9.8 CRITICAL | CVE-2023-47246 | SysAid Server Path Traversal Vulnerability |
| 5.3 MEDIUM | CVE-2023-36844 | Juniper Junos OS EX Series PHP External Variable Modification Vulnerability |
| 9.8 CRITICAL | CVE-2023-36845 | Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability |
| 5.3 MEDIUM | CVE-2023-36846 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
| 5.3 MEDIUM | CVE-2023-36851 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
| 7.5 HIGH | CVE-2023-29552 | Service Location Protocol (SLP) Denial-of-Service Vulnerability |
| 10.0 CRITICAL | CVE-2023-22518 | Atlassian Confluence Data Center and Server Improper Authorization Vulnerability |
| 10.0 CRITICAL | CVE-2023-46604 | Apache ActiveMQ Deserialization of Untrusted Data Vulnerability |
| 9.8 CRITICAL | CVE-2023-46747 | F5 BIG-IP Authentication Bypass Vulnerability |
| 8.8 HIGH | CVE-2023-46748 | F5 BIG-IP SQL Injection Vulnerability |
| 5.5 MEDIUM | CVE-2023-4211 | Arm Mali GPU Kernel Driver Use-After-Free Vulnerability |
| 10.0 CRITICAL | CVE-2023-20198 | Cisco IOS XE Web UI Privilege Escalation Vulnerability |
| 10.0 CRITICAL | CVE-2023-41721 | UniFi Network Application |
| 7.8 HIGH | CVE-2023-21608 | Adobe Acrobat and Reader Use-After-Free Vulnerability |
| 6.6 MEDIUM | CVE-2023-20109 | Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability |
| 5.3 MEDIUM | CVE-2023-41763 | Microsoft Skype for Business Privilege Escalation Vulnerability |
| 6.5 MEDIUM | CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability |
| 7.5 HIGH | CVE-2023-44487 | HTTP/2 Rapid Reset Attack Vulnerability |
| 8.8 HIGH | CVE-2023-5217 | Google Chrome libvpx Heap Buffer Overflow Vulnerability |
| 5.5 MEDIUM | CVE-2023-41991 | Apple Multiple Products Improper Certificate Validation Vulnerability |
| 7.8 HIGH | CVE-2023-41992 | Apple Multiple Products Kernel Privilege Escalation Vulnerability |
| 9.8 CRITICAL | CVE-2023-41993 | Apple Multiple Products WebKit Code Execution Vulnerability |
| 7.8 HIGH | CVE-2023-38831 | RARLAB WinRAR Code Execution Vulnerability |
| 9.8 CRITICAL | CVE-2023-38035 | Ivanti Sentry Authentication Bypass Vulnerability |
| 8.8 HIGH | CVE-2023-36884 | Microsoft Office and Windows HTML Remote Code Execution Vulnerability |
| 7.8 HIGH | CVE-2023-36874 | Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability |
| 7.8 HIGH | CVE-2023-36802 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability |
| 6.2 MEDIUM | CVE-2023-36761 | Microsoft Word Information Disclosure Vulnerability |
| 7.8 HIGH | CVE-2023-36631 | Lack of access control in wfc.exe in Malwarebytes Binisoft |
| 8.8 HIGH | CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability |
| 10.0 CRITICAL | CVE-2023-35078 | Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability |
| 5.4 MEDIUM | CVE-2023-34830 | i-doit Open v24 was discovered to contain a reflected cross-site scripting (XSS) vulnerability |
| 5.3 MEDIUM | CVE-2023-34099 | Shopware is an open source e-commerce software. |
| 9.8 CRITICAL | CVE-2023-33246 | Apache RocketMQ Command Execution Vulnerability |
| 8.8 HIGH | CVE-2023-32049 | Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability |
| 7.8 HIGH | CVE-2023-32046 | Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability |
| 8.8 HIGH | CVE-2023-3079 | Google Chromium V8 Type Confusion Vulnerability |
| 8.8 HIGH | CVE-2023-28434 | MinIO Security Feature Bypass Vulnerability |
| 9.8 CRITICAL | CVE-2023-27997 | Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability |
| 7.5 HIGH | CVE-2023-27532 | Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability |
| 7.8 HIGH | CVE-2023-26369 | Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability |
| 9.8 CRITICAL | CVE-2023-24489 | Citrix Content Collaboration ShareFile Improper Access Control Vulnerability |
| 9.8 CRITICAL | CVE-2023-20887 | VMware Aria Operations for Networks Command Injection Vulnerability |
| 9.8 CRITICAL | CVE-2022-31199 | Netwrix Auditor Insecure Object Deserialization Vulnerability |
| 9.8 CRITICAL | CVE-2022-29303 | SolarView Compact Command Injection Vulnerability |
| 9.8 CRITICAL | CVE-2021-44026 | Roundcube Webmail SQL Injection Vulnerability |
| 5.5 MEDIUM | CVE-2021-25489 | Samsung Mobile Devices Improper Input Validation Vulnerability |
| 7.8 HIGH | CVE-2021-25487 | Samsung Mobile Devices Out-of-Bounds Read Vulnerability |
| 6.4 MEDIUM | CVE-2021-25395 | Samsung Mobile Devices Race Condition Vulnerability |
| 6.4 MEDIUM | CVE-2021-25394 | Samsung Mobile Devices Race Condition Vulnerability |
| 6.7 MEDIUM | CVE-2021-25372 | Samsung Mobile Devices Improper Boundary Check Vulnerability |
| 6.7 MEDIUM | CVE-2021-25371 | Samsung Mobile Devices Unspecified Vulnerability |
| 6.1 MEDIUM | CVE-2020-35730 | Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability |
| 9.8 CRITICAL | CVE-2020-12641 | Roundcube Webmail Remote Code Execution Vulnerability |
| 7.8 HIGH | CVE-2019-20500 | D-Link DWL-2600AP Access Point Command Injection Vulnerability |
| 9.8 CRITICAL | CVE-2019-17621 | D-Link DIR-859 Router Command Execution Vulnerability |
| Severidade | Pontuação de gravidade |
|---|---|
| CRITICAL | 9.0 - 10.0 |
| HIGH | 7.0 - 8.9 |
| MEDIUM | 4.0 - 6.9 |
| LOW | 0.1 - 3.9 |
| NONE | 0.0 |
Copyright © 2017 - 2025 Cyberprotech ® Todos os direitos reservados. O nome e logótipo Cyberprotech são marcas registadas sob o n.º 639923. Cyberprotech Unip. Lda. A utilização deste site implica a aceitação dos nossos Termos de Utilização, Termos de Venda e Política de Privacidade.