ECV Exploited Vulnerabilities Catalog LAST UPDATE: 06.07.2025
DATE |
NAME |
INFO |
CWE | |
| 2025-07-22 | TeleMessage | CVE-2025-48927 | TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability: TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI. | CWE-1188 |
| 2025-07-22 | TeleMessage | CVE-2025-48928 | TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability: TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump. | CWE-528 |
| 2025-07-21 | Citrix | CVE-2025-6543 | Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability: Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. | CWE-119 |
| 2025-07-16 | AMI | CVE-2024-54085 | AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability: AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | CWE-290 |
| 2025-07-16 | D-Link | CVE-2024-0769 | D-Link DIR-859 Router Path Traversal Vulnerability: D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Request Handler. Manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml allows for the leakage of session data potentially enabling privilege escalation and unauthorized control of the device. | CWE-22 |
| 2025-07-16 | Fortinet | CVE-2019-6693 | Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability: Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key. | CWE-798 |
| 2025-07-08 | Linux | CVE-2023-0386 | Linux Kernel Improper Ownership Management Vulnerability: Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. | CWE-282 |
|
2025-07-07 |
Apple |
Apple Multiple Products Unspecified Vulnerability: Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via an iCloud Link. |
||
| 2025-07-01 | Microsoft | CVE-2025-33053 | Microsoft Windows External Control of File Name or Path Vulnerability: Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files. | CWE-73 |
| 2025-07-01 | Wazuh | CVE-2025-24016 | Wazuh Server Deserialization of Untrusted Data Vulnerability: Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers. | CWE-502 |
| 2025-06-30 | Erlang | CVE-2025-32433 | Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability: Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially leading to unauthenticated remote code execution (RCE). | CWE-306 |
| 2025-06-26 | CVE-2025-5419 | Google Chromium V8 Out-of-Bounds Read and Write Vulnerability: Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | CWE-787 | |
| 2025-06-24 | Qualcomm | CVE-2025-21479 | Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability: Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. | CWE-863 |
| 2025-06-24 | Qualcomm | CVE-2025-21480 | Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability: Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. | CWE-863 |
| 2025-06-24 | Qualcomm | CVE-2025-27038 | Qualcomm Multiple Chipsets Use-After-Free Vulnerability: Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome. | CWE-416 |
| 2025-06-23 | ConnectWise | CVE-2025-3935 | ConnectWise ScreenConnect Improper Authentication Vulnerability: ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised. | CWE-287 |
| 2025-06-23 | Craft CMS | CVE-2025-35939 | Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability: Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a known local file location on the server. This vulnerability could be chained with CVE-2024-58136 as represented by CVE-2025-32432. | CWE-472 |
| 2025-06-12 | Samsung | CVE-2025-4632 | Samsung MagicINFO 9 Server Path Traversal Vulnerability: Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority. | CWE-22 |
| 2025-06-09 | Srimax | CVE-2025-27920 | Srimax Output Messenger Directory Traversal Vulnerability: Srimax Output Messenger contains a directory traversal vulnerability that allows an attacker to access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access. | CWE-22 |
| 2025-06-09 | Ivanti | CVE-2025-4428 | Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability: Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. | CWE-94 |
| 2025-06-09 | Ivanti | CVE-2025-4427 | Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability: Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected resources without proper credentials via crafted API requests. This vulnerability results from an insecure implementation of the Spring Framework open-source library. | CWE-288 |
| 2025-06-05 | SAP | CVE-2025-42999 | SAP NetWeaver Deserialization Vulnerability: SAP NetWeaver Visual Composer Metadata Uploader contains a deserialization vulnerability that allows a privileged attacker to compromise the confidentiality, integrity, and availability of the host system by deserializing untrusted or malicious content. | CWE-502 |
| 2025-06-04 | Fortinet | CVE-2025-32756 | Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability: Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests. | CWE-124 |
| 2025-06-03 | Microsoft | CVE-2025-32701 | Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability: Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | CWE-416 |
| 2025-06-03 | Microsoft | CVE-2025-30400 | Microsoft Windows DWM Core Library Use-After-Free Vulnerability: Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | CWE-416 |
| 2025-06-03 | Microsoft | CVE-2025-32706 | Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability: Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally. | CWE-122 |
| 2025-06-03 | Microsoft | CVE-2025-30397 | Microsoft Windows Scripting Engine Type Confusion Vulnerability: Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL. | CWE-843 |
| 2025-06-03 | Microsoft | CVE-2025-32709 | Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability: Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator. | CWE-416 |
| 2025-06-02 | TeleMessage | CVE-2025-47729 | TeleMessage TM SGNL Hidden Functionality Vulnerability: TeleMessage TM SGNL contains a hidden functionality vulnerability in which the archiving backend holds cleartext copies of messages from TM SGNL application users. | CWE-912 |
| 2025-05-27 | FreeType | CVE-2025-27363 | FreeType Out-of-Bounds Write Vulnerability: FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution. | CWE-787 |
| 2025-05-26 | Langflow | CVE-2025-3248 | Langflow Missing Authentication Vulnerability: Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests. | CWE-306 |
| 2025-05-23 | Commvault | CVE-2025-34028 | Commvault Command Center Path Traversal Vulnerability: Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code. | CWE-22 |
| 2025-05-23 | Yiiframework | CVE-2024-58136 | Yiiframework Yii Improper Protection of Alternate Path Vulnerability: Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement Yii, including—but not limited to—Craft CMS, as represented by CVE-2025-32432. | CWE-424 |