| CVE-2025-32901 |
medium |
kdeconnect |
In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could... |
| CVE-2025-32899 |
medium |
kdeconnect |
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices... |
| CVE-2025-66293 |
medium |
libpng |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG... |
| CVE-2025-12819 |
medium |
pgbouncer |
Untrusted search path in auth_query connection handler in PgBouncer before 1.25.1 allows an... |
| CVE-2025-54065 |
medium |
gzdoom |
GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom... |
| CVE-2025-13751 |
low |
openvpn |
Interactive service agent in OpenVPN version 2.5.0 through 2.7_rc2 on Windows allows a local... |
| CVE-2025-13946 |
medium |
wireshark |
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service |
| CVE-2025-65955 |
unknown |
imagemagick |
Further research determined the issue is not a vulnerability. |
| CVE-2025-66476 |
medium |
vim |
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled... |
| CVE-2025-65105 |
medium |
apptainer |
Apptainer is an open source container platform. In Apptainer versions less than 1.4.5, a... |
| CVE-2025-64750 |
medium |
singularity |
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE... |
| CVE-2025-27232 |
medium |
zabbix |
An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary... |
| CVE-2025-61915 |
unknown |
cups |
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating... |
| CVE-2025-58436 |
unknown |
cups |
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating... |
| CVE-2025-64344 |
unknown |
suricata |
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security... |
| CVE-2025-64335 |
medium |
suricata |
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security... |
| CVE-2025-64334 |
unknown |
suricata |
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security... |
| CVE-2025-64333 |
unknown |
suricata |
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security... |
| CVE-2025-64332 |
unknown |
suricata |
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security... |
| CVE-2025-64331 |
medium |
suricata |
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security... |
| CVE-2025-64330 |
unknown |
suricata |
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security... |
| CVE-2025-2486 |
low |
edk2 |
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in... |
| CVE-2025-13674 |
unknown |
wireshark |
BPv7 dissector crash in Wireshark 4.6.0 allows denial of service |
| CVE-2025-59820 |
medium |
krita |
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer... |
| CVE-2025-64713 |
unknown |
wasm-micro-runtime |
WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. Prior... |
| CVE-2025-64704 |
unknown |
wasm-micro-runtime |
WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. Prior... |
| CVE-2025-65965 |
high |
grype |
Grype is a vulnerability scanner for container images and filesystems. A credential disclosure... |
| CVE-2025-64761 |
unknown |
openbao |
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a... |
| CVE-2025-65501 |
unknown |
libcoap |
Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote... |
| CVE-2025-65500 |
unknown |
libcoap |
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap... |
| CVE-2025-65499 |
unknown |
libcoap |
Array index error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows... |
| CVE-2025-65498 |
unknown |
libcoap |
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap... |
| CVE-2025-65497 |
unknown |
libcoap |
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap... |
| CVE-2025-65496 |
unknown |
libcoap |
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap... |
| CVE-2025-65495 |
unknown |
libcoap |
Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5... |
| CVE-2025-65494 |
unknown |
libcoap |
NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_openssl.c in OISM libcoap... |
| CVE-2025-65493 |
unknown |
libcoap |
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to... |
| CVE-2025-13566 |
medium |
nnn |
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the... |
| CVE-2025-65018 |
medium |
libpng |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG... |
| CVE-2025-64720 |
medium |
libpng |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG... |
| CVE-2025-64506 |
medium |
libpng |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG... |
| CVE-2025-64505 |
medium |
libpng |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG... |
| CVE-2025-12889 |
unknown |
wolfssl |
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is... |
| CVE-2025-12888 |
unknown |
wolfssl |
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels... |
| CVE-2025-11936 |
unknown |
wolfssl |
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple... |
| CVE-2025-11934 |
unknown |
wolfssl |
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in... |
| CVE-2025-11933 |
unknown |
wolfssl |
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on... |
| CVE-2025-11932 |
unknown |
wolfssl |
The server previously verified the TLS 1.3 PSK binder using a non-constant time method which... |
| CVE-2025-11931 |
unknown |
wolfssl |
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit... |
| CVE-2025-65102 |
high |
pjproject |
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus... |
