| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2025-35003 | Apache NuttX RTOS: NuttX Bluetooth Stack HCI and UART DoS/RCE Vulnerabilities. | E S | |
| CVE-2025-35004 | Microhard Bullet-LTE and IPn4Gii AT+MFIP Argument Injection | | |
| CVE-2025-35005 | Microhard Bullet-LTE and IPn4Gii AT+MFMAC Argument Injection | | |
| CVE-2025-35006 | Microhard Bullet-LTE and IPn4Gii AT+MFPORTFWD Argument Injection | | |
| CVE-2025-35007 | Microhard Bullet-LTE and IPn4Gii AT+MFRULE Argument Injection | | |
| CVE-2025-35008 | Microhard Bullet-LTE and IPn4Gii AT+MMNAME Argument Injection | | |
| CVE-2025-35009 | Microhard Bullet-LTE and IPn4Gii AT+MNNETSP Argument Injection | | |
| CVE-2025-35010 | Microhard Bullet-LTE and IPn4Gii AT+MNPINGTM Argument Injection | | |
| CVE-2025-35036 | hibernate-validator insecure default Expression Language interpolation | | |
| CVE-2025-35471 | conda-forge openssl-feedstock writable OPENSSLDIR | | |
| CVE-2025-35939 | Craft CMS stores user-provided content in session files | KEV S | |
| CVE-2025-35940 | Hard-coded ArchiverSpaApi JWT Signing Key | E | |
| CVE-2025-35941 | mySCADA PRO Manager Password Disclosure | | |
| CVE-2025-35965 | DoS in Mattermost Playbooks via Excessive Task Actions | S | |
| CVE-2025-35975 | MicroDicom DICOM Viewer Out-of-bounds Write | S | |
| CVE-2025-35978 | Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 ... | | |
| CVE-2025-35983 | Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow ... | | |
| CVE-2025-35995 | BIG-IP PEM vulnerability | | |
| CVE-2025-35996 | KUNBUS Revolution Pi Improper Neutralization of Server-Side Includes (SSI) Within a Web Page | S |