| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2025-40014 | objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() | S | |
| CVE-2025-40114 | iio: light: Add check for array bounds in veml6075_read_int_time_ms | S | |
| CVE-2025-40325 | md/raid10: wait barrier before returning discard request with REQ_NOWAIT | | |
| CVE-2025-40364 | io_uring: fix io_req_prep_async with provided buffers | | |
| CVE-2025-40555 | A vulnerability has been identified in APOGEE PXC+TALON TC Series (BACnet) (All versions). Affected ... | | |
| CVE-2025-40556 | A vulnerability has been identified in BACnet ATEC 550-440 (All versions), BACnet ATEC 550-441 (All ... | | |
| CVE-2025-40566 | A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC ... | | |
| CVE-2025-40567 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCA... | | |
| CVE-2025-40568 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCA... | | |
| CVE-2025-40569 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCA... | | |
| CVE-2025-40571 | A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4.1.0... | | |
| CVE-2025-40572 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40573 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40574 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40575 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40576 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40577 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40578 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affecte... | | |
| CVE-2025-40579 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40580 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF... | | |
| CVE-2025-40581 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINE... | | |
| CVE-2025-40582 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINE... | | |
| CVE-2025-40583 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINE... | M | |
| CVE-2025-40585 | A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions... | | |
| CVE-2025-40591 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX ... | | |
| CVE-2025-40592 | A vulnerability has been identified in Mendix Studio Pro 10 (All versions < V10.23.0), Mendix Studio... | | |
| CVE-2025-40593 | A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected applicati... | | |
| CVE-2025-40595 | A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work... | | |
| CVE-2025-40615 | Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy | S | |
| CVE-2025-40616 | Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy | S | |
| CVE-2025-40617 | SQL injection vulnerability in Bookgy | S | |
| CVE-2025-40618 | SQL injection vulnerability in Bookgy | S | |
| CVE-2025-40619 | Improper access control vulnerability in Bookgy | S | |
| CVE-2025-40620 | Multiple vulnerabilities in TCMAN's GIM | S | |
| CVE-2025-40621 | Multiple vulnerabilities in TCMAN's GIM | S | |
| CVE-2025-40622 | Multiple vulnerabilities in TCMAN's GIM | S | |
| CVE-2025-40623 | Multiple vulnerabilities in TCMAN's GIM | S | |
| CVE-2025-40624 | Multiple vulnerabilities in TCMAN's GIM | S | |
| CVE-2025-40625 | Multiple vulnerabilities in TCMAN's GIM | S | |
| CVE-2025-40626 | Reflected Cross-Site Scripting (XSS) in AbanteCart | S | |
| CVE-2025-40627 | Reflected Cross-Site Scripting (XSS) in AbanteCart | S | |
| CVE-2025-40628 | SQL Injection in DomainsPRO | S | |
| CVE-2025-40629 | Path Traversal vulnerability in PNETLab | | |
| CVE-2025-40630 | Open redirection vulnerability in IceWarp Mail Server | S | |
| CVE-2025-40631 | HTTP host header injection vulnerability in IceWarp Mail Server | S | |
| CVE-2025-40632 | Cross-site scripting (XSS) vulnerability in IceWarp Mail Server | S | |
| CVE-2025-40633 | Stored Cross-Site Scripting (XSS) in Koibox | | |
| CVE-2025-40634 | Stack-based buffer overflow in TP-Link Archer AX50 | S | |
| CVE-2025-40635 | SQL injection at Comerzzia | S | |
| CVE-2025-40650 | Insecure Direct Object Reference (IDOR) in Clickedu | S | |
| CVE-2025-40651 | Reflected Cross Site Scripting (XSS) in Real Easy Store | | |
| CVE-2025-40652 | Cross-Site Scripting (XSS) in CoverManager | S | |
| CVE-2025-40653 | User enumeration in M3M Printer Server Web | | |
| CVE-2025-40654 | SQL injection vulnerability in DM Corporative CMS | S | |
| CVE-2025-40655 | SQL injection vulnerability in DM Corporative CMS | S | |
| CVE-2025-40656 | SQL injection vulnerability in DM Corporative CMS | S | |
| CVE-2025-40657 | SQL injection vulnerability in DM Corporative CMS | S | |
| CVE-2025-40658 | Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS | S | |
| CVE-2025-40659 | Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS | S | |
| CVE-2025-40660 | Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS | S | |
| CVE-2025-40661 | Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS | S | |
| CVE-2025-40662 | Absolute path disclosure vulnerability in DM Corporative CMS | S | |
| CVE-2025-40663 | Stored Cross-Site Scripting (XSS) in i2A-Cronos by i2A | | |
| CVE-2025-40664 | Missing authentication vulnerability in TCMAN GIM v11 | S | |
| CVE-2025-40665 | Time-based blind SQL injection vulnerability in TCMAN GIM v11 | S | |
| CVE-2025-40666 | Time-based blind SQL injection vulnerability in TCMAN GIM v11 | S | |
| CVE-2025-40667 | Missing authorization vulnerability in TCMAN GIM v11 | S | |
| CVE-2025-40668 | Incorrect Authorization vulnerability in TCMAN GIM | S | |
| CVE-2025-40669 | Incorrect Authorization vulnerability in TCMAN GIM | S | |
| CVE-2025-40670 | Incorrect Authorization vulnerability in TCMAN GIM | S | |
| CVE-2025-40671 | SQL injection vulnerability in AES Multimedia's Gestnet | S | |
| CVE-2025-40672 | Privilege Escalation in Panloader.exe | S | |
| CVE-2025-40673 | Missing Authorization in DinoRANK | S | |
| CVE-2025-40674 | Reflected Cross-Site Scripting (XSS) in osCommerce | S | |
| CVE-2025-40675 | Reflected Cross-Site Scripting (XSS) in Bagisto | | |
| CVE-2025-40710 | Host Header Injection (HHI) in the Hotspot Shield VPN client | S | |
| CVE-2025-40711 | SQL injection vulnerability in Quiter Gateway | S | |
| CVE-2025-40712 | SQL injection vulnerability in Quiter Gateway | S | |
| CVE-2025-40713 | SQL injection vulnerability in Quiter Gateway | S | |
| CVE-2025-40714 | SQL injection vulnerability in Quiter Gateway | S | |
| CVE-2025-40715 | SQL injection vulnerability in Quiter Gateway | S | |
| CVE-2025-40716 | SQL injection vulnerability in Quiter Gateway | S | |
| CVE-2025-40717 | SQL injection vulnerability in Quiter Gateway | S | |
| CVE-2025-40718 | Improper error handling vulnerability in Quiter Gateway | S | |
| CVE-2025-40719 | Reflected Cross-site Scripting (XSS) vulnerability in Quiter Gateway | S | |
| CVE-2025-40720 | Reflected Cross-site Scripting (XSS) vulnerability in Quiter Gateway | S | |
| CVE-2025-40721 | Reflected Cross-site Scripting (XSS) vulnerability in Quiter Gateway | S | |
| CVE-2025-40722 | Stored Cross-Site Scripting (XSS) vulnerability on Flatboard | S | |
| CVE-2025-40723 | Stored Cross-Site Scripting (XSS) vulnerability on Flatboard | S | |
| CVE-2025-40726 | Cross-Site Scripting (XSS) reflected in Nosto | S | |
| CVE-2025-40727 | Reflected Cross-Site Scripting (XSS) in Phoenix CMS | | |
| CVE-2025-40728 | SQL injection vulnerability in Customer Support System | | |
| CVE-2025-40729 | Reflected Cross-Site Scripting (XSS) vulnerability in Customer Support System | | |
| CVE-2025-40731 | SQL injection vulnerability in Daily Expense Manager | | |
| CVE-2025-40732 | User enumeration vulnerability in Daily Expense Manager | | |
| CVE-2025-40733 | Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager | | |
| CVE-2025-40734 | Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager | | |
| CVE-2025-40735 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vul... | | |
| CVE-2025-40736 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exp... | | |
| CVE-2025-40737 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application doe... | | |
| CVE-2025-40738 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application doe... | | |
| CVE-2025-40739 | A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affec... | | |
| CVE-2025-40740 | A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affec... | | |
| CVE-2025-40741 | A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affec... | | |
| CVE-2025-40742 | A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP... | | |
| CVE-2025-40775 | DNS message with invalid TSIG causes an assertion failure | S | |
| CVE-2025-40846 | HaloITSM open redirect via the returnUrl | | |
| CVE-2025-40906 | BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities | S | |
| CVE-2025-40907 | FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library | E S | |
| CVE-2025-40908 | YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified | E S | |
| CVE-2025-40909 | Perl threads have a working directory race condition where file operations may target unintended paths | E S | |
| CVE-2025-40910 | Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses | S | |
| CVE-2025-40911 | Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses | S | |
| CVE-2025-40912 | CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode | S | |
| CVE-2025-40914 | Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow | S | |
| CVE-2025-40915 | Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens | S | |
| CVE-2025-40916 | Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha text | S |