| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2025-41222 | A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions),... | | |
| CVE-2025-41223 | A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions),... | | |
| CVE-2025-41224 | A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RM... | | |
| CVE-2025-41225 | VMware vCenter Server authenticated command-execution vulnerability | | |
| CVE-2025-41226 | Guest Operations Denial-of-Service Vulnerability | | |
| CVE-2025-41227 | Denial-of-Service Vulnerability | | |
| CVE-2025-41228 | VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-41229 | VMware Cloud Foundation Directory Traversal Vulnerability | | |
| CVE-2025-41230 | VMware Cloud Foundation Information Disclosure Vulnerability | | |
| CVE-2025-41231 | VMware Cloud Foundation Missing Authorisation Vulnerability | | |
| CVE-2025-41232 | CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods | | |
| CVE-2025-41233 | Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. ... | | |
| CVE-2025-41234 | RFD Attack via “Content-Disposition” Header Sourced from Request | | |
| CVE-2025-41235 | CVE-2025-41235: Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies | | |
| CVE-2025-41255 | Cyberduck and Mountain Duck - Improper Certificate Store Handling | E | |
| CVE-2025-41256 | Cyberduck and Mountain Duck - Weak Hash Algorithm for Certificate Fingerprint | E | |
| CVE-2025-41360 | Uncontrolled resource consumption vulnerability in IDF and ZLF | S | |
| CVE-2025-41361 | Uncontrolled resource consumption vulnerability in IDF and ZLF | S | |
| CVE-2025-41362 | Code injection vulnerability in IDF and ZLF | S | |
| CVE-2025-41363 | CORS vulnerability in IDF and ZLF | S | |
| CVE-2025-41364 | Stored Cross-Site Scripting (XSS) vulnerability in IDF and ZLF | S | |
| CVE-2025-41365 | Code injection vulnerability in IDF and ZLF | S | |
| CVE-2025-41366 | CORS vulnerability in IDF and ZLF | S | |
| CVE-2025-41367 | Stored Cross-Site Scripting (XSS) vulnerability in IDF and ZLF | S | |
| CVE-2025-41377 | Cryptographic vulnerability in Iridium Certus 700 | S | |
| CVE-2025-41378 | Injection vulnerability in Iridium Certus 700 | S | |
| CVE-2025-41379 | Injection vulnerability in Iridium Certus 700 | S | |
| CVE-2025-41380 | Injection vulnerability in Iridium Certus 700 | S | |
| CVE-2025-41385 | An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an... | | |
| CVE-2025-41388 | Fuji Electric Smart Editor Stack-based Buffer Overflow | S | |
| CVE-2025-41393 | Reflected cross-site scripting vulnerability exists in the laser printers and MFPs (multifunction pr... | | |
| CVE-2025-41395 | Webapp DoS via malicious retrospective post in Playbooks | S | |
| CVE-2025-41399 | SCTP Vulnerability | | |
| CVE-2025-41403 | SQL Injection | | |
| CVE-2025-41404 | Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If thi... | | |
| CVE-2025-41406 | Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connect... | | |
| CVE-2025-41407 | SQL Injection | | |
| CVE-2025-41413 | Fuji Electric Smart Editor Out-of-bounds Write | S | |
| CVE-2025-41414 | BIG-IP HTTP/2 vulnerability | | |
| CVE-2025-41418 | Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD record... | | |
| CVE-2025-41423 | Unauthorized Playbooks Post Deletion in Mattermost Playbooks Plugin | S | |
| CVE-2025-41426 | Vertiv Liebert RDU101 and UNITY Stack-based Buffer Overflow | S | |
| CVE-2025-41427 | WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special elements u... | | |
| CVE-2025-41428 | Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in TimeW... | | |
| CVE-2025-41429 | a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE... | | |
| CVE-2025-41431 | TMM Vulnerability | | |
| CVE-2025-41433 | BIG-IP SIP ALG profile vulnerability | | |
| CVE-2025-41437 | Reflected XSS | | |
| CVE-2025-41438 | Consilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure Default | S | |
| CVE-2025-41439 | A reflected cross-site scripting vulnerability via a specific parameter exists in SLNX Help Document... | | |
| CVE-2025-41441 | Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may... | | |
| CVE-2025-41442 | Advantech iView Cross-site Scripting | S | |
| CVE-2025-41444 | SQL Injection | | |
| CVE-2025-41450 | Authentication bypass with privileged access in Danfoss AK-SM 8xxA Series prior to version 4.2 | | |
| CVE-2025-41645 | SMA: Sunny Portal demo system privilege escalation | | |
| CVE-2025-41646 | RevPi Webstatus application is vulnerable to an authentication bypass | | |
| CVE-2025-41647 | Lenze: Plaintext Password Disclosure in PLC Designer V4 Interface | | |
| CVE-2025-41648 | Pilz: Authentication Bypass in IndustrialPI Webstatus | | |
| CVE-2025-41649 | Weidmueller: Out-of-Bounds Write Vulnerability in Industrial Ethernet Switches | | |
| CVE-2025-41650 | Weidmueller: Denial-of-Service Vulnerability in Industrial Ethernet Switches | | |
| CVE-2025-41651 | Weidmueller: Missing Authentication Vulnerability in Industrial Ethernet Switches | | |
| CVE-2025-41652 | Weidmueller: Authentication Bypass Vulnerability in Industrial Ethernet Switches | | |
| CVE-2025-41653 | Weidmueller: Denial-of-Service Vulnerability in the web server functionality of Industrial Ethernet Switches | | |
| CVE-2025-41654 | PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by information disclosure via the SNMP protocol | | |
| CVE-2025-41655 | PEPPERL+FUCHS: Attacker can cause a DoS via URL | | |
| CVE-2025-41656 | Pilz: Missing Authentication in Node-RED integration | | |
| CVE-2025-41657 | AUMA: Incorrect delivery status of the Bluetooth configuration | | |
| CVE-2025-41661 | Weidmueller: Security routers IE-SR-2TX are affected by CSRF | | |
| CVE-2025-41662 | Weidmueller: Security routers IE-SR-2TX are affected by Cross-Site Request Forgery | | |
| CVE-2025-41663 | Weidmueller: Security routers IE-SR-2TX are affected by Command Injection | | |
| CVE-2025-41665 | Phoenix Contact: DoS of the PLC due to incorrect default permissions possible | | |
| CVE-2025-41666 | Phoenix Contact: File access due to the replacement of a critical file used by the watchdog | | |
| CVE-2025-41667 | Phoenix Contact: File access due to the replacement of a critical file used by the arp-preinit script | | |
| CVE-2025-41668 | Phoenix Contact: File access due to the replacement of a critical file used by the service security-profile | | |
| CVE-2025-41672 | WAGO: Vulnerability in WAGO Device Sphere | |