CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2025-10035	High	52.0%	FortraGoAnywhere MFT	Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.	Sep 29, 2025	KEV
CVE-2025-59689	High	6.0%	LibraesvaEmail Security Gateway	Libraesva Email Security Gateway (ESG) contains a command injection vulnerability which allows command injection via a compressed e-mail attachment.	Sep 29, 2025	KEV
CVE-2025-20352	High	2.0%	CiscoIOS and IOS XE	Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.	Sep 29, 2025	KEV
CVE-2025-32463	High	26.5%	SudoSudo	Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.	Sep 29, 2025	KEV
CVE-2021-21311	High	94.2%	AdminerAdminer	Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain potentially sensitive information.	Sep 29, 2025	KEV
CVE-2025-20333	High	18.8%	CiscoSecure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense	Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362.	Sep 25, 2025	KEV
CVE-2025-20362	High	37.1%	CiscoSecure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense	Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.	Sep 25, 2025	KEV
CVE-2025-10585	High	0.7%	GoogleChromium V8	Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.	Sep 23, 2025	KEV
CVE-2025-5086	High	39.2%	Dassault SystèmesDELMIA Apriso	Dassault Systèmes DELMIA Apriso contains a deserialization of untrusted data vulnerability that could lead to a remote code execution.	Sep 11, 2025	KEV
CVE-2025-38352	High	0.1%	LinuxKernel	Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and availability.	Sep 4, 2025	KEV
CVE-2025-53690	High	10.0%	SitecoreMultiple Products	Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud contain a deserialization of untrusted data vulnerability involving the use of default machine keys. This flaw allows attackers to exploit exposed ASP.NET machine keys to achieve remote code execution.	Sep 4, 2025	KEV
CVE-2025-48543	High	0.3%	AndroidRuntime	Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local privilege escalation.	Sep 4, 2025	KEV
CVE-2023-50224	High	1.5%	TP-LinkTL-WR841N	TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored credentials. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.	Sep 3, 2025	KEV
CVE-2025-9377	High	15.6%	TP-LinkMultiple Routers	TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.	Sep 3, 2025	KEV
CVE-2020-24363	High	11.1%	TP-LinkTL-WA855RE	TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.	Sep 2, 2025	KEV
CVE-2025-55177	High	0.9%	Meta PlatformsWhatsApp	Meta Platforms WhatsApp contains an incorrect authorization vulnerability due to an incomplete authorization of linked device synchronization messages. This vulnerability could allow an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.	Sep 2, 2025	KEV
CVE-2025-57819	High	70.5%	SangomaFreePBX	Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.	Aug 29, 2025	KEV
CVE-2025-7775	High	5.7%	CitrixNetScaler	Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.	Aug 26, 2025	KEV
CVE-2024-8069	High	48.3%	CitrixSession Recording	Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenticated user on the same intranet as the session recording server.	Aug 25, 2025	KEV
CVE-2025-48384	High	0.5%	GitGit	Git contains a link following vulnerability that stems from Git’s inconsistent handling of carriage return characters in configuration files.	Aug 25, 2025	KEV

CVE-2025-10035KEV

High

Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

FortraEPSS 52.0%

CVE-2025-59689KEV

High

Libraesva Email Security Gateway (ESG) contains a command injection vulnerability which allows command injection via a compressed e-mail attachment.

LibraesvaEPSS 6.0%

CVE-2025-20352KEV

High

Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.

CiscoEPSS 2.0%

CVE-2025-32463KEV

High

Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.

SudoEPSS 26.5%

CVE-2021-21311KEV

High

Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain potentially sensitive information.

AdminerEPSS 94.2%

CVE-2025-20333KEV

High

Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362.

CiscoEPSS 18.8%

CVE-2025-20362KEV

High

Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.

CiscoEPSS 37.1%

CVE-2025-10585KEV

High

Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.

GoogleEPSS 0.7%

CVE-2025-5086KEV

High

Dassault Systèmes DELMIA Apriso contains a deserialization of untrusted data vulnerability that could lead to a remote code execution.

Dassault SystèmesEPSS 39.2%

CVE-2025-38352KEV

High

Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and availability.

LinuxEPSS 0.1%

CVE-2025-53690KEV

High

Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud contain a deserialization of untrusted data vulnerability involving the use of default machine keys. This flaw allows attackers to exploit exposed ASP.NET machine keys to achieve remote code execution.

SitecoreEPSS 10.0%

CVE-2025-48543KEV

High

Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local privilege escalation.

AndroidEPSS 0.3%

CVE-2023-50224KEV

High

TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored credentials. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

TP-LinkEPSS 1.5%

CVE-2025-9377KEV

High

TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

TP-LinkEPSS 15.6%

CVE-2020-24363KEV

High

TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

TP-LinkEPSS 11.1%

CVE-2025-55177KEV

High

Meta Platforms WhatsApp contains an incorrect authorization vulnerability due to an incomplete authorization of linked device synchronization messages. This vulnerability could allow an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.

Meta PlatformsEPSS 0.9%

CVE-2025-57819KEV

High

Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.

SangomaEPSS 70.5%

CVE-2025-7775KEV

High

Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.

CitrixEPSS 5.7%

CVE-2024-8069KEV

High

Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenticated user on the same intranet as the session recording server.

CitrixEPSS 48.3%

CVE-2025-48384KEV

High

Git contains a link following vulnerability that stems from Git’s inconsistent handling of carriage return characters in configuration files.

GitEPSS 0.5%

4 5 6 7 8 9 10