known exploited

Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability

Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability

Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability

ConnectWise ScreenConnect Path Traversal Vulnerability

Microsoft Windows Protection Mechanism Failure Vulnerability

D-Link DIR-823X Command Injection Vulnerability

Samsung MagicINFO 9 Server Path Traversal Vulnerability

SimpleHelp Path Traversal Vulnerability

SimpleHelp Missing Authorization Vulnerability

Marimo Remote Code Execution Vulnerability

Microsoft Defender Insufficient Granularity of Access Control Vulnerability

Kentico Xperience Path Traversal Vulnerability

PaperCut NG/MF Improper Authentication Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability

Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability

JetBrains TeamCity Relative Path Traversal Vulnerability

Apache ActiveMQ Improper Input Validation Vulnerability

Microsoft Office Remote Code Execution

Microsoft SharePoint Server Improper Input Validation Vulnerability

Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability

Microsoft Windows Link Following Vulnerability

Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability

Microsoft Windows Out-of-Bounds Read Vulnerability

Adobe Acrobat Use-After-Free Vulnerability

Fortinet FortiClient EMS SQL Injection Vulnerability

Adobe Acrobat and Reader Prototype Pollution Vulnerability

Fortinet FortiClient EMS Improper Access Control Vulnerability

TrueConf Client Download of Code Without Integrity Check Vulnerability

Google Dawn Use-After-Free Vulnerability

Citrix NetScaler Out-of-Bounds Read Vulnerability

F5 BIG-IP Stack-Based Buffer Overflow Vulnerability

Langflow Code Injection Vulnerability

Craft CMS Code Injection Vulnerability

Laravel Livewire Code Injection Vulnerability

Apple Multiple Products Improper Locking Vulnerability

Apple Multiple Products Classic Buffer Overflow Vulnerability

Apple Multiple Products Buffer Overflow Vulnerability

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability

Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

Wing FTP Server Information Disclosure Vulnerability

Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability

Google Skia Out-of-Bounds Write Vulnerability

n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

Omnissa Workspace ONE Server-Side Request Forgery

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

Hikvision Multiple Products Improper Authentication Vulnerability

Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

Apple Multiple products Use-After-Free Vulnerability

Apple Multiple Products Integer Overflow or Wraparound Vulnerability

Apple iOS and iPadOS Use-After-Free Vulnerability

Broadcom VMware Aria Operations Command Injection Vulnerability

Qualcomm Multiple Chipsets Memory Corruption Vulnerability

Cisco SD-WAN Path Traversal Vulnerability

Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability

Soliton Systems K.K FileZen OS Command Injection Vulnerability

RoundCube Webmail Deserialization of Untrusted Data Vulnerability

RoundCube Webmail Cross-site Scripting Vulnerability

GitLab Server-Side Request Forgery (SSRF) Vulnerability

Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability

TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability

Google Chromium CSS Use-After-Free Vulnerability

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

Apple Multiple Buffer Overflow Vulnerability

Microsoft Configuration Manager SQL Injection Vulnerability

Notepad++ Download of Code Without Integrity Check Vulnerability

SolarWinds Web Help Desk Security Control Bypass Vulnerability

Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability

Microsoft Windows NULL Pointer Dereference Vulnerability

Microsoft Windows Shell Protection Mechanism Failure Vulnerability

Microsoft Windows Improper Privilege Management Vulnerability

Microsoft Windows Type Confusion Vulnerability

Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability

React Native Community CLI OS Command Injection Vulnerability

SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability

GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability

Sangoma FreePBX Improper Authentication Vulnerability

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability

Linux Kernel Integer Overflow Vulnerability

SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability

SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability

GNU InetUtils Argument Injection Vulnerability

Microsoft Office Security Feature Bypass Vulnerability

Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

Versa Concerto Improper Authentication Vulnerability

Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

Vite Vitejs Improper Access Control Vulnerability

Cisco Unified Communications Products Code Injection Vulnerability

Microsoft Windows Information Disclosure Vulnerability

Gogs Path Traversal Vulnerability

Microsoft Office PowerPoint Code Injection Vulnerability

Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability

MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability

Digiever DS-2105 Pro Missing Authorization Vulnerability

WatchGuard Firebox Out of Bounds Write Vulnerability

ASUS Live Update Embedded Malicious Code Vulnerability

SonicWall SMA1000 Missing Authorization Vulnerability

Cisco Multiple Products Improper Input Validation Vulnerability

Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability

Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability

Apple Multiple Products Use-After-Free WebKit Vulnerability

Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability

Google Chromium Out of Bounds Memory Access Vulnerability

OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability

RARLAB WinRAR Path Traversal Vulnerability

Microsoft Windows Use After Free Vulnerability

D-Link Routers Buffer Overflow Vulnerability

Array Networks ArrayOS AG OS Command Injection Vulnerability

Meta React Server Components Remote Code Execution Vulnerability

OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

Android Framework Information Disclosure Vulnerability

Android Framework Privilege Escalation Vulnerability