CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2023-53647 In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53648 In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error:... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53649 In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel->priv area In 3cb4d5e00e037c70 ("perf trace: Free syscall tp fields in evsel->priv") it only was... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53650 In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a ... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-49922 Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-53651 In the Linux kernel, the following vulnerability has been resolved: Input: exc3000 - properly stop timer on shutdown We need to stop the timer on driver unbind or probe failures, otherwise we get UA... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53652 In the Linux kernel, the following vulnerability has been resolved: vdpa: Add features attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when... | 7.8 | HIGH | — | 0 |
| CVE-2023-53653 In the Linux kernel, the following vulnerability has been resolved: media: amphion: fix REVERSE_INULL issues reported by coverity null-checking of a pointor is suggested before dereferencing it | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53654 In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation before accessing cgx and lmac with the addition of new MAC blocks like CN10K RPM and CN10KB RPM_USX, ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53655 In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed Registering a kprobe on __rcu_irq_enter_check_tick()... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53656 In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: Don't migrate perf to the CPU going to teardown The driver needs to migrate the perf context if the current us... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53657 In the Linux kernel, the following vulnerability has been resolved: ice: Don't tx before switchdev is fully configured There is possibility that ice_eswitch_port_start_xmit might be called while som... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53658 In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available If neither a "hif_mspi" nor "mspi" resource is present, the ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53659 In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done wo... | 7.1 | HIGH | — | 0 |
| CVE-2025-59976 An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file sy... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-53662 In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} If the filename casefolding fails, we'll be leaking memory fr... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-43914 Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.3... | 7.5 | HIGH | — | 0 |
| CVE-2025-11198 A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images w... | 7.4 | HIGH | — | 0 |
| CVE-2025-52960 A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol (SIP) ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, networ... | 5.9 | MEDIUM | — | 0 |
| CVE-2025-20360 Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulne... | 5.8 | MEDIUM | — | 0 |
| CVE-2025-52961 An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management (CFM) daemon and the Connectivity Fault Management Manager (cfmman) of Juniper Networks Junos OS Evolved on PTX1... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-59957 An Origin Validation Error vulnerability in an insufficient protected file of Juniper Networks Junos OS on EX4600 Series and QFX5000 Series allows an unauthenticated attacker with physical access to t... | 6.8 | MEDIUM | — | 0 |
| CVE-2025-59958 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based ... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-59962 An Access of Uninitialized Pointer vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved with BGP sharding configured allows an attacker triggering indir... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-59978 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to store script tags directly in web pages that... | 9.0 | CRITICAL | — | 0 |
| CVE-2025-59964 A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial ... | 7.5 | HIGH | — | 0 |
| CVE-2025-59967 A NULL Pointer Dereference vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 devices allows... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-59968 A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tamp... | 8.6 | HIGH | — | 0 |
| CVE-2025-59974 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Junos Space Security Director allows an attacker to inject malicious scripts into the applicati... | 8.4 | HIGH | — | 0 |
| CVE-2025-59975 An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based attacker flooding the device with inbound API call... | 7.5 | HIGH | — | 0 |
| CVE-2025-59981 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template De... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59982 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the dashboard search f... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59983 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Template Definiti... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59984 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in Global Search that, wh... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59985 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in a field on the Purging... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-55089 In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a c... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-59986 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the input fields in Mo... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59987 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the arbitrary device s... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59988 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report pa... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59989 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Discovery p... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59990 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the template creation ... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-22381 Aggie 2.6.1 has a Host Header injection vulnerability in the forgot password functionality, allowing an attacker to reset a user's password. | 8.2 | HIGH | — | 0 |
| CVE-2025-59991 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Management ... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59992 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Secure Console pag... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59993 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Space Node Setting... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59994 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template pag... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59995 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template pag... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-48087 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason C. Memberlite Shortcodes memberlite-shortcodes allows Stored XSS.This issue affects Memberli... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-59996 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Configuration View... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-59997 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlets pag... | 6.1 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.