Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv3

CVE-2025-26310

Multiple memory leaks have been identified in the ABC file parsing functions (parseABC_CONSTANT_POOL and `parseABC_FILE) in util/parser.c of libming v0.4.8, which allow malicious users to cause a denial of service via a crafted ABC file.
8.8
CVSSv3

CVE-2025-26378

A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) malicious user to reset passwords, including the ones of administrator accounts, via crafted HTTP requests.
Q-free Maxtime
6.8
CVSSv3

CVE-2025-26465

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying...
Red Hat Red Hat Enterprise Linux 6Red Hat Red Hat Enterprise Linux 7Red Hat Red Hat Enterprise Linux 8Red Hat Red Hat Enterprise Linux 9Red Hat Red Hat Openshift Container Platform 4
5.9
CVSSv3

CVE-2025-26466

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such pack...
Red Hat Red Hat Enterprise Linux 6Red Hat Red Hat Enterprise Linux 7Red Hat Red Hat Enterprise Linux 8Red Hat Red Hat Enterprise Linux 9Red Hat Red Hat Openshift Container Platform 4
NA

CVE-2025-26495

Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record the Personal Access Token (PAT) into logging repositories.This issue affects Tableau Server: prior to 2022.1.3, prior to 2021.4.8, prior to 2021.3.13, prior to 2021.2.14, prior to 202...
Salesforce Tableau Server
NA

CVE-2025-27636

CVE-2025-29891: Apache Camel: Camel Message Header Injection through request parameters
NA

CVE-2025-27591

Below: World Writable Directory in /var/log/below Allows Local Privilege Escalation (CVE-2025-27591)
NA

CVE-2025-27840

😈 Bienvenue sur mon GitHub ! 👾 Passionné par la cybersécurité et le développement 🌟 Toujours en train d'expérimenter de nouveaux outils 🚀 Voici un aperçu de mes ...
NA

CVE-2025-26645

Choose your own Patch Tuesday adventure: Start with six zero-day fixes, or six critical flaws
NA

CVE-2025-26630

Choose your own Patch Tuesday adventure: Start with six zero-day fixes, or six critical flaws
Preferred Score:
CVSSv4
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-29362CVE-2025-29359rising technosoftcode injectionXML injectionCVE-2025-24201vimlocal file inclusionCVE-2025-25292CVE-2024-13376devolutionssiemensCVE-2025-1257
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook