Количество 18 769
Количество 18 769
CVE-2025-27479
Kerberos Key Distribution Proxy Service Denial of Service Vulnerability
CVE-2025-27478
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2025-27477
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-27476
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-27475
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2025-27474
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-27473
HTTP.sys Denial of Service Vulnerability
CVE-2025-27472
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2025-27471
Microsoft Streaming Service Denial of Service Vulnerability
CVE-2025-27470
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-27469
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2025-27468
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2025-27467
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-27423
Improper Input Validation in Vim
CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
CVE-2025-27221
In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.
CVE-2025-27220
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.
CVE-2025-27219
In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies.
CVE-2025-27152
Possible SSRF and Credential Leakage via Absolute URL in axios Requests
CVE-2025-27151
redis-check-aof may lead to stack overflow and potential RCE
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability | CVSS3: 7.5 | 42% Средний | 10 месяцев назад |
| CVE-2025-27478 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | CVSS3: 7 | 0% Низкий | 10 месяцев назад |
| CVE-2025-27477 Windows Telephony Service Remote Code Execution Vulnerability | CVSS3: 8.8 | 2% Низкий | 10 месяцев назад |
| CVE-2025-27476 Windows Digital Media Elevation of Privilege Vulnerability | CVSS3: 7.8 | 1% Низкий | 10 месяцев назад |
| CVE-2025-27475 Windows Update Stack Elevation of Privilege Vulnerability | CVSS3: 7 | 0% Низкий | 10 месяцев назад |
| CVE-2025-27474 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | CVSS3: 6.5 | 4% Низкий | 10 месяцев назад |
| CVE-2025-27473 HTTP.sys Denial of Service Vulnerability | CVSS3: 7.5 | 44% Средний | 10 месяцев назад |
| CVE-2025-27472 Windows Mark of the Web Security Feature Bypass Vulnerability | CVSS3: 5.4 | 3% Низкий | 10 месяцев назад |
| CVE-2025-27471 Microsoft Streaming Service Denial of Service Vulnerability | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
| CVE-2025-27470 Windows Standards-Based Storage Management Service Denial of Service Vulnerability | CVSS3: 7.5 | 42% Средний | 10 месяцев назад |
| CVE-2025-27469 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | CVSS3: 7.5 | 44% Средний | 10 месяцев назад |
| CVE-2025-27468 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | CVSS3: 7 | 0% Низкий | 9 месяцев назад |
| CVE-2025-27467 Windows Digital Media Elevation of Privilege Vulnerability | CVSS3: 7.8 | 1% Низкий | 10 месяцев назад |
| CVE-2025-27423 Improper Input Validation in Vim | CVSS3: 7.1 | 1% Низкий | 11 месяцев назад |
| CVE-2025-27363 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild. | CVSS3: 8.1 | 77% Высокий | 11 месяцев назад |
| CVE-2025-27221 In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host. | CVSS3: 3.2 | 0% Низкий | 11 месяцев назад |
| CVE-2025-27220 In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. | CVSS3: 4 | 1% Низкий | 11 месяцев назад |
| CVE-2025-27219 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies. | CVSS3: 5.3 | 1% Низкий | 11 месяцев назад |
| CVE-2025-27152 Possible SSRF and Credential Leakage via Absolute URL in axios Requests | 0% Низкий | 5 месяцев назад | |
| CVE-2025-27151 redis-check-aof may lead to stack overflow and potential RCE | CVSS3: 4.7 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу