Export limit exceeded: 341651 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10330 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10404 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10404 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10161 | 1 Turkguven | 1 Perfektive | 2025-11-14 | 7.3 High |
| Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Technologies Inc. Perfektive allows Brute Force, Authentication Bypass, Functionality Bypass.This issue affects Perfektive: before Version: 12574 Build: 2701. | ||||
| CVE-2025-31357 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An unauthenticated attacker can obtain a user's plant list by knowing the username. | ||||
| CVE-2025-31933 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An unauthenticated attacker can check the existence of usernames in the system by querying an API. | ||||
| CVE-2025-31941 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An unauthenticated attacker can obtain a list of smart devices by knowing a valid username. | ||||
| CVE-2025-31949 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An authenticated attacker can obtain any plant name by knowing the plant ID. | ||||
| CVE-2025-24315 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary users). | ||||
| CVE-2025-24850 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An attacker can export other users' plant information. | ||||
| CVE-2025-25276 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An unauthenticated attacker can hijack other users' devices and potentially control them. | ||||
| CVE-2025-26857 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| Unauthenticated attackers can rename arbitrary devices of arbitrary users (i.e., EV chargers). | ||||
| CVE-2022-49986 | 1 Linux | 1 Linux Kernel | 2025-11-14 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq storvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it doesn't need to make forward progress under memory pressure. Marking this workqueue as WQ_MEM_RECLAIM may cause deadlock while flushing a non-WQ_MEM_RECLAIM workqueue. In the current state it causes the following warning: [ 14.506347] ------------[ cut here ]------------ [ 14.506354] workqueue: WQ_MEM_RECLAIM storvsc_error_wq_0:storvsc_remove_lun is flushing !WQ_MEM_RECLAIM events_freezable_power_:disk_events_workfn [ 14.506360] WARNING: CPU: 0 PID: 8 at <-snip->kernel/workqueue.c:2623 check_flush_dependency+0xb5/0x130 [ 14.506390] CPU: 0 PID: 8 Comm: kworker/u4:0 Not tainted 5.4.0-1086-azure #91~18.04.1-Ubuntu [ 14.506391] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022 [ 14.506393] Workqueue: storvsc_error_wq_0 storvsc_remove_lun [ 14.506395] RIP: 0010:check_flush_dependency+0xb5/0x130 <-snip-> [ 14.506408] Call Trace: [ 14.506412] __flush_work+0xf1/0x1c0 [ 14.506414] __cancel_work_timer+0x12f/0x1b0 [ 14.506417] ? kernfs_put+0xf0/0x190 [ 14.506418] cancel_delayed_work_sync+0x13/0x20 [ 14.506420] disk_block_events+0x78/0x80 [ 14.506421] del_gendisk+0x3d/0x2f0 [ 14.506423] sr_remove+0x28/0x70 [ 14.506427] device_release_driver_internal+0xef/0x1c0 [ 14.506428] device_release_driver+0x12/0x20 [ 14.506429] bus_remove_device+0xe1/0x150 [ 14.506431] device_del+0x167/0x380 [ 14.506432] __scsi_remove_device+0x11d/0x150 [ 14.506433] scsi_remove_device+0x26/0x40 [ 14.506434] storvsc_remove_lun+0x40/0x60 [ 14.506436] process_one_work+0x209/0x400 [ 14.506437] worker_thread+0x34/0x400 [ 14.506439] kthread+0x121/0x140 [ 14.506440] ? process_one_work+0x400/0x400 [ 14.506441] ? kthread_park+0x90/0x90 [ 14.506443] ret_from_fork+0x35/0x40 [ 14.506445] ---[ end trace 2d9633159fdc6ee7 ]--- | ||||
| CVE-2025-27561 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| Unauthenticated attackers can rename "rooms" of arbitrary users. | ||||
| CVE-2025-27565 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs. | ||||
| CVE-2025-27575 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An unauthenticated attacker can obtain EV charger version and firmware upgrading history by knowing the charger ID. | ||||
| CVE-2025-27719 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| Unauthenticated attackers can query an API endpoint and get device details. | ||||
| CVE-2025-27927 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| An unauthenticated attackers can obtain a list of smart devices by knowing a valid username through an unprotected API. | ||||
| CVE-2025-27929 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts. | ||||
| CVE-2025-30257 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| Unauthenticated attackers can retrieve serial number of smart meters associated to a specific user account. | ||||
| CVE-2025-31147 | 1 Growatt | 1 Cloud Portal | 2025-11-14 | 5.3 Medium |
| Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users. | ||||
| CVE-2022-49998 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-11-14 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix locking in rxrpc's sendmsg Fix three bugs in the rxrpc's sendmsg implementation: (1) rxrpc_new_client_call() should release the socket lock when returning an error from rxrpc_get_call_slot(). (2) rxrpc_wait_for_tx_window_intr() will return without the call mutex held in the event that we're interrupted by a signal whilst waiting for tx space on the socket or relocking the call mutex afterwards. Fix this by: (a) moving the unlock/lock of the call mutex up to rxrpc_send_data() such that the lock is not held around all of rxrpc_wait_for_tx_window*() and (b) indicating to higher callers whether we're return with the lock dropped. Note that this means recvmsg() will not block on this call whilst we're waiting. (3) After dropping and regaining the call mutex, rxrpc_send_data() needs to go and recheck the state of the tx_pending buffer and the tx_total_len check in case we raced with another sendmsg() on the same call. Thinking on this some more, it might make sense to have different locks for sendmsg() and recvmsg(). There's probably no need to make recvmsg() wait for sendmsg(). It does mean that recvmsg() can return MSG_EOR indicating that a call is dead before a sendmsg() to that call returns - but that can currently happen anyway. Without fix (2), something like the following can be induced: WARNING: bad unlock balance detected! 5.16.0-rc6-syzkaller #0 Not tainted ------------------------------------- syz-executor011/3597 is trying to release lock (&call->user_mutex) at: [<ffffffff885163a3>] rxrpc_do_sendmsg+0xc13/0x1350 net/rxrpc/sendmsg.c:748 but there are no more locks to release! other info that might help us debug this: no locks held by syz-executor011/3597. ... Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_unlock_imbalance_bug include/trace/events/lock.h:58 [inline] __lock_release kernel/locking/lockdep.c:5306 [inline] lock_release.cold+0x49/0x4e kernel/locking/lockdep.c:5657 __mutex_unlock_slowpath+0x99/0x5e0 kernel/locking/mutex.c:900 rxrpc_do_sendmsg+0xc13/0x1350 net/rxrpc/sendmsg.c:748 rxrpc_sendmsg+0x420/0x630 net/rxrpc/af_rxrpc.c:561 sock_sendmsg_nosec net/socket.c:704 [inline] sock_sendmsg+0xcf/0x120 net/socket.c:724 ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409 ___sys_sendmsg+0xf3/0x170 net/socket.c:2463 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae [Thanks to Hawkins Jiawei and Khalid Masum for their attempts to fix this] | ||||
| CVE-2025-11260 | 1 Wordpress | 1 Wordpress | 2025-11-14 | 5.3 Medium |
| The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.15. This is due to the plugin only checking for the existence of the Authorization header in a request when determining if the nonce protection should be bypassed. This makes it possible for unauthenticated attackers to access content they should not have access to. | ||||