CVE Database

36731+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-10896
8.8 HIGH

Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to Unrestricted Upload of File with Dangerous Type via arbitrary plugin installation …

Nov 4, 2025
CVE-2025-47368
7.8 HIGH

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.

Nov 4, 2025
CVE-2025-47367
7.8 HIGH

Memory corruption while accessing a buffer during IOCTL processing.

Nov 4, 2025
CVE-2025-47365
7.8 HIGH

Memory corruption while processing large input data from a remote source via a communication interface.

Nov 4, 2025
CVE-2025-47361
7.8 HIGH

Memory corruption when triggering a subsystem crash with an out-of-range identifier.

Nov 4, 2025
CVE-2025-47360
7.8 HIGH

Memory corruption while processing client message during device management.

Nov 4, 2025
CVE-2025-47357
8.0 HIGH

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.

Nov 4, 2025
CVE-2025-47353
7.8 HIGH

Memory corruption while processing request sent from GVM.

Nov 4, 2025
CVE-2025-47352
7.8 HIGH

Memory corruption while processing audio streaming operations.

Nov 4, 2025
CVE-2025-27074
8.8 HIGH

Memory corruption while processing a GP command response.

Nov 4, 2025
CVE-2025-27070
7.8 HIGH

Memory corruption while performing encryption and decryption commands.

Nov 4, 2025
CVE-2025-43505
8.8 HIGH

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing a maliciously crafted file may lead to …

Nov 4, 2025
CVE-2025-43502
7.5 HIGH

A privacy issue was addressed by removing sensitive data. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS …

Nov 4, 2025
CVE-2025-43500
7.5 HIGH

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS …

Nov 4, 2025
CVE-2025-43496
7.5 HIGH

The issue was addressed by adding additional logic. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia …

Nov 4, 2025
CVE-2025-43480
8.1 HIGH

The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS …

Nov 4, 2025
CVE-2025-43476
7.8 HIGH

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may …

Nov 4, 2025
CVE-2025-43474
7.8 HIGH

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app …

Nov 4, 2025
CVE-2025-43472
7.8 HIGH

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app …

Nov 4, 2025
CVE-2025-43462
7.5 HIGH

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, …

Nov 4, 2025
CVE-2025-43454
7.5 HIGH

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. A device …

Nov 4, 2025
CVE-2025-43450
7.5 HIGH

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app …

Nov 4, 2025
CVE-2025-43449
7.5 HIGH

The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able …

Nov 4, 2025
CVE-2025-43436
7.5 HIGH

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, …

Nov 4, 2025
CVE-2025-43433
8.8 HIGH

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, …

Nov 4, 2025
CVE-2025-43431
8.8 HIGH

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, …

Nov 4, 2025
CVE-2025-43419
8.8 HIGH

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, …

Nov 4, 2025
CVE-2025-43413
7.5 HIGH

An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, …

Nov 4, 2025
CVE-2025-43407
7.8 HIGH

This issue was addressed with improved entitlements. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe …

Nov 4, 2025
CVE-2025-43405
7.5 HIGH

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app …

Nov 4, 2025
CVE-2025-43401
7.5 HIGH

A denial-of-service issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A remote attacker …

Nov 4, 2025
CVE-2025-43399
7.5 HIGH

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe …

Nov 4, 2025
CVE-2025-43387
7.8 HIGH

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. A malicious app may be able …

Nov 4, 2025
CVE-2025-43386
7.8 HIGH

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, …

Nov 4, 2025
CVE-2025-43376
7.5 HIGH

A logic issue was addressed with improved state management. This issue is fixed in Safari 26, iOS 18.7.7 and iPadOS 18.7.7, iOS 26 and iPadOS …

Nov 4, 2025
CVE-2025-43373
7.5 HIGH

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may …

Nov 4, 2025
CVE-2025-43364
7.8 HIGH

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26.1. An app may …

Nov 4, 2025
CVE-2025-43361
7.8 HIGH

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, …

Nov 4, 2025
CVE-2025-43338
7.1 HIGH

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Sonoma …

Nov 4, 2025
CVE-2025-43323
8.1 HIGH

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, …

Nov 4, 2025
CVE-2024-13997
7.2 HIGH

Nagios XI versions prior to 2024R1.1.3 contain a privilege escalation vulnerability in which an authenticated administrator could leverage the Migrate Server feature to obtain root …

Nov 3, 2025
CVE-2025-50735
7.5 HIGH

Directory traversal vulnerability in NextChat thru 2.16.0 due to the WebDAV proxy failing to canonicalize or reject dot path segments in its catch-all route, allowing …

Nov 3, 2025
CVE-2025-12531
7.1 HIGH

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could …

Nov 3, 2025
CVE-2025-63441
7.3 HIGH

Open Source Social Network (OSSN) 8.6 is vulnerable to Cross Site Scripting (XSS) via the parameter param` at endpoint u/administrator/friends.

Nov 3, 2025
CVE-2025-10280
7.1 HIGH

IdentityIQ 8.5, IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p4, IdentityIQ 8.3 and all 8.3 patch levels including 8.3p5, and all prior versions …

Nov 3, 2025
CVE-2025-60785
8.8 HIGH

A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted …

Nov 3, 2025
CVE-2025-60503
8.7 HIGH

A cross-site scripting (XSS) vulnerability exists in the administrative interface of ultimatefosters UltimatePOS 4.8 where input submitted in the purchase functionality is reflected without proper …

Nov 3, 2025
CVE-2025-11761
7.8 HIGH

A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. …

Nov 3, 2025
CVE-2025-48397
7.1 HIGH

The privileged user could log in without sufficient credentials after enabling an application protocol. This security issue has been fixed in the latest script patch …

Nov 3, 2025
CVE-2025-48396
8.3 HIGH

Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has been fixed in the …

Nov 3, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.