CVE Database

36731+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-36354
7.3 HIGH

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary …

Oct 6, 2025
CVE-2025-11341
7.3 HIGH

A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo&style=1. Performing manipulation results in …

Oct 6, 2025
CVE-2025-11339
8.8 HIGH

A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component …

Oct 6, 2025
CVE-2025-61687
8.3 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI …

Oct 6, 2025
CVE-2025-59152
7.5 HIGH

Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. In version 2.17.0, rate limits can be completely bypassed by manipulating the X-Forwarded-For header. This renders …

Oct 6, 2025
CVE-2025-11338
8.8 HIGH

A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component …

Oct 6, 2025
CVE-2025-61197
8.9 HIGH

An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker …

Oct 6, 2025
CVE-2025-11334
7.3 HIGH

A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. Affected is an unknown function of the file /visitor-detail.php. The manipulation …

Oct 6, 2025
CVE-2025-11329
7.3 HIGH

A flaw has been found in code-projects Online Course Registration 1.0. Impacted is an unknown function of the file /admin/manage-students.php. This manipulation of the argument …

Oct 6, 2025
CVE-2025-11328
8.8 HIGH

A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results …

Oct 6, 2025
CVE-2025-11327
8.8 HIGH

A security vulnerability has been detected in Tenda AC18 15.03.05.19(6318). This vulnerability affects unknown code of the file /goform/SetUpnpCfg. The manipulation of the argument upnpEn …

Oct 6, 2025
CVE-2025-11326
8.8 HIGH

A weakness has been identified in Tenda AC18 15.03.05.19(6318). This affects an unknown part of the file /goform/WifiMacFilterSet. Executing a manipulation of the argument wifi_chkHz …

Oct 6, 2025
CVE-2025-11325
8.8 HIGH

A security flaw has been discovered in Tenda AC18 15.03.05.19(6318). Affected by this issue is some unknown functionality of the file /goform/fast_setting_pppoe_set. Performing a manipulation …

Oct 6, 2025
CVE-2025-11324
8.8 HIGH

A vulnerability was identified in Tenda AC18 15.03.05.19(6318). Affected by this vulnerability is an unknown functionality of the file /goform/setNotUpgrade. Such manipulation of the argument …

Oct 6, 2025
CVE-2025-57781
7.8 HIGH

The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. …

Oct 6, 2025
CVE-2025-11323
8.8 HIGH

A vulnerability was determined in UTT 1250GW up to v2v3.2.2-200710. Affected is the function strcpy of the file /goform/formUserStatusRemark. This manipulation of the argument Username …

Oct 6, 2025
CVE-2025-11318
7.3 HIGH

A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This vulnerability affects unknown code of the file uploadWxFile.do. The …

Oct 6, 2025
CVE-2025-11317
7.3 HIGH

A vulnerability was identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findRolePage of the file findSingConfigPage.do. The manipulation of …

Oct 6, 2025
CVE-2025-11316
7.3 HIGH

A vulnerability was determined in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this issue is the function findCategoryPage of the file findCategoryPage.do. …

Oct 6, 2025
CVE-2025-50538
8.2 HIGH

Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log.

Oct 6, 2025
CVE-2025-29192
8.2 HIGH

Flowise before 3.0.5 allows XSS via a FORM element and an INPUT element when an admin views the chat log.

Oct 6, 2025
CVE-2025-11315
7.3 HIGH

A vulnerability was found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this vulnerability is the function findUserPage of the file findUserPage.do. …

Oct 6, 2025
CVE-2025-11314
7.3 HIGH

A vulnerability has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected is the function findRolePage of the file findSingConfigPage.do. Such manipulation …

Oct 6, 2025
CVE-2025-11313
7.3 HIGH

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation …

Oct 6, 2025
CVE-2025-11312
7.3 HIGH

A vulnerability was detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findModulePage of the file findModulePage.do. The manipulation of …

Oct 6, 2025
CVE-2025-11311
7.3 HIGH

A security vulnerability has been detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The impacted element is the function findTenantPage of the file …

Oct 6, 2025
CVE-2025-11310
7.3 HIGH

A weakness has been identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The affected element is the function findFileServerPage of the file findFileServerPage.do. …

Oct 6, 2025
CVE-2025-11309
7.3 HIGH

A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Impacted is the function doFilter of the file findDeptPage.do. Performing …

Oct 5, 2025
CVE-2025-11305
8.8 HIGH

A vulnerability has been found in UTT HiPER 840G up to 3.1.1-190328. Affected by this issue is the function strcpy of the file /goform/formTaskEdit. The …

Oct 5, 2025
CVE-2025-11302
8.8 HIGH

A security vulnerability has been detected in Belkin F9K1015 1.00.10. This impacts an unknown function of the file /goform/formWpsStart. Such manipulation of the argument pinCode …

Oct 5, 2025
CVE-2025-11301
8.8 HIGH

A weakness has been identified in Belkin F9K1015 1.00.10. This affects an unknown function of the file /goform/formWlanSetupWPS. This manipulation of the argument webpage causes …

Oct 5, 2025
CVE-2025-11300
8.8 HIGH

A security flaw has been discovered in Belkin F9K1015 1.00.10. The impacted element is an unknown function of the file /goform/formWlanMP. The manipulation of the …

Oct 5, 2025
CVE-2025-11299
8.8 HIGH

A vulnerability was identified in Belkin F9K1015 1.00.10. The affected element is an unknown function of the file /goform/formWanTcpipSetup. The manipulation of the argument pppUserName …

Oct 5, 2025
CVE-2025-11297
8.8 HIGH

A vulnerability was found in Belkin F9K1015 1.00.10. This issue affects some unknown processing of the file /goform/formSetLanguage. Performing a manipulation of the argument webpage …

Oct 5, 2025
CVE-2025-11296
8.8 HIGH

A vulnerability has been found in Belkin F9K1015 1.00.10. This vulnerability affects unknown code of the file /goform/formPPTPSetup. Such manipulation of the argument pptpUserName leads …

Oct 5, 2025
CVE-2025-11295
8.8 HIGH

A flaw has been found in Belkin F9K1015 1.00.10. This affects an unknown part of the file /goform/formPPPoESetup. This manipulation of the argument pppUserName causes …

Oct 5, 2025
CVE-2025-11294
8.8 HIGH

A vulnerability was detected in Belkin F9K1015 1.00.10. Affected by this issue is some unknown functionality of the file /goform/formL2TPSetup. The manipulation of the argument …

Oct 5, 2025
CVE-2025-11293
8.8 HIGH

A security vulnerability has been detected in Belkin F9K1015 1.00.10. Affected by this vulnerability is an unknown functionality of the file /goform/formConnectionSetting. The manipulation of …

Oct 5, 2025
CVE-2025-8406
7.8 HIGH

ZenML version 0.83.1 is affected by a path traversal vulnerability in the `PathMaterializer` class. The `load` function uses `is_path_within_directory` to validate files during `data.tar.gz` extraction, …

Oct 5, 2025
CVE-2025-11287
7.3 HIGH

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/sseService.ts. Such manipulation leads to improper …

Oct 5, 2025
CVE-2025-11284
7.3 HIGH

A vulnerability has been found in Zytec Dalian Zhuoyun Technology Central Authentication Service 3. Affected by this vulnerability is an unknown functionality of the file …

Oct 5, 2025
CVE-2023-53616
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount syzbot found an invalid-free in diUnmount: BUG: …

Oct 4, 2025
CVE-2023-53613
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider …

Oct 4, 2025
CVE-2023-53608
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() The finalization of nilfs_segctor_thread() can race …

Oct 4, 2025
CVE-2023-53604
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() …

Oct 4, 2025
CVE-2023-53600
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an …

Oct 4, 2025
CVE-2023-53596
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only …

Oct 4, 2025
CVE-2023-53587
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just …

Oct 4, 2025
CVE-2023-53578
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Syzbot reported a bug as …

Oct 4, 2025
CVE-2023-53577
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was …

Oct 4, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.