CVE Database

36759+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2022-50248
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups …

Sep 15, 2025
CVE-2022-50245
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifo_alloc() fails If kfifo_alloc() fails in mport_cdev_open(), goto err_fifo and …

Sep 15, 2025
CVE-2022-50243
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctp_auth_asoc_init_active_key When it returns an error from sctp_auth_asoc_init_active_key(), the …

Sep 15, 2025
CVE-2022-50241
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free on source server when doing inter-server copy Use-after-free occurred when the laundromat …

Sep 15, 2025
CVE-2022-50240
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: android: binder: stop saving a pointer to the VMA Do not record a pointer to …

Sep 15, 2025
CVE-2022-50239
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because …

Sep 15, 2025
CVE-2022-50235
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the …

Sep 15, 2025
CVE-2022-50234
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in …

Sep 15, 2025
CVE-2025-3025
7.3 HIGH

Elevation of Privileges in the cleaning feature of Gen Digital CCleaner version 6.33.11465 on Windows allows a local user to gain SYSTEM privileges via exploiting …

Sep 15, 2025
CVE-2025-39804
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was …

Sep 15, 2025
CVE-2025-39803
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove WARN_ON_ONCE() call from ufshcd_uic_cmd_compl() The UIC completion interrupt may be disabled …

Sep 15, 2025
CVE-2025-39802
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was …

Sep 15, 2025
CVE-2025-10446
7.3 HIGH

A security vulnerability has been detected in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/cust_searchfrm.php?action=edit. …

Sep 15, 2025
CVE-2025-10445
7.3 HIGH

A weakness has been identified in Campcodes Computer Sales and Inventory System 1.0. Impacted is an unknown function of the file /pages/us_transac.php?action=add. Executing manipulation of …

Sep 15, 2025
CVE-2025-59358
7.5 HIGH

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill …

Sep 15, 2025
CVE-2025-10444
7.3 HIGH

A security flaw has been discovered in Campcodes Online Job Finder System 1.0. This issue affects some unknown processing of the file /advancesearch.php. Performing manipulation …

Sep 15, 2025
CVE-2025-10443
8.8 HIGH

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument …

Sep 15, 2025
CVE-2025-9072
7.6 HIGH

Mattermost versions 10.10.x <= 10.10.1, 10.5.x <= 10.5.9, 10.9.x <= 10.9.4 fail to validate the redirect_to parameter, allowing an attacker to craft a malicious link …

Sep 15, 2025
CVE-2025-10436
7.3 HIGH

A weakness has been identified in Campcodes Computer Sales and Inventory System 1.0. The impacted element is an unknown function of the file /pages/sup_searchfrm.php?action=edit. This …

Sep 15, 2025
CVE-2025-10435
7.3 HIGH

A security flaw has been discovered in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/cust_edit1.php. …

Sep 15, 2025
CVE-2025-10426
7.3 HIGH

A security flaw has been discovered in itsourcecode Online Laundry Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of …

Sep 15, 2025
CVE-2025-10425
7.3 HIGH

A vulnerability was identified in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The impacted element is an unknown function of the file …

Sep 15, 2025
CVE-2025-10424
7.3 HIGH

A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file …

Sep 15, 2025
CVE-2025-59375
7.5 HIGH

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.

Sep 15, 2025
CVE-2025-10417
7.3 HIGH

A security flaw has been discovered in Campcodes Grocery Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=delete_product. The manipulation …

Sep 15, 2025
CVE-2025-10416
7.3 HIGH

A vulnerability was identified in Campcodes Grocery Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_supplier. The manipulation of the …

Sep 15, 2025
CVE-2025-10415
7.3 HIGH

A vulnerability was determined in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown function of the file /ajax.php?action=save_supplier. Executing manipulation of the …

Sep 14, 2025
CVE-2025-10414
7.3 HIGH

A vulnerability was found in Campcodes Grocery Sales and Inventory System 1.0. The impacted element is an unknown function of the file /ajax.php?action=save_customer. Performing manipulation …

Sep 14, 2025
CVE-2025-10413
7.3 HIGH

A vulnerability has been found in Campcodes Grocery Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete_customer. Such …

Sep 14, 2025
CVE-2025-10405
7.3 HIGH

A vulnerability was determined in itsourcecode Baptism Information Management System 1.0. Affected is an unknown function of the file /listbaptism.php. This manipulation of the argument …

Sep 14, 2025
CVE-2025-10404
7.3 HIGH

A vulnerability was found in itsourcecode Baptism Information Management System 1.0. This impacts an unknown function of the file /rptbaptismal.php. The manipulation of the argument …

Sep 14, 2025
CVE-2025-10403
7.3 HIGH

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/view-enquiry.php. The manipulation of the …

Sep 14, 2025
CVE-2025-10402
7.3 HIGH

A flaw has been found in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/readenq.php. Executing manipulation …

Sep 14, 2025
CVE-2025-10396
7.3 HIGH

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_role.php. Executing manipulation …

Sep 14, 2025
CVE-2025-59363
7.7 HIGH

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be …

Sep 14, 2025
CVE-2025-10385
8.8 HIGH

A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub_450B2C of the file /goform/mcr_setSysAdm. The …

Sep 14, 2025
CVE-2025-10374
7.3 HIGH

A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11. This affects an unknown part of the file /Adm/OperatorStop. Performing manipulation results …

Sep 13, 2025
CVE-2025-10371
7.3 HIGH

A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. …

Sep 13, 2025
CVE-2025-10359
7.3 HIGH

A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub_404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in …

Sep 13, 2025
CVE-2025-10358
7.3 HIGH

A security vulnerability has been detected in Wavlink WL-WN578W2 221110. This affects the function sub_404850 of the file /cgi-bin/wireless.cgi. The manipulation of the argument delete_list …

Sep 13, 2025
CVE-2025-10176
7.2 HIGH

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the prepare_items …

Sep 12, 2025
CVE-2025-45587
7.0 HIGH

A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via …

Sep 12, 2025
CVE-2025-45586
7.5 HIGH

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request.

Sep 12, 2025
CVE-2025-45584
7.5 HIGH

Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication.

Sep 12, 2025
CVE-2025-43796
7.5 HIGH

Liferay Portal 7.4.0 through 7.4.3.101, and Liferay DXP 2023.Q3.0 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA though update 35 does not limit …

Sep 12, 2025
CVE-2025-10324
7.3 HIGH

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects the function sub_401C5C of the file firewall.cgi. This manipulation of the argument pingFrmWANFilterEnabled/blockSynFloodEnabled/blockPortScanEnabled/remoteManagementEnabled causes command …

Sep 12, 2025
CVE-2025-10323
7.3 HIGH

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is the function sub_409184 of the file /wizard_rep.shtml. The manipulation of the argument sel_EncrypTyp …

Sep 12, 2025
CVE-2024-45432
7.5 HIGH

OpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an …

Sep 12, 2025
CVE-2025-57579
8.0 HIGH

An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password

Sep 12, 2025
CVE-2025-57578
8.0 HIGH

An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code via the default password

Sep 12, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.