CVE Database

36759+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-57797
7.8 HIGH

Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6.5L61. If this vulnerability is exploited, an authenticated local attacker may escalate privileges …

Aug 27, 2025
CVE-2025-9510
7.3 HIGH

A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /branch/addbranch.php. The manipulation …

Aug 27, 2025
CVE-2025-9509
7.3 HIGH

A security flaw has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/fair_info_all.php. Performing manipulation of …

Aug 27, 2025
CVE-2025-9508
7.3 HIGH

A vulnerability was detected in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /report/rented_info.php. The manipulation of the …

Aug 27, 2025
CVE-2025-9507
7.3 HIGH

A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitor_info.php. Executing manipulation of the argument …

Aug 27, 2025
CVE-2025-9506
7.3 HIGH

A vulnerability has been found in Campcodes Online Loan Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_plan. Such manipulation of the …

Aug 27, 2025
CVE-2025-9505
7.3 HIGH

A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_loan_type. This …

Aug 27, 2025
CVE-2025-9504
7.3 HIGH

A vulnerability was detected in Campcodes Online Loan Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation …

Aug 27, 2025
CVE-2025-9503
7.3 HIGH

A security vulnerability has been detected in Campcodes Online Loan Management System 1.0. Affected is an unknown function of the file /ajax.php?action=save_borrower. The manipulation of …

Aug 27, 2025
CVE-2025-9502
7.3 HIGH

A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=save_payment. Executing manipulation of the …

Aug 27, 2025
CVE-2025-35115
8.1 HIGH

Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of …

Aug 26, 2025
CVE-2025-35114
7.5 HIGH

Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of …

Aug 26, 2025
CVE-2025-22412
8.8 HIGH

In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote …

Aug 26, 2025
CVE-2025-22411
8.8 HIGH

In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) …

Aug 26, 2025
CVE-2025-22410
8.4 HIGH

In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of …

Aug 26, 2025
CVE-2025-22409
8.4 HIGH

In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation …

Aug 26, 2025
CVE-2025-22406
8.4 HIGH

In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation …

Aug 26, 2025
CVE-2025-22405
8.4 HIGH

In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of …

Aug 26, 2025
CVE-2025-22404
8.4 HIGH

In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation …

Aug 26, 2025
CVE-2025-0093
7.5 HIGH

In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with …

Aug 26, 2025
CVE-2025-0084
8.8 HIGH

In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over …

Aug 26, 2025
CVE-2025-0081
7.5 HIGH

In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service …

Aug 26, 2025
CVE-2025-0080
7.8 HIGH

In multiple locations, there is a possible way to overlay the installation confirmation dialog due to a tapjacking/overlay attack. This could lead to local escalation …

Aug 26, 2025
CVE-2025-0079
7.8 HIGH

In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This …

Aug 26, 2025
CVE-2025-0078
8.8 HIGH

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local …

Aug 26, 2025
CVE-2023-21125
8.0 HIGH

In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of …

Aug 26, 2025
CVE-2025-9492
7.3 HIGH

A vulnerability was determined in Campcodes Online Water Billing System 1.0. This affects an unknown function of the file /addclient1.php. Executing manipulation of the argument …

Aug 26, 2025
CVE-2025-50971
7.5 HIGH

Directory traversal vulnerability in AbanteCart version 1.4.2 allows unauthenticated attackers to gain access to sensitive system files via the template parameter to index.php.

Aug 26, 2025
CVE-2025-9478
8.8 HIGH

Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. …

Aug 26, 2025
CVE-2025-23315
7.8 HIGH

NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a …

Aug 26, 2025
CVE-2025-23314
7.8 HIGH

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection …

Aug 26, 2025
CVE-2025-23313
7.8 HIGH

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection …

Aug 26, 2025
CVE-2025-23312
7.8 HIGH

NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code …

Aug 26, 2025
CVE-2025-23307
7.8 HIGH

NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of …

Aug 26, 2025
CVE-2025-57803
7.5 HIGH

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit …

Aug 26, 2025
CVE-2025-55298
7.5 HIGH

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability …

Aug 26, 2025
CVE-2025-9491
7.8 HIGH

Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. …

Aug 26, 2025
CVE-2025-36729
7.2 HIGH

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master …

Aug 26, 2025
CVE-2025-2697
7.4 HIGH

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim …

Aug 26, 2025
CVE-2025-1994
7.8 HIGH

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe …

Aug 26, 2025
CVE-2025-57810
7.5 HIGH

jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU …

Aug 26, 2025
CVE-2025-6366
8.8 HIGH

The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.0.4. This is due to the plugin …

Aug 26, 2025
CVE-2025-52218
7.5 HIGH

SelectZero Data Observability Platform before 2025.5.2 is vulnerable to Content Spoofing / Text Injection. Improper sanitization of unspecified parameters allows attackers to inject arbitrary text …

Aug 26, 2025
CVE-2025-9483
8.8 HIGH

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This …

Aug 26, 2025
CVE-2025-9482
8.8 HIGH

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function portRangeForwardAdd of the file /goform/portRangeForwardAdd. The manipulation …

Aug 26, 2025
CVE-2025-9481
8.8 HIGH

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function setIpv6 of the file /goform/setIpv6. …

Aug 26, 2025
CVE-2025-50753
8.4 HIGH

Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted …

Aug 26, 2025
CVE-2025-29992
7.5 HIGH

Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy.

Aug 26, 2025
CVE-2024-47853
8.8 HIGH

An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of privileges in certain cases when logging into Mahara with Learning Tools …

Aug 26, 2025
CVE-2025-38676
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered …

Aug 26, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.