CVE Database

4399+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-0011
3.3 LOW

Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in …

Sep 6, 2025
CVE-2024-36331
3.2 LOW

Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.

Sep 6, 2025
CVE-2023-31365
3.9 LOW

An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in …

Sep 6, 2025
CVE-2023-31330
2.5 LOW

An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss …

Sep 6, 2025
CVE-2023-31326
2.8 LOW

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading …

Sep 6, 2025
CVE-2023-31306
3.3 LOW

Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management …

Sep 6, 2025
CVE-2023-20516
3.3 LOW

Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality …

Sep 6, 2025
CVE-2021-46750
3.0 LOW

Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics …

Sep 6, 2025
CVE-2025-10029
3.5 LOW

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unit_testing/templates/complex_header_2.php. Performing manipulation …

Sep 6, 2025
CVE-2025-10028
3.5 LOW

A vulnerability was identified in itsourcecode POS Point of Sale System 1.0. This affects an unknown part of the file /inventory/main/vendors/datatables/unit_testing/templates/6776.php. Such manipulation of the …

Sep 6, 2025
CVE-2025-57807
3.8 LOW

ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing …

Sep 5, 2025
CVE-2025-10027
3.5 LOW

A vulnerability was determined in itsourcecode POS Point of Sale System 1.0. Affected by this issue is some unknown functionality of the file /inventory/main/vendors/datatables/unit_testing/templates/2512.php. This …

Sep 5, 2025
CVE-2025-10026
3.5 LOW

A vulnerability was found in itsourcecode POS Point of Sale System 1.0. Affected by this vulnerability is an unknown functionality of the file /inventory/main/vendors/datatables/unit_testing/templates/-complex_header.php. The …

Sep 5, 2025
CVE-2025-10014
3.1 LOW

A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address …

Sep 5, 2025
CVE-2025-26461
3.3 LOW

In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app …

Sep 5, 2025
CVE-2025-58866
2.7 LOW

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Rami Yushuvaev Site Info site-info-dashboard-widget allows Retrieve Embedded Sensitive Data.This issue affects Site …

Sep 5, 2025
CVE-2025-58827
3.8 LOW

Improper Control of Generation of Code ('Code Injection') vulnerability in PickPlugins Job Board Manager job-board-manager allows Code Injection.This issue affects Job Board Manager: from n/a …

Sep 5, 2025
CVE-2025-58816
3.5 LOW

Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor ecommerce-product-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Carousel Slider …

Sep 5, 2025
CVE-2024-21977
3.2 LOW

Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss …

Sep 5, 2025
CVE-2025-26419
3.3 LOW

In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of …

Sep 4, 2025
CVE-2025-0076
3.3 LOW

In multiple locations, there is a possible way to view icons belonging to another user due to a missing permission check. This could lead to …

Sep 4, 2025
CVE-2025-26428
3.2 LOW

In startLockTaskMode of LockTaskController.java, there is a possible lock screen bypass due to a logic error in the code. This could lead to physical escalation …

Sep 4, 2025
CVE-2025-2667
2.7 LOW

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 could disclose …

Sep 4, 2025
CVE-2025-9940
3.5 LOW

A vulnerability was detected in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /feature.php. Performing manipulation of the argument …

Sep 4, 2025
CVE-2025-9939
3.5 LOW

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such …

Sep 4, 2025
CVE-2025-9929
2.4 LOW

A weakness has been identified in code-projects Responsive Blog Site 1.0. This affects an unknown function of the file blogs_view.php. Executing manipulation of the argument …

Sep 4, 2025
CVE-2025-9921
2.4 LOW

A weakness has been identified in code-projects POS Pharmacy System 1.0. Affected is an unknown function of the file /main/products.php. This manipulation of the argument …

Sep 3, 2025
CVE-2025-9821
2.7 LOW

SummaryUsers with webhook permissions can conduct SSRF via webhooks. If they have permission to view the webhook logs, the (partial) request response is also disclosed …

Sep 3, 2025
CVE-2025-58272
3.7 LOW

Cross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page created by an attacker, …

Sep 3, 2025
CVE-2023-3666
3.3 LOW

The Sticky Side Buttons WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as …

Sep 3, 2025
CVE-2025-7039
3.7 LOW

A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform …

Sep 3, 2025
CVE-2025-9845
3.5 LOW

A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. Such …

Sep 3, 2025
CVE-2025-9834
3.5 LOW

A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /registration.php. Executing manipulation of …

Sep 2, 2025
CVE-2025-8298
3.8 LOW

Realtek RTL8811AU rtwlanu.sys N6CQueryInformationHandleCustomized11nOids Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of Realtek RTL8811AU drivers. …

Sep 2, 2025
CVE-2025-9828
3.7 LOW

A vulnerability was determined in Tenda CP6 11.10.00.243. The affected element is the function sub_2B7D04 of the component uhttp. Executing manipulation can lead to risky …

Sep 2, 2025
CVE-2025-9806
1.9 LOW

A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation with …

Sep 2, 2025
CVE-2025-9797
2.4 LOW

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. …

Sep 1, 2025
CVE-2025-9796
3.5 LOW

A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site …

Sep 1, 2025
CVE-2025-55007
3.5 LOW

Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, Knowage is vulnerable to server-side request forgery. The vulnerability allows attackers …

Sep 1, 2025
CVE-2025-9778
1.9 LOW

A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an unknown function of the file /etc_ro/shadow of the component Administrative …

Sep 1, 2025
CVE-2025-9754
3.5 LOW

A flaw has been found in Campcodes Online Hospital Management System 1.0. The impacted element is an unknown function of the file /edit-profile.php of the …

Sep 1, 2025
CVE-2025-9753
2.4 LOW

A vulnerability was detected in Campcodes Online Hospital Management System 1.0. The affected element is an unknown function of the file /admin/patient-search.php of the component …

Sep 1, 2025
CVE-2025-9746
2.4 LOW

A vulnerability was detected in Campcodes Hospital Management System 1.0. This affects an unknown function of the file /admin/edit-doctor-specialization.php of the component Edit Doctor Specialization …

Aug 31, 2025
CVE-2025-9738
3.5 LOW

A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_tipo_ensino_cad.php. Executing manipulation …

Aug 31, 2025
CVE-2025-9737
3.5 LOW

A vulnerability was detected in O2OA up to 10.0-410. Affected is an unknown function of the file /x_query_assemble_designer/jaxrs/importmodel of the component Personal Profile Page. Performing …

Aug 31, 2025
CVE-2025-9736
3.5 LOW

A security vulnerability has been detected in O2OA up to 10.0-410. This impacts an unknown function of the file /x_query_assemble_designer/jaxrs/statement of the component Personal Profile …

Aug 31, 2025
CVE-2025-9735
3.5 LOW

A weakness has been identified in O2OA up to 10.0-410. This affects an unknown function of the file /x_query_assemble_designer/jaxrs/table of the component Personal Profile Page. …

Aug 31, 2025
CVE-2025-9734
3.5 LOW

A security flaw has been discovered in O2OA up to 10.0-410. The impacted element is an unknown function of the file /x_query_assemble_designer/jaxrs/stat of the component …

Aug 31, 2025
CVE-2025-9731
2.5 LOW

A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This …

Aug 31, 2025
CVE-2025-9725
2.5 LOW

A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component Web Interface. The …

Aug 31, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.