CVE Database

37482+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-7734
8.7 HIGH

An issue has been discovered in GitLab CE/EE affecting all versions from 14.2 before 18.0.6, 18.1 before 18.1.4 and 18.2 before 18.2.2 that, under certain …

Aug 13, 2025
CVE-2025-6186
8.7 HIGH

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users …

Aug 13, 2025
CVE-2025-50617
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by …

Aug 13, 2025
CVE-2025-50616
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can trigger this vulnerability by …

Aug 13, 2025
CVE-2025-50615
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can trigger this vulnerability by …

Aug 13, 2025
CVE-2025-23306
7.8 HIGH

NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could cause a code injection issue by providing a …

Aug 13, 2025
CVE-2025-23305
7.8 HIGH

NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of …

Aug 13, 2025
CVE-2025-23304
7.8 HIGH

NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files …

Aug 13, 2025
CVE-2025-23303
7.8 HIGH

NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful …

Aug 13, 2025
CVE-2025-23298
7.8 HIGH

NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability in a python dependency, where an attacker could cause a code injection issue. A successful exploit …

Aug 13, 2025
CVE-2025-23296
7.8 HIGH

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of …

Aug 13, 2025
CVE-2025-23295
7.8 HIGH

NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue by providing a malicious …

Aug 13, 2025
CVE-2025-23294
7.8 HIGH

NVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might …

Aug 13, 2025
CVE-2025-50614
7.5 HIGH

A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability …

Aug 13, 2025
CVE-2025-50613
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by …

Aug 13, 2025
CVE-2025-50612
7.5 HIGH

A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability …

Aug 13, 2025
CVE-2025-50611
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by …

Aug 13, 2025
CVE-2025-50610
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by …

Aug 13, 2025
CVE-2025-50609
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function_00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling …

Aug 13, 2025
CVE-2025-50608
7.5 HIGH

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by …

Aug 13, 2025
CVE-2025-8941
7.8 HIGH

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to …

Aug 13, 2025
CVE-2025-55163
7.5 HIGH

Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability …

Aug 13, 2025
CVE-2025-54809
7.4 HIGH

F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity. Note: Software versions which have reached End of …

Aug 13, 2025
CVE-2025-52585
7.5 HIGH

When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed …

Aug 13, 2025
CVE-2025-50635
7.5 HIGH

A null pointer dereference vulnerability was discovered in Netis WF2780 v2.2.35445. The vulnerability exists in the FUN_0048a728 function of the cgitest.cgi file. Attackers can trigger …

Aug 13, 2025
CVE-2025-48500
7.3 HIGH

A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the …

Aug 13, 2025
CVE-2025-46405
7.5 HIGH

When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions …

Aug 13, 2025
CVE-2025-55154
8.8 HIGH

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage …

Aug 13, 2025
CVE-2025-55004
7.6 HIGH

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around …

Aug 13, 2025
CVE-2025-32451
8.8 HIGH

A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious …

Aug 13, 2025
CVE-2025-8907
7.0 HIGH

A vulnerability was found in H3C M2 NAS V100R006. Affected by this vulnerability is an unknown functionality of the component Webserver Configuration. The manipulation leads …

Aug 13, 2025
CVE-2025-8671
7.5 HIGH

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource …

Aug 13, 2025
CVE-2025-48989
7.5 HIGH

Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 …

Aug 13, 2025
CVE-2025-8912
7.5 HIGH

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system …

Aug 13, 2025
CVE-2025-55345
8.8 HIGH

Using Codex CLI in workspace-write mode inside a malicious context (repo, directory, etc) could lead to arbitrary file overwrite and potentially remote code execution due …

Aug 13, 2025
CVE-2025-8761
7.5 HIGH

A vulnerability has been found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This vulnerability affects unknown code of the component Backend IPC Server. The …

Aug 13, 2025
CVE-2025-6184
8.8 HIGH

The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in …

Aug 13, 2025
CVE-2025-8901
8.8 HIGH

Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a …

Aug 13, 2025
CVE-2025-8882
8.8 HIGH

Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures …

Aug 13, 2025
CVE-2025-8880
8.8 HIGH

Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. …

Aug 13, 2025
CVE-2025-8879
8.8 HIGH

Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of …

Aug 13, 2025
CVE-2025-4410
7.5 HIGH

A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code.

Aug 13, 2025
CVE-2025-4277
7.5 HIGH

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.

Aug 13, 2025
CVE-2025-4276
7.5 HIGH

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.

Aug 13, 2025
CVE-2025-54232
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54231
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54230
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54229
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54222
7.8 HIGH

Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-55171
7.5 HIGH

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, the application does not …

Aug 12, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.