CVE Database

37482+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-55165
8.2 HIGH

Autocaliweb is a web app that offers an interface for browsing, reading, and downloading eBooks using a valid Calibre database. Prior to version 0.8.3, the …

Aug 12, 2025
CVE-2025-54226
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54225
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54224
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54223
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54221
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the …

Aug 12, 2025
CVE-2025-54220
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54219
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54218
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the …

Aug 12, 2025
CVE-2025-54217
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54216
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the …

Aug 12, 2025
CVE-2025-54215
7.8 HIGH

InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the …

Aug 12, 2025
CVE-2025-54213
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54212
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54211
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54210
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54209
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-54208
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54207
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the …

Aug 12, 2025
CVE-2025-54206
7.8 HIGH

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-54187
7.8 HIGH

Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-49573
7.8 HIGH

Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-49572
7.8 HIGH

Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-49571
7.8 HIGH

Substance3D - Modeler versions 1.22.0 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the …

Aug 12, 2025
CVE-2025-49570
7.8 HIGH

Photoshop Desktop versions 25.12.3, 26.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-49561
7.8 HIGH

Animate versions 23.0.12, 24.0.9 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-49569
7.8 HIGH

Substance3D - Viewer versions 0.25 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Aug 12, 2025
CVE-2025-49560
7.8 HIGH

Substance3D - Viewer versions 0.25 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Aug 12, 2025
CVE-2025-53744
7.2 HIGH

An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all …

Aug 12, 2025
CVE-2025-52970
8.1 HIGH

A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may …

Aug 12, 2025
CVE-2025-49813
7.2 HIGH

An improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows …

Aug 12, 2025
CVE-2024-26009
8.1 HIGH

An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS 6.4.0 through 6.4.15, FortiOS 6.2.0 through 6.2.16, FortiOS 6.0 all versions, …

Aug 12, 2025
CVE-2025-53793
7.5 HIGH

Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.

Aug 12, 2025
CVE-2025-53789
7.8 HIGH

Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.

Aug 12, 2025
CVE-2025-53788
7.0 HIGH

Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

Aug 12, 2025
CVE-2025-53784
8.4 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53783
7.5 HIGH

Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.

Aug 12, 2025
CVE-2025-53781
7.7 HIGH

Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.

Aug 12, 2025
CVE-2025-53779
7.2 HIGH

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

Aug 12, 2025
CVE-2025-53778
8.8 HIGH

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

Aug 12, 2025
CVE-2025-53773
7.8 HIGH

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53772
8.8 HIGH

Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.

Aug 12, 2025
CVE-2025-53761
7.8 HIGH

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53760
7.1 HIGH

Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.

Aug 12, 2025
CVE-2025-53759
7.8 HIGH

Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53741
7.8 HIGH

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53740
8.4 HIGH

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53739
7.8 HIGH

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53738
7.8 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Aug 12, 2025
CVE-2025-53737
7.8 HIGH

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Aug 12, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.