CVE Database

37482+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-51056
8.2 HIGH

An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to write to arbitrary filesystem paths by exploiting the insecure 'uploadPreviews()' …

Aug 6, 2025
CVE-2025-51055
8.6 HIGH

Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database …

Aug 6, 2025
CVE-2025-47908
7.5 HIGH

Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This …

Aug 6, 2025
CVE-2025-51624
7.6 HIGH

Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.

Aug 6, 2025
CVE-2025-46659
7.5 HIGH

An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request.

Aug 6, 2025
CVE-2025-45766
7.0 HIGH

poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set …

Aug 6, 2025
CVE-2025-38747
7.8 HIGH

Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit …

Aug 6, 2025
CVE-2025-53786
8.0 HIGH

On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general …

Aug 6, 2025
CVE-2025-51532
7.5 HIGH

Incorrect access control in Sage DPW 2024_12_004 and earlier allows unauthorized attackers to access the built-in Database Monitor via a crafted request. The vendor has …

Aug 6, 2025
CVE-2025-51040
7.5 HIGH

Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the /FrameSetCore.html endpoint in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, …

Aug 6, 2025
CVE-2025-50286
8.1 HIGH

A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, …

Aug 6, 2025
CVE-2025-3354
8.1 HIGH

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could …

Aug 6, 2025
CVE-2025-3320
8.1 HIGH

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could …

Aug 6, 2025
CVE-2025-23331
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to …

Aug 6, 2025
CVE-2025-23327
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted inputs. A successful …

Aug 6, 2025
CVE-2025-23326
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A …

Aug 6, 2025
CVE-2025-23325
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful …

Aug 6, 2025
CVE-2025-23324
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation …

Aug 6, 2025
CVE-2025-23323
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation …

Aug 6, 2025
CVE-2025-23322
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before …

Aug 6, 2025
CVE-2025-23321
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid …

Aug 6, 2025
CVE-2025-23320
7.5 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to …

Aug 6, 2025
CVE-2025-23319
8.1 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending …

Aug 6, 2025
CVE-2025-23318
8.1 HIGH

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful …

Aug 6, 2025
CVE-2025-46390
7.5 HIGH

CWE-204: Observable Response Discrepancy

Aug 6, 2025
CVE-2025-46387
8.8 HIGH

CWE-639 Authorization Bypass Through User-Controlled Key

Aug 6, 2025
CVE-2025-46386
8.8 HIGH

CWE-639 Authorization Bypass Through User-Controlled Key

Aug 6, 2025
CVE-2025-22469
7.3 HIGH

OS command injection vulnerability exists in CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1. An arbitrary OS command may …

Aug 6, 2025
CVE-2025-7954
8.1 HIGH

A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage …

Aug 6, 2025
CVE-2025-47324
7.5 HIGH

Information disclosure while accessing and modifying the PIB file of a remote device via powerline.

Aug 6, 2025
CVE-2025-27076
7.8 HIGH

Memory corruption while processing simultaneous requests via escape path.

Aug 6, 2025
CVE-2025-27075
7.8 HIGH

Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.

Aug 6, 2025
CVE-2025-27073
7.5 HIGH

Transient DOS while creating NDP instance.

Aug 6, 2025
CVE-2025-27071
7.3 HIGH

Memory corruption while processing specific files in Powerline Communication Firmware.

Aug 6, 2025
CVE-2025-27069
7.8 HIGH

Memory corruption while processing DDI command calls.

Aug 6, 2025
CVE-2025-27068
7.8 HIGH

Memory corruption while processing an IOCTL command with an arbitrary address.

Aug 6, 2025
CVE-2025-27067
7.8 HIGH

Memory corruption while processing DDI call with invalid buffer.

Aug 6, 2025
CVE-2025-27066
7.5 HIGH

Transient DOS while processing an ANQP message.

Aug 6, 2025
CVE-2025-27065
7.5 HIGH

Transient DOS while processing a frame with malformed shared-key descriptor.

Aug 6, 2025
CVE-2025-27062
7.8 HIGH

Memory corruption while handling client exceptions, allowing unauthorized channel access.

Aug 6, 2025
CVE-2025-21477
7.5 HIGH

Transient DOS while processing CCCH data when NW sends data with invalid length.

Aug 6, 2025
CVE-2025-21474
7.8 HIGH

Memory corruption while processing commands from A2dp sink command queue.

Aug 6, 2025
CVE-2025-21473
7.8 HIGH

Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.

Aug 6, 2025
CVE-2025-21461
7.8 HIGH

Memory corruption when programming registers through virtual CDM.

Aug 6, 2025
CVE-2025-21458
7.8 HIGH

Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.

Aug 6, 2025
CVE-2025-21456
7.8 HIGH

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.

Aug 6, 2025
CVE-2025-21455
7.8 HIGH

Memory corruption while submitting blob data to kernel space though IOCTL.

Aug 6, 2025
CVE-2025-21452
7.5 HIGH

Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.

Aug 6, 2025
CVE-2025-8420
8.1 HIGH

Multiple plugins for WordPress by emarket-design with the 'emd-form-builder-lite' package are vulnerable to Remote Code Execution in various versions via the emd_form_builder_lite_pagenum function. This is …

Aug 6, 2025
CVE-2025-54634
8.0 HIGH

Vulnerability of improper processing of abnormal conditions in huge page separation. Impact: Successful exploitation of this vulnerability may affect availability.

Aug 6, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.