CVE Database

37482+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-8374
7.3 HIGH

A vulnerability was found in code-projects Vehicle Management 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /addcompany.php. The …

Jul 31, 2025
CVE-2025-24853
7.5 HIGH

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's …

Jul 31, 2025
CVE-2025-8373
7.3 HIGH

A vulnerability was found in code-projects Vehicle Management 1.0. It has been classified as critical. This affects an unknown part of the file /print.php. The …

Jul 31, 2025
CVE-2025-8372
7.3 HIGH

A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file …

Jul 31, 2025
CVE-2025-46359
7.2 HIGH

A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary code by restoring a …

Jul 31, 2025
CVE-2025-8371
7.3 HIGH

A vulnerability has been found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the …

Jul 31, 2025
CVE-2025-53558
8.8 HIGH

ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. With the knowledge of the credential, an attacker may log …

Jul 31, 2025
CVE-2025-7847
8.8 HIGH

The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the rest_simpleFileUpload() function in versions 2.9.3 …

Jul 31, 2025
CVE-2025-8348
7.3 HIGH

A vulnerability has been found in Kehua Charging Pile Cloud Platform 1.0 and classified as critical. This vulnerability affects unknown code of the file /home. …

Jul 31, 2025
CVE-2025-8339
7.3 HIGH

A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file …

Jul 31, 2025
CVE-2025-8338
7.3 HIGH

A vulnerability was found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file …

Jul 31, 2025
CVE-2025-49083
7.2 HIGH

CVE-2025-49083 is a vulnerability in the management console of Absolute Secure Access after version 12.00 and prior to version 13.56. Attackers with administrative access to …

Jul 31, 2025
CVE-2025-8336
7.3 HIGH

A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_user. The manipulation …

Jul 30, 2025
CVE-2025-8334
7.3 HIGH

A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality …

Jul 30, 2025
CVE-2025-54586
7.1 HIGH

GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the …

Jul 30, 2025
CVE-2025-8333
7.3 HIGH

A vulnerability was found in code-projects Online Farm System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of …

Jul 30, 2025
CVE-2025-8332
7.3 HIGH

A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /register.php. …

Jul 30, 2025
CVE-2025-8331
7.3 HIGH

A vulnerability was found in code-projects Online Farm System 1.0 and classified as critical. This issue affects some unknown processing of the file /forgot_pass.php. The …

Jul 30, 2025
CVE-2025-8330
7.3 HIGH

A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit1.php. The manipulation …

Jul 30, 2025
CVE-2025-54581
7.5 HIGH

vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from …

Jul 30, 2025
CVE-2025-53022
8.6 HIGH

TrustedFirmware-M (aka Trusted Firmware for M profile Arm CPUs) before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a …

Jul 30, 2025
CVE-2025-52187
8.2 HIGH

GetProjectsIdea Create School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in my_profile_update_form1.php.

Jul 30, 2025
CVE-2024-48916
8.1 HIGH

Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" …

Jul 30, 2025
CVE-2025-8329
7.3 HIGH

A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. This affects an unknown part of the file /filter3.php. The manipulation …

Jul 30, 2025
CVE-2025-50777
7.8 HIGH

The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local …

Jul 30, 2025
CVE-2025-8328
7.3 HIGH

A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1.0. Affected by this issue is some unknown functionality of …

Jul 30, 2025
CVE-2025-8327
7.3 HIGH

A vulnerability classified as critical was found in code-projects Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_s8.php. …

Jul 30, 2025
CVE-2025-30105
8.8 HIGH

Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this …

Jul 30, 2025
CVE-2025-26332
8.8 HIGH

TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local …

Jul 30, 2025
CVE-2025-45620
8.1 HIGH

An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information via a crafted request

Jul 30, 2025
CVE-2025-36611
7.3 HIGH

Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious …

Jul 30, 2025
CVE-2024-45955
7.3 HIGH

Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.

Jul 30, 2025
CVE-2025-8312
7.1 HIGH

Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to …

Jul 30, 2025
CVE-2025-53944
7.7 HIGH

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents. In v0.6.15 and below, the external API's get_graph_execution_results endpoint …

Jul 30, 2025
CVE-2025-8326
7.3 HIGH

A vulnerability classified as critical has been found in code-projects Exam Form Submission 1.0. Affected is an unknown function of the file /admin/delete_s7.php. The manipulation …

Jul 30, 2025
CVE-2025-8323
8.8 HIGH

The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code …

Jul 30, 2025
CVE-2025-8322
8.8 HIGH

The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts. …

Jul 30, 2025
CVE-2025-8292
8.8 HIGH

Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML …

Jul 30, 2025
CVE-2025-8320
8.8 HIGH

Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of …

Jul 30, 2025
CVE-2025-4425
8.2 HIGH

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the …

Jul 30, 2025
CVE-2025-4423
8.2 HIGH

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the …

Jul 30, 2025
CVE-2025-4422
8.2 HIGH

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the …

Jul 30, 2025
CVE-2025-4421
8.2 HIGH

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the …

Jul 30, 2025
CVE-2025-25011
7.0 HIGH

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory …

Jul 30, 2025
CVE-2025-0712
7.0 HIGH

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory …

Jul 30, 2025
CVE-2025-43277
7.8 HIGH

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS …

Jul 30, 2025
CVE-2025-43270
8.8 HIGH

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app …

Jul 30, 2025
CVE-2025-43256
7.8 HIGH

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to …

Jul 30, 2025
CVE-2025-43254
7.1 HIGH

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a …

Jul 30, 2025
CVE-2025-43249
7.8 HIGH

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may …

Jul 30, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.