CVE Database

4399+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-9005
3.7 LOW

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure …

Aug 15, 2025
CVE-2025-9004
3.7 LOW

A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper …

Aug 15, 2025
CVE-2025-9003
3.5 LOW

A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsc_lan.php of the component DHCP Reserved Address Handler. …

Aug 15, 2025
CVE-2025-8976
3.5 LOW

A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/index.php?module=content/post&type=post of the component Endpoint. The …

Aug 14, 2025
CVE-2025-8975
3.5 LOW

A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug …

Aug 14, 2025
CVE-2025-8974
3.7 LOW

A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component …

Aug 14, 2025
CVE-2025-36613
2.8 LOW

SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low …

Aug 14, 2025
CVE-2025-36581
3.8 LOW

Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker …

Aug 14, 2025
CVE-2025-8961
3.3 LOW

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead …

Aug 14, 2025
CVE-2025-8713
3.1 LOW

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read …

Aug 14, 2025
CVE-2025-8927
3.7 LOW

A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/send_code of the component …

Aug 13, 2025
CVE-2025-8920
2.4 LOW

A vulnerability was identified in Portabilis i-Diario 1.6. Affected by this vulnerability is an unknown functionality of the file /dicionario-de-termos-bncc of the component Dicionário de …

Aug 13, 2025
CVE-2025-8919
2.4 LOW

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The …

Aug 13, 2025
CVE-2025-2498
3.1 LOW

An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that …

Aug 13, 2025
CVE-2025-8918
2.4 LOW

A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_instituicao_cad.php of the component Editar Page. …

Aug 13, 2025
CVE-2025-53859
3.7 LOW

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; …

Aug 13, 2025
CVE-2025-32004
3.9 LOW

Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalation of privilege via …

Aug 12, 2025
CVE-2025-27707
2.6 LOW

Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated …

Aug 12, 2025
CVE-2025-27576
2.9 LOW

Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable denial …

Aug 12, 2025
CVE-2025-27250
3.5 LOW

Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial …

Aug 12, 2025
CVE-2025-26863
3.8 LOW

Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable …

Aug 12, 2025
CVE-2025-26697
3.3 LOW

Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable …

Aug 12, 2025
CVE-2025-24523
3.5 LOW

Protection mechanism failure for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial …

Aug 12, 2025
CVE-2025-24520
3.3 LOW

Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2514.7.16.0 may allow an authenticated user to potentially enable …

Aug 12, 2025
CVE-2025-24511
3.3 LOW

Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet before version 5.19.2 may allow an authenticated user to potentially enable Information …

Aug 12, 2025
CVE-2025-24324
2.8 LOW

Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially …

Aug 12, 2025
CVE-2025-22853
2.3 LOW

Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Aug 12, 2025
CVE-2025-21096
1.9 LOW

Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Aug 12, 2025
CVE-2025-20613
3.3 LOW

Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via …

Aug 12, 2025
CVE-2025-40570
2.4 LOW

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V10.0), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC …

Aug 12, 2025
CVE-2024-41985
2.6 LOW

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < …

Aug 12, 2025
CVE-2024-41984
2.6 LOW

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < …

Aug 12, 2025
CVE-2024-41983
3.5 LOW

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < …

Aug 12, 2025
CVE-2024-41980
3.1 LOW

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < …

Aug 12, 2025
CVE-2025-42955
3.5 LOW

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to …

Aug 12, 2025
CVE-2025-42941
3.5 LOW

SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link (<a>) elements. An attacker with administrative user …

Aug 12, 2025
CVE-2025-53857
3.7 LOW

Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without …

Aug 11, 2025
CVE-2025-49221
3.7 LOW

Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without …

Aug 11, 2025
CVE-2025-8847
3.5 LOW

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of …

Aug 11, 2025
CVE-2025-8844
3.3 LOW

A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer …

Aug 11, 2025
CVE-2025-8836
3.3 LOW

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 …

Aug 11, 2025
CVE-2025-8835
3.3 LOW

A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image …

Aug 11, 2025
CVE-2025-8834
2.4 LOW

A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings …

Aug 11, 2025
CVE-2025-27562
3.3 LOW

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.

Aug 11, 2025
CVE-2025-27536
3.3 LOW

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion.

Aug 11, 2025
CVE-2025-26690
3.3 LOW

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.

Aug 11, 2025
CVE-2025-25212
3.3 LOW

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input.

Aug 11, 2025
CVE-2025-24925
3.3 LOW

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.

Aug 11, 2025
CVE-2025-24844
3.3 LOW

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.

Aug 11, 2025
CVE-2025-8813
3.5 LOW

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This vulnerability affects the function changeLanguage of the file src/main/java/co/yiiu/pybbs/controller/front/IndexController.java. …

Aug 10, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.