CVE Database

37482+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-6558
8.8 HIGH KEV

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape …

Jul 15, 2025
CVE-2025-53959
7.6 HIGH

In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible

Jul 15, 2025
CVE-2025-53895
8.8 HIGH

ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session …

Jul 15, 2025
CVE-2025-26186
8.1 HIGH

SQL Injection vulnerability in openSIS v.9.1 allows a remote attacker to execute arbitrary code via the id parameter in Ajax.php

Jul 15, 2025
CVE-2025-50819
7.1 HIGH

Directory traversal vulnerability in beiyuouo arxiv-daily thru 2025-05-06 (commit fad168770b0e68aef3e5acfa16bb2e7a7765d687) when parsing the the topic.yml file in the generation logic in daily_arxiv.py.

Jul 15, 2025
CVE-2024-42650
7.5 HIGH

NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via …

Jul 15, 2025
CVE-2025-7042
7.8 HIGH

Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker …

Jul 15, 2025
CVE-2025-6974
7.8 HIGH

Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an …

Jul 15, 2025
CVE-2025-6973
7.8 HIGH

Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker …

Jul 15, 2025
CVE-2025-6972
7.8 HIGH

Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker …

Jul 15, 2025
CVE-2025-6971
7.8 HIGH

Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker …

Jul 15, 2025
CVE-2025-0831
7.8 HIGH

Out-Of-Bounds Read vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to …

Jul 15, 2025
CVE-2025-7667
8.1 HIGH

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to …

Jul 15, 2025
CVE-2025-6265
7.2 HIGH

A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allow an authenticated attacker with administrator …

Jul 15, 2025
CVE-2025-53823
8.8 HIGH

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection …

Jul 14, 2025
CVE-2025-53819
7.9 HIGH

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of …

Jul 14, 2025
CVE-2025-53643
7.5 HIGH

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability …

Jul 14, 2025
CVE-2025-53101
7.4 HIGH

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, …

Jul 14, 2025
CVE-2025-53015
7.5 HIGH

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a …

Jul 14, 2025
CVE-2024-42646
7.5 HIGH

A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.

Jul 14, 2025
CVE-2025-7612
7.3 HIGH

A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The …

Jul 14, 2025
CVE-2025-7611
7.3 HIGH

A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The …

Jul 14, 2025
CVE-2025-7610
7.3 HIGH

A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file …

Jul 14, 2025
CVE-2025-7609
7.3 HIGH

A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the …

Jul 14, 2025
CVE-2025-7608
7.3 HIGH

A vulnerability, which was classified as critical, was found in code-projects Simple Shopping Cart 1.0. Affected is an unknown function of the file /userlogin.php. The …

Jul 14, 2025
CVE-2025-7607
7.3 HIGH

A vulnerability, which was classified as critical, has been found in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the file …

Jul 14, 2025
CVE-2025-7606
7.3 HIGH

A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of …

Jul 14, 2025
CVE-2025-7605
7.3 HIGH

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the …

Jul 14, 2025
CVE-2025-7604
7.3 HIGH

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of …

Jul 14, 2025
CVE-2025-7603
7.2 HIGH

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the …

Jul 14, 2025
CVE-2025-27582
7.6 HIGH

The Secure Password extension in One Identity Password Manager before 5.14.4 allows local privilege escalation. The issue arises from a flawed security hardening mechanism within …

Jul 14, 2025
CVE-2025-7602
7.2 HIGH

A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arp_sys.asp of the component …

Jul 14, 2025
CVE-2025-7598
8.8 HIGH

A vulnerability classified as critical was found in Tenda AX1803 1.0.0.1. Affected by this vulnerability is the function formSetWifiMacFilterCfg of the file /goform/setWifiFilterCfg. The manipulation …

Jul 14, 2025
CVE-2025-7597
8.8 HIGH

A vulnerability classified as critical has been found in Tenda AX1803 1.0.0.1. Affected is the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the …

Jul 14, 2025
CVE-2025-7596
8.8 HIGH

A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been rated as critical. This issue affects the function formWifiExtraSet of the file /goform/WifiExtraSet. The …

Jul 14, 2025
CVE-2025-7595
7.3 HIGH

A vulnerability was found in code-projects Job Diary 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view-cad.php. The …

Jul 14, 2025
CVE-2024-51770
7.5 HIGH

An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

Jul 14, 2025
CVE-2024-51769
7.5 HIGH

An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

Jul 14, 2025
CVE-2024-51768
8.0 HIGH

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

Jul 14, 2025
CVE-2024-51767
7.3 HIGH

An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

Jul 14, 2025
CVE-2025-7594
7.3 HIGH

A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The …

Jul 14, 2025
CVE-2025-7593
7.3 HIGH

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-all.php. …

Jul 14, 2025
CVE-2025-53689
8.8 HIGH

Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit < 2.23.2 due to usage of an unsecured document build to load privileges. Users are …

Jul 14, 2025
CVE-2025-7587
7.3 HIGH

A vulnerability was found in code-projects Online Appointment Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality …

Jul 14, 2025
CVE-2025-7586
8.8 HIGH

A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been declared as critical. Affected by this vulnerability is the function formSetAPCfg of the file …

Jul 14, 2025
CVE-2025-7576
7.3 HIGH

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown …

Jul 14, 2025
CVE-2025-7571
8.8 HIGH

A vulnerability classified as critical has been found in UTT HiPER 840G up to 3.1.1-190328. This affects an unknown part of the file /goform/aspApBasicConfigUrcp. The …

Jul 14, 2025
CVE-2025-7620
8.8 HIGH

The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while …

Jul 14, 2025
CVE-2025-7619
8.8 HIGH

BatchSignCS, a background Windows application developed by WellChoose, has an Arbitrary File Write vulnerability. If a user visits a malicious website while the application is …

Jul 14, 2025
CVE-2025-7570
8.8 HIGH

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. Affected by this issue is some unknown functionality …

Jul 14, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.