CVE Database

37482+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-38323
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lec_mutex syzbot found its way in net/atm/lec.c, and found an error path …

Jul 10, 2025
CVE-2025-38320
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() KASAN reports a stack-out-of-bounds read in regs_get_kernel_stack_nth(). Call Trace: …

Jul 10, 2025
CVE-2025-38317
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix buffer overflow in debugfs If the user tries to write more than …

Jul 10, 2025
CVE-2025-38313
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mc_dev The blamed commit tried to simplify how the deallocations …

Jul 10, 2025
CVE-2025-38298
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: EDAC/skx_common: Fix general protection fault After loading i10nm_edac (which automatically loads skx_edac_common), if unload only …

Jul 10, 2025
CVE-2025-38295
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create() The Amlogic DDR PMU driver meson_ddr_pmu_create() function incorrectly …

Jul 10, 2025
CVE-2025-38292
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and …

Jul 10, 2025
CVE-2025-38289
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an …

Jul 10, 2025
CVE-2025-38288
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels Correct kernel call trace when calling …

Jul 10, 2025
CVE-2025-38286
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91: Fix possible out-of-boundary access at91_gpio_probe() doesn't check that given OF alias is not …

Jul 10, 2025
CVE-2025-38280
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid __bpf_prog_ret0_warn when jit fails syzkaller reported an issue: WARNING: CPU: 3 PID: 217 …

Jul 10, 2025
CVE-2025-38279
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an …

Jul 10, 2025
CVE-2025-38270
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napi_complete() from netpoll netdevsim supports netpoll. Make sure we don't call …

Jul 10, 2025
CVE-2025-38267
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun When reading a memory mapped buffer …

Jul 10, 2025
CVE-2025-6970
7.5 HIGH

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions …

Jul 9, 2025
CVE-2025-6377
7.8 HIGH

A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries …

Jul 9, 2025
CVE-2025-6376
7.8 HIGH

A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries …

Jul 9, 2025
CVE-2025-53548
7.5 HIGH

Clerk helps developers build user management. Applications that use the verifyWebhook() helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. …

Jul 9, 2025
CVE-2025-53645
7.5 HIGH

Zimbra Collaboration (ZCS) before 9.0.0 Patch 46, 10.0.x before 10.0.15, and 10.1.x before 10.1.9 is vulnerable to a denial of service condition due to improper …

Jul 9, 2025
CVE-2025-53652
8.2 HIGH

Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, …

Jul 9, 2025
CVE-2025-53650
7.3 HIGH

Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error messages that are written to …

Jul 9, 2025
CVE-2025-44177
8.2 HIGH

A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary …

Jul 9, 2025
CVE-2025-52364
7.5 HIGH

Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service (telnetd) by default at boot via the initialization script /etc/init.d/eth.sh. This allows …

Jul 9, 2025
CVE-2025-38259
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335: Fix missing free of regulator supplies Driver gets and enables all regulator …

Jul 9, 2025
CVE-2025-38257
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdup_user() Number of apqn target list entries contained …

Jul 9, 2025
CVE-2025-38250
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-after-free in vhci_flush() without repro. [0] From …

Jul 9, 2025
CVE-2025-38249
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() In snd_usb_get_audioformat_uac3(), the length value returned from snd_usb_ctl_msg() …

Jul 9, 2025
CVE-2025-38248
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration The bridge maintains a global list of …

Jul 9, 2025
CVE-2025-38245
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). syzbot reported a warning below during atm_dev_register(). …

Jul 9, 2025
CVE-2025-38239
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix invalid node index On a system with DRAM interleave enabled, out-of-bound access …

Jul 9, 2025
CVE-2025-3497
8.7 HIGH

The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsolete and reached end of life (EOL) on June 30, …

Jul 9, 2025
CVE-2025-7220
7.3 HIGH

A vulnerability was found in Campcodes Payroll Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of …

Jul 9, 2025
CVE-2025-7219
7.3 HIGH

A vulnerability was found in Campcodes Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=delete_allowances. …

Jul 9, 2025
CVE-2025-7218
7.3 HIGH

A vulnerability was found in Campcodes Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /ajax.php?action=delete_position. The …

Jul 9, 2025
CVE-2025-6742
7.5 HIGH

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and …

Jul 9, 2025
CVE-2025-6691
8.1 HIGH

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation …

Jul 9, 2025
CVE-2025-7217
7.3 HIGH

A vulnerability has been found in Campcodes Payroll Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=save_position. The …

Jul 9, 2025
CVE-2025-7216
7.3 HIGH

A vulnerability, which was classified as critical, was found in lty628 Aidigu up to 1.8.2. This affects the function checkUserCookie of the file /application/common.php of …

Jul 9, 2025
CVE-2025-7211
7.3 HIGH

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cart_add.php. The …

Jul 9, 2025
CVE-2025-7199
7.3 HIGH

A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0. This issue affects some unknown processing of the file /notapprove.php. …

Jul 8, 2025
CVE-2025-47133
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jul 8, 2025
CVE-2025-47132
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jul 8, 2025
CVE-2025-47131
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Jul 8, 2025
CVE-2025-47130
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in …

Jul 8, 2025
CVE-2025-47129
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jul 8, 2025
CVE-2025-47128
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in …

Jul 8, 2025
CVE-2025-47127
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jul 8, 2025
CVE-2025-47126
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jul 8, 2025
CVE-2025-47125
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Jul 8, 2025
CVE-2025-47124
7.8 HIGH

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jul 8, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.