CVE Database

4399+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-8542
2.4 LOW

A vulnerability was found in Portabilis i-Educar 2.10. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/empresas_cad.php. The …

Aug 5, 2025
CVE-2025-8541
2.4 LOW

A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /intranet/public_uf_cad.php. The manipulation …

Aug 5, 2025
CVE-2025-8540
2.4 LOW

A vulnerability was found in Portabilis i-Educar 2.10. It has been classified as problematic. This affects an unknown part of the file /intranet/public_municipio_cad.php. The manipulation …

Aug 5, 2025
CVE-2025-8539
2.4 LOW

A vulnerability was found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this issue is some unknown functionality of the file /intranet/public_distrito_cad.php. The …

Aug 5, 2025
CVE-2025-8538
2.4 LOW

A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. …

Aug 5, 2025
CVE-2025-8537
3.7 LOW

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of …

Aug 5, 2025
CVE-2025-8535
3.5 LOW

A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the file …

Aug 5, 2025
CVE-2025-8534
2.5 LOW

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The …

Aug 5, 2025
CVE-2025-46094
3.8 LOW

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript.

Aug 4, 2025
CVE-2025-8528
3.7 LOW

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation …

Aug 4, 2025
CVE-2025-8521
2.4 LOW

A vulnerability, which was classified as problematic, has been found in givanz Vvveb up to 1.0.5. This issue affects some unknown processing of the file …

Aug 4, 2025
CVE-2025-8519
2.7 LOW

A vulnerability classified as problematic has been found in givanz Vvveb up to 1.0.5. This affects an unknown part of the file /vadmin123/index.php?module=editor/editor of the …

Aug 4, 2025
CVE-2025-50422
2.9 LOW

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.

Aug 4, 2025
CVE-2025-8515
3.1 LOW

A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation …

Aug 4, 2025
CVE-2025-54956
3.2 LOW

The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request.

Aug 3, 2025
CVE-2025-8511
3.5 LOW

A vulnerability classified as problematic was found in Portabilis i-Diario 1.5.0. This vulnerability affects unknown code of the file /diario-de-observacoes/ of the component Observações. The …

Aug 3, 2025
CVE-2025-8510
3.5 LOW

A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. This affects the function Gerar of the file ieducar/intranet/educar_matricula_lst.php. The manipulation of the …

Aug 3, 2025
CVE-2025-8509
3.5 LOW

A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file …

Aug 3, 2025
CVE-2025-8508
3.5 LOW

A vulnerability was found in Portabilis i-Educar 2.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file …

Aug 3, 2025
CVE-2025-8507
3.5 LOW

A vulnerability was found in Portabilis i-Educar 2.9. It has been classified as problematic. Affected is an unknown function of the file /intranet/educar_funcao_lst.php. The manipulation …

Aug 3, 2025
CVE-2025-8506
3.5 LOW

A vulnerability was found in 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e and classified as problematic. This issue affects some unknown processing of the file /user/editUI. The …

Aug 3, 2025
CVE-2025-8501
3.5 LOW

A vulnerability classified as problematic has been found in code-projects Human Resource Integrated System 1.0. Affected is an unknown function of the file /insert-and-view/action.php. The …

Aug 3, 2025
CVE-2025-54350
3.7 LOW

In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.

Aug 3, 2025
CVE-2025-23290
2.5 LOW

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influenced by work …

Aug 2, 2025
CVE-2025-23288
3.3 LOW

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may cause an exposure of sensitive system information with local unprivileged system access. …

Aug 2, 2025
CVE-2025-23287
3.3 LOW

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit of this vulnerability may lead …

Aug 2, 2025
CVE-2025-54781
2.8 LOW

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks …

Aug 2, 2025
CVE-2024-13978
2.5 LOW

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the …

Aug 1, 2025
CVE-2025-6011
3.7 LOW

A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially …

Aug 1, 2025
CVE-2023-44976
3.2 LOW

Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as …

Aug 1, 2025
CVE-2023-32251
3.7 LOW

A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a …

Jul 31, 2025
CVE-2025-37109
3.5 LOW

Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product

Jul 31, 2025
CVE-2025-37108
3.5 LOW

Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product

Jul 31, 2025
CVE-2025-51385
3.5 LOW

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter.

Jul 31, 2025
CVE-2025-51384
3.5 LOW

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.

Jul 31, 2025
CVE-2025-51383
3.5 LOW

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.

Jul 31, 2025
CVE-2025-8380
3.5 LOW

A vulnerability classified as problematic was found in Campcodes Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/add_query_account.php. The manipulation …

Jul 31, 2025
CVE-2025-8365
3.5 LOW

A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file …

Jul 31, 2025
CVE-2025-54085
3.8 LOW

CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who …

Jul 31, 2025
CVE-2025-49082
2.7 LOW

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who …

Jul 31, 2025
CVE-2025-8337
2.4 LOW

A vulnerability, which was classified as problematic, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the …

Jul 30, 2025
CVE-2025-36609
2.5 LOW

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit …

Jul 30, 2025
CVE-2025-53113
2.7 LOW

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses …

Jul 30, 2025
CVE-2025-54410
3.3 LOW

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. …

Jul 30, 2025
CVE-2025-52567
3.5 LOW

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 0.84 through …

Jul 30, 2025
CVE-2025-8283
3.7 LOW

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may …

Jul 28, 2025
CVE-2025-54529
3.7 LOW

In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration

Jul 28, 2025
CVE-2025-8260
3.1 LOW

A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgrid_server.php of the component Web …

Jul 28, 2025
CVE-2023-53161
2.9 LOW

The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic.

Jul 28, 2025
CVE-2023-53160
2.9 LOW

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.

Jul 28, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.