CVE Database

4399+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-54314
2.8 LOW

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed …

Jul 20, 2025
CVE-2025-7858
3.5 LOW

A vulnerability classified as problematic has been found in PHPGurukul Apartment Visitors Management System 1.0. This affects an unknown part of the file /admin-profile.php of …

Jul 20, 2025
CVE-2025-7857
3.5 LOW

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality …

Jul 19, 2025
CVE-2025-7856
3.5 LOW

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality …

Jul 19, 2025
CVE-2025-7840
3.5 LOW

A vulnerability was found in Campcodes Online Movie Theater Seat Reservation System 1.0. It has been classified as problematic. This affects an unknown part of …

Jul 19, 2025
CVE-2025-7819
2.4 LOW

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as problematic. This affects an unknown part of the file …

Jul 19, 2025
CVE-2025-7818
3.5 LOW

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the …

Jul 19, 2025
CVE-2025-7817
3.5 LOW

A vulnerability has been found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of …

Jul 19, 2025
CVE-2025-7816
3.5 LOW

A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown function of the file /visitor-detail.php …

Jul 19, 2025
CVE-2025-7815
2.4 LOW

A vulnerability, which was classified as problematic, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the …

Jul 19, 2025
CVE-2025-7803
3.5 LOW

A vulnerability was found in descreekert wx-discuz up to 12bd4745c63ec203cb32119bf77ead4a923bf277. It has been classified as problematic. This affects the function validToken of the file /wx.php. …

Jul 18, 2025
CVE-2025-7802
3.5 LOW

A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file …

Jul 18, 2025
CVE-2025-7800
3.5 LOW

A vulnerability classified as problematic was found in cgpandey hotelmis up to c572198e6c4780fccc63b1d3e8f3f72f825fc94e. This vulnerability affects unknown code of the file admin.php of the component …

Jul 18, 2025
CVE-2025-53901
3.5 LOW

Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions …

Jul 18, 2025
CVE-2025-7791
3.5 LOW

A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the …

Jul 18, 2025
CVE-2025-7789
3.7 LOW

A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file …

Jul 18, 2025
CVE-2025-7786
3.5 LOW

A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10. This issue affects some unknown processing of the file …

Jul 18, 2025
CVE-2025-6227
2.2 LOW

Mattermost versions 10.5.x <= 10.5.7, 9.11.x <= 9.11.16 fail to negotiate a new token when accepting the invite which allows a user that intercepts both …

Jul 18, 2025
CVE-2025-7767
3.5 LOW

A vulnerability, which was classified as problematic, has been found in PHPGurukul Art Gallery Management System 1.1. Affected by this issue is some unknown functionality …

Jul 18, 2025
CVE-2025-2818
3.5 LOW

A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol adopted by Motorola Smart Connect Android Application that could allow a nearby …

Jul 17, 2025
CVE-2024-42209
3.5 LOW

HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is …

Jul 17, 2025
CVE-2025-7748
3.5 LOW

A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the …

Jul 17, 2025
CVE-2025-7339
3.4 LOW

on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in response headers being …

Jul 17, 2025
CVE-2025-7729
3.5 LOW

A vulnerability classified as problematic was found in Scada-LTS up to 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file usersProfiles.shtm. The …

Jul 17, 2025
CVE-2025-7728
3.5 LOW

A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. Affected is an unknown function of the file users.shtm. The manipulation of …

Jul 17, 2025
CVE-2025-53840
2.4 LOW

Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency …

Jul 16, 2025
CVE-2025-7703
3.1 LOW

Authentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of information leakage.

Jul 16, 2025
CVE-2025-52687
2.4 LOW

Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web …

Jul 16, 2025
CVE-2025-53029
2.3 LOW

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high …

Jul 15, 2025
CVE-2025-50104
2.7 LOW

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability …

Jul 15, 2025
CVE-2025-50100
2.2 LOW

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to …

Jul 15, 2025
CVE-2025-50098
2.7 LOW

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability …

Jul 15, 2025
CVE-2025-50081
3.1 LOW

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit …

Jul 15, 2025
CVE-2025-50066
2.7 LOW

Vulnerability in the Oracle Database Materialized View component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability …

Jul 15, 2025
CVE-2025-50065
3.7 LOW

Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for …

Jul 15, 2025
CVE-2025-30752
3.7 LOW

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). The supported version that is affected is Oracle …

Jul 15, 2025
CVE-2025-30750
2.4 LOW

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high …

Jul 15, 2025
CVE-2025-53019
3.7 LOW

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, …

Jul 14, 2025
CVE-2025-53014
3.7 LOW

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in …

Jul 14, 2025
CVE-2025-7601
3.5 LOW

A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/student-history.php. …

Jul 14, 2025
CVE-2025-7577
3.7 LOW

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. …

Jul 14, 2025
CVE-2025-7569
3.5 LOW

A vulnerability was found in Bigotry OneBase up to 1.3.6. It has been declared as problematic. Affected by this vulnerability is the function parse_args of …

Jul 14, 2025
CVE-2025-7554
2.4 LOW

A vulnerability classified as problematic was found in Sapido RB-1802 1.0.32. This vulnerability affects unknown code of the file urlfilter.asp of the component URL Filtering …

Jul 14, 2025
CVE-2025-1220
3.7 LOW

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does …

Jul 13, 2025
CVE-2025-7485
3.3 LOW

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial …

Jul 12, 2025
CVE-2025-7464
3.7 LOW

A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation …

Jul 12, 2025
CVE-2025-7453
3.7 LOW

A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file …

Jul 11, 2025
CVE-2025-51591
3.7 LOW

A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. …

Jul 11, 2025
CVE-2025-53862
3.5 LOW

A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data …

Jul 11, 2025
CVE-2025-53861
3.1 LOW

A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks allowing …

Jul 11, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.