CVE Database

4399+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-6650
3.3 LOW

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Jun 25, 2025
CVE-2025-6649
3.3 LOW

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Jun 25, 2025
CVE-2025-6648
3.3 LOW

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Jun 25, 2025
CVE-2025-6646
3.3 LOW

PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User …

Jun 25, 2025
CVE-2025-6643
3.3 LOW

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Jun 25, 2025
CVE-2025-6641
3.3 LOW

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Jun 25, 2025
CVE-2025-49549
2.7 LOW

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. …

Jun 25, 2025
CVE-2025-52889
3.4 LOW

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 …

Jun 25, 2025
CVE-2025-4656
3.1 LOW

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. …

Jun 25, 2025
CVE-2025-6613
3.5 LOW

A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown functionality of the file /doctor/manage-patient.php. …

Jun 25, 2025
CVE-2025-48463
3.1 LOW

Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses …

Jun 24, 2025
CVE-2025-6551
3.5 LOW

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of …

Jun 24, 2025
CVE-2025-6536
3.3 LOW

A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tm_to_datetime in the library …

Jun 24, 2025
CVE-2025-6527
3.1 LOW

A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611. Affected is an unknown function of the component Web Server. …

Jun 23, 2025
CVE-2025-6526
3.1 LOW

A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component …

Jun 23, 2025
CVE-2025-6524
3.1 LOW

A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The …

Jun 23, 2025
CVE-2025-6509
3.5 LOW

A vulnerability was found in seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71. It has been declared as problematic. Affected by this vulnerability is the function echo of …

Jun 23, 2025
CVE-2025-4563
2.7 LOW

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the …

Jun 23, 2025
CVE-2025-52968
2.7 LOW

xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. (For example, xdg-open could be modified to, by default, associate …

Jun 23, 2025
CVE-2025-6499
3.3 LOW

A vulnerability classified as problematic was found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_parse_multiline_string of the file src/ucl_parser.c. …

Jun 23, 2025
CVE-2025-6498
3.3 LOW

A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to …

Jun 23, 2025
CVE-2025-6497
3.3 LOW

A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The …

Jun 23, 2025
CVE-2025-52926
2.7 LOW

In scan.rs in spytrap-adb before 0.3.5, matches for known stalkerware are not rendered in the interactive user interface.

Jun 23, 2025
CVE-2025-6496
3.3 LOW

A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The …

Jun 23, 2025
CVE-2025-6494
3.3 LOW

A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833. It has been classified as problematic. This affects the function hashmap_get_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation …

Jun 22, 2025
CVE-2025-6490
3.3 LOW

A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads …

Jun 22, 2025
CVE-2025-6477
2.4 LOW

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality …

Jun 22, 2025
CVE-2025-6475
2.4 LOW

A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/admin/manage_students …

Jun 22, 2025
CVE-2025-6452
2.4 LOW

A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the …

Jun 22, 2025
CVE-2025-52916
2.2 LOW

Yealink RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration (last five digits).

Jun 21, 2025
CVE-2025-6401
3.5 LOW

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the …

Jun 21, 2025
CVE-2025-6375
3.3 LOW

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the …

Jun 21, 2025
CVE-2025-6217
2.5 LOW

PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of PEAK-System Driver. An attacker …

Jun 21, 2025
CVE-2023-5600
3.1 LOW

An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions …

Jun 20, 2025
CVE-2025-6353
3.5 LOW

A vulnerability classified as problematic was found in code-projects Responsive Blog 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php. The …

Jun 20, 2025
CVE-2025-6347
2.4 LOW

A vulnerability was found in code-projects Responsive Blog 1.0/1.12.4/3.3.4. It has been declared as problematic. This vulnerability affects unknown code of the file /responsive/resblog/blogadmin/admin/pageViewMembers.php. The …

Jun 20, 2025
CVE-2025-5416
2.7 LOW

A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can …

Jun 20, 2025
CVE-2025-6345
3.5 LOW

A vulnerability was found in SourceCodester My Food Recipe 1.0 and classified as problematic. Affected by this issue is the function addRecipeModal of the file …

Jun 20, 2025
CVE-2025-6340
3.5 LOW

A vulnerability classified as problematic has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The …

Jun 20, 2025
CVE-2025-6301
2.4 LOW

A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file …

Jun 20, 2025
CVE-2025-6288
2.4 LOW

A vulnerability, which was classified as problematic, has been found in PHPGurukul Bus Pass Management System 1.0. Affected by this issue is some unknown functionality …

Jun 20, 2025
CVE-2025-6287
3.5 LOW

A vulnerability classified as problematic was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file …

Jun 20, 2025
CVE-2025-6286
3.5 LOW

A vulnerability classified as problematic has been found in PHPGurukul COVID19 Testing Management System 2021. Affected is an unknown function of the file /search-report-result.php. The …

Jun 19, 2025
CVE-2025-6283
3.5 LOW

A vulnerability was found in xataio Xata Agent up to 0.3.0. It has been classified as problematic. This affects the function GET of the file …

Jun 19, 2025
CVE-2025-6275
3.3 LOW

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of …

Jun 19, 2025
CVE-2025-6274
3.3 LOW

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the function OnDataCount of the file src/interp/binary-reader-interp.cc. …

Jun 19, 2025
CVE-2025-6273
3.3 LOW

A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The …

Jun 19, 2025
CVE-2025-6272
3.3 LOW

A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads …

Jun 19, 2025
CVE-2025-6271
3.3 LOW

A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mono in the library lib/wav.c of the …

Jun 19, 2025
CVE-2025-4661
2.3 LOW

A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended …

Jun 19, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.