CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-45577
7.8 HIGH

Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.

May 6, 2025
CVE-2024-45576
7.8 HIGH

Memory corruption while prociesing command buffer buffer in OPE module.

May 6, 2025
CVE-2024-45575
7.8 HIGH

Memory corruption Camera kernel when large number of devices are attached through userspace.

May 6, 2025
CVE-2024-45574
7.8 HIGH

Memory corruption during array access in Camera kernel due to invalid index from invalid command data.

May 6, 2025
CVE-2024-45567
7.8 HIGH

Memory corruption while encoding JPEG format.

May 6, 2025
CVE-2024-45566
7.8 HIGH

Memory corruption during concurrent buffer access due to modification of the reference count.

May 6, 2025
CVE-2024-45565
7.8 HIGH

Memory corruption when blob structure is modified by user-space after kernel verification.

May 6, 2025
CVE-2024-45564
7.8 HIGH

Memory corruption during concurrent access to server info object due to incorrect reference count update.

May 6, 2025
CVE-2024-45554
7.8 HIGH

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

May 6, 2025
CVE-2025-4332
7.3 HIGH

A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the …

May 6, 2025
CVE-2025-4331
7.3 HIGH

A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation …

May 6, 2025
CVE-2025-46585
7.5 HIGH

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability.

May 6, 2025
CVE-2025-46584
7.8 HIGH

Vulnerability of improper authentication logic implementation in the file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

May 6, 2025
CVE-2025-4314
7.3 HIGH

A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the …

May 6, 2025
CVE-2025-4313
7.3 HIGH

A vulnerability, which was classified as critical, was found in SourceCodester Advanced Web Store 1.0. Affected is an unknown function of the file /admin/admin_addnew_product.php. The …

May 6, 2025
CVE-2025-2802
7.3 HIGH

The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. This is due to the software …

May 6, 2025
CVE-2025-4312
7.3 HIGH

A vulnerability, which was classified as critical, has been found in SourceCodester Advanced Web Store 1.0. This issue affects some unknown processing of the file …

May 6, 2025
CVE-2025-4311
7.3 HIGH

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /admin/update_main_topic_img.php?topic_id=529. The manipulation of …

May 6, 2025
CVE-2025-4309
7.3 HIGH

A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality …

May 6, 2025
CVE-2025-4308
7.3 HIGH

A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality …

May 6, 2025
CVE-2025-4307
7.3 HIGH

A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file …

May 6, 2025
CVE-2025-4306
7.3 HIGH

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file …

May 6, 2025
CVE-2025-3610
8.8 HIGH

The Reales WP STPT plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.1.2. This is …

May 6, 2025
CVE-2025-4304
7.3 HIGH

A vulnerability, which was classified as critical, was found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /adminprofile.php. …

May 6, 2025
CVE-2025-4303
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected by this issue is some unknown …

May 6, 2025
CVE-2025-4301
7.3 HIGH

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search-notice.php. …

May 6, 2025
CVE-2025-46728
7.5 HIGH

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request …

May 6, 2025
CVE-2025-2509
7.8 HIGH

Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to …

May 6, 2025
CVE-2025-4300
7.3 HIGH

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /search_list.php. The manipulation …

May 6, 2025
CVE-2025-4299
8.8 HIGH

A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file …

May 6, 2025
CVE-2025-4298
8.8 HIGH

A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file …

May 6, 2025
CVE-2025-4297
7.3 HIGH

A vulnerability was found in PHPGurukul Men Salon Management System 2.0. It has been classified as critical. This affects an unknown part of the file …

May 5, 2025
CVE-2025-4290
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SMNT …

May 5, 2025
CVE-2025-4289
7.3 HIGH

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component RNTO Command Handler. The manipulation …

May 5, 2025
CVE-2025-4288
7.3 HIGH

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RNFR Command Handler. The …

May 5, 2025
CVE-2025-46731
7.2 HIGH

Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 …

May 5, 2025
CVE-2025-45617
7.5 HIGH

Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload.

May 5, 2025
CVE-2025-45614
7.5 HIGH

Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload.

May 5, 2025
CVE-2025-45613
7.5 HIGH

Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to access sensitive information via a crafted payload.

May 5, 2025
CVE-2025-45610
7.5 HIGH

Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows attackers to access sensitive information via a crafted payload.

May 5, 2025
CVE-2025-45609
7.5 HIGH

Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers to access sensitive information via a crafted payload.

May 5, 2025
CVE-2025-45608
7.5 HIGH

Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload.

May 5, 2025
CVE-2025-4283
7.3 HIGH

A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The …

May 5, 2025
CVE-2025-4279
8.8 HIGH

The External image replace plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'external_image_replace_get_posts::replace_post' function in all …

May 5, 2025
CVE-2025-46340
7.2 HIGH

Misskey is an open source, federated social media platform. Starting in version 12.0.0 and prior to version 2025.4.1, due to an oversight in the validation …

May 5, 2025
CVE-2025-4096
8.8 HIGH

Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. …

May 5, 2025
CVE-2025-4050
8.8 HIGH

Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific …

May 5, 2025
CVE-2025-45237
7.5 HIGH

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password.

May 5, 2025
CVE-2025-45242
7.7 HIGH

Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php.

May 5, 2025
CVE-2025-0217
7.8 HIGH

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details …

May 5, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.