37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: add check to avoid out of bound access There is a possibility …
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes the number of words in …
In the Linux kernel, the following vulnerability has been resolved: sctp: detect and prevent references to a freed transport in sendmsg sctp_sendmsg() re-uses associations and …
A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. …
A vulnerability classified as critical was found in PCMan FTP Server up to 2.0.7. This vulnerability affects unknown code of the component ASCII Command Handler. …
A vulnerability classified as critical has been found in PCMan FTP Server up to 2.0.7. This affects an unknown part of the component VERBOSE Command …
A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality …
A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality …
A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been classified as critical. Affected is an unknown function of the component …
A vulnerability classified as critical was found in PHPGurukul Park Ticketing Management System 2.0. Affected by this vulnerability is an unknown functionality of the file …
A vulnerability classified as critical has been found in PHPGurukul Online Birth Certificate System 1.0. Affected is an unknown function of the file /admin/bwdates-reports-details.php. The …
A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the …
A vulnerability was found in Netgear EX6200 1.0.3.94. It has been declared as critical. This vulnerability affects the function sub_54340. The manipulation of the argument …
The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due …
A vulnerability was found in Netgear EX6200 1.0.3.94. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host …
A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this issue is the function sub_503FC. The manipulation of the argument …
The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2.5.4. This is due to missing or …
The NewsBlogger theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the newsblogger_install_and_activate_plugin() function in all versions up …
The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a …
A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this vulnerability is the function sub_47F7C. The manipulation of the …
A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Affected is the function sub_41940. The manipulation of the argument host leads …
A vulnerability, which was classified as critical, has been found in Netgear EX6200 1.0.3.94. This issue affects the function sub_3D0BC. The manipulation of the argument …
A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host …
A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the argument host leads …
A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub_30394. The manipulation of …
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters.
A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68. Affected by this vulnerability is the function fwAcosCgiInbound. The manipulation of the argument host …
Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. …
Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model S …
Tesla Model S oFono AT Command Heap-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model …
Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An …
Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected affected Tesla …
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote …
: Modification of Assumed-Immutable Data (MAID) vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4.
A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to …
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_household.
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint.
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.
Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network.
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using …
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version …
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version …
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been classified as critical. Affected is the function sub_4238E8. The manipulation of the argument host …
A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. Affected by this issue is the function get_cur_lang_ver. The manipulation of …
A vulnerability classified as critical was found in Netgear JWNR2000v2 1.0.0.11. Affected by this vulnerability is the function default_version_is_new. The manipulation of the argument host …
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary …
Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.
Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.
Free website and port scanning — find vulnerabilities before attackers do.