CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-3335
7.3 HIGH

A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file …

Apr 7, 2025
CVE-2025-3334
7.3 HIGH

A vulnerability was found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the …

Apr 7, 2025
CVE-2025-31175
8.4 HIGH

Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.

Apr 7, 2025
CVE-2025-31173
8.8 HIGH

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Apr 7, 2025
CVE-2025-31172
7.8 HIGH

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Apr 7, 2025
CVE-2025-31170
8.4 HIGH

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Apr 7, 2025
CVE-2025-20664
7.5 HIGH

In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no …

Apr 7, 2025
CVE-2025-20663
7.5 HIGH

In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no …

Apr 7, 2025
CVE-2024-58127
8.4 HIGH

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Apr 7, 2025
CVE-2024-58126
8.4 HIGH

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Apr 7, 2025
CVE-2024-58125
8.4 HIGH

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Apr 7, 2025
CVE-2024-58124
8.4 HIGH

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Apr 7, 2025
CVE-2024-58112
7.5 HIGH

Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Apr 7, 2025
CVE-2024-58111
7.5 HIGH

Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Apr 7, 2025
CVE-2024-58107
7.5 HIGH

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Apr 7, 2025
CVE-2025-3333
7.3 HIGH

A vulnerability has been found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of …

Apr 7, 2025
CVE-2025-3332
7.3 HIGH

A vulnerability, which was classified as critical, was found in codeprojects Online Restaurant Management System 1.0. Affected is an unknown function of the file /admin/menu_save.php. …

Apr 7, 2025
CVE-2025-3331
7.3 HIGH

A vulnerability, which was classified as critical, has been found in codeprojects Online Restaurant Management System 1.0. This issue affects some unknown processing of the …

Apr 7, 2025
CVE-2025-3330
7.3 HIGH

A vulnerability classified as critical was found in codeprojects Online Restaurant Management System 1.0. This vulnerability affects unknown code of the file /reservation_save.php. The manipulation …

Apr 7, 2025
CVE-2025-3328
8.8 HIGH

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation …

Apr 7, 2025
CVE-2025-32013
7.5 HIGH

LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing …

Apr 6, 2025
CVE-2025-2260
7.5 HIGH

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause a denial of service by specially crafted packets. …

Apr 6, 2025
CVE-2025-2259
7.5 HIGH

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of …

Apr 6, 2025
CVE-2025-2258
7.5 HIGH

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent …

Apr 6, 2025
CVE-2025-3316
7.3 HIGH

A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the …

Apr 6, 2025
CVE-2025-3315
7.3 HIGH

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the …

Apr 6, 2025
CVE-2025-3314
7.3 HIGH

A vulnerability has been found in SourceCodester Apartment Visitor Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of …

Apr 6, 2025
CVE-2025-3313
7.3 HIGH

A vulnerability, which was classified as critical, was found in PHPGurukul Men Salon Management System 1.0. Affected is an unknown function of the file /admin/add-customer.php. …

Apr 6, 2025
CVE-2025-3312
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul Men Salon Management System 1.0. This issue affects some unknown processing of the …

Apr 6, 2025
CVE-2025-3311
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Men Salon Management System 1.0. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation …

Apr 6, 2025
CVE-2025-32370
7.2 HIGH

Kentico Xperience before 13.0.178 has a specific set of allowed ContentUploader file extensions for unauthenticated uploads; however, because .zip is processed through TryZipProviderSafe, there is …

Apr 6, 2025
CVE-2025-3310
7.3 HIGH

A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the file /admin/delete.php. The …

Apr 6, 2025
CVE-2025-3309
7.3 HIGH

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality …

Apr 6, 2025
CVE-2025-3308
7.3 HIGH

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality …

Apr 6, 2025
CVE-2025-3307
7.3 HIGH

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file …

Apr 6, 2025
CVE-2025-3306
7.3 HIGH

A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /don.php. …

Apr 6, 2025
CVE-2025-3299
7.3 HIGH

A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the …

Apr 5, 2025
CVE-2024-13776
8.1 HIGH

The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial …

Apr 5, 2025
CVE-2025-2933
8.8 HIGH

The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing …

Apr 5, 2025
CVE-2025-0810
7.5 HIGH

The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.7. This is due …

Apr 5, 2025
CVE-2024-13604
7.5 HIGH

The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions …

Apr 5, 2025
CVE-2025-3266
7.3 HIGH

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of …

Apr 4, 2025
CVE-2025-3265
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-category.php. …

Apr 4, 2025
CVE-2025-3259
8.8 HIGH

A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The …

Apr 4, 2025
CVE-2024-11235
8.1 HIGH

In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a …

Apr 4, 2025
CVE-2025-3258
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Old Age Home Management System 1.0. This vulnerability affects unknown code of the file /search.php. The …

Apr 4, 2025
CVE-2025-32204
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows SQL Injection.This issue affects …

Apr 4, 2025
CVE-2025-32203
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in manu225 Falling things falling-things allows SQL Injection.This issue affects Falling things: …

Apr 4, 2025
CVE-2025-32159
7.5 HIGH

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Radius Blocks radius-blocks allows PHP Local File Inclusion.This …

Apr 4, 2025
CVE-2025-32157
7.5 HIGH

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jakub Glos Sparkle Elementor Kit sparkle-elementor-kit allows PHP Local …

Apr 4, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.