CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-23439
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in willshouse TinyMCE Extended Config tinymce-extended-config allows Reflected XSS.This issue affects TinyMCE Extended Config: …

Mar 3, 2025
CVE-2025-23437
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nord_tramper ntp-header-images header-images-rotator allows Reflected XSS.This issue affects ntp-header-images: from n/a through <= …

Mar 3, 2025
CVE-2025-23433
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jnwry vcOS vcos allows Reflected XSS.This issue affects vcOS: from n/a through <= …

Mar 3, 2025
CVE-2025-23425
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marekki Marekkis Watermark marekkis-watermark allows Reflected XSS.This issue affects Marekkis Watermark: from n/a …

Mar 3, 2025
CVE-2025-21424
7.8 HIGH

Memory corruption while calling the NPU driver APIs concurrently.

Mar 3, 2025
CVE-2025-0475
8.7 HIGH

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. …

Mar 3, 2025
CVE-2024-53034
7.8 HIGH

Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.

Mar 3, 2025
CVE-2024-53033
7.8 HIGH

Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.

Mar 3, 2025
CVE-2024-53032
7.8 HIGH

Memory corruption may occur in keyboard virtual device due to guest VM interaction.

Mar 3, 2025
CVE-2024-53031
7.8 HIGH

Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine.

Mar 3, 2025
CVE-2024-53030
7.8 HIGH

Memory corruption while processing input message passed from FE driver.

Mar 3, 2025
CVE-2024-53029
7.8 HIGH

Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine.

Mar 3, 2025
CVE-2024-53028
7.8 HIGH

Memory corruption may occur while processing message from frontend during allocation.

Mar 3, 2025
CVE-2024-53027
7.5 HIGH

Transient DOS may occur while processing the country IE.

Mar 3, 2025
CVE-2024-53024
7.8 HIGH

Memory corruption in display driver while detaching a device.

Mar 3, 2025
CVE-2024-53023
7.8 HIGH

Memory corruption may occur while accessing a variable during extended back to back tests.

Mar 3, 2025
CVE-2024-53022
7.8 HIGH

Memory corruption may occur during communication between primary and guest VM.

Mar 3, 2025
CVE-2024-53014
7.8 HIGH

Memory corruption may occur while validating ports and channels in Audio driver.

Mar 3, 2025
CVE-2024-53012
7.8 HIGH

Memory corruption may occur due to improper input validation in clock device.

Mar 3, 2025
CVE-2024-53011
7.9 HIGH

Information disclosure may occur due to improper permission and access controls to Video Analytics engine.

Mar 3, 2025
CVE-2024-49836
7.8 HIGH

Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.

Mar 3, 2025
CVE-2024-45580
7.8 HIGH

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

Mar 3, 2025
CVE-2024-43062
7.8 HIGH

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

Mar 3, 2025
CVE-2024-43061
7.8 HIGH

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

Mar 3, 2025
CVE-2024-43060
7.8 HIGH

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

Mar 3, 2025
CVE-2024-43059
7.8 HIGH

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

Mar 3, 2025
CVE-2024-43057
7.8 HIGH

Memory corruption while processing command in Glink linux.

Mar 3, 2025
CVE-2024-43055
7.8 HIGH

Memory corruption while processing camera use case IOCTL call.

Mar 3, 2025
CVE-2025-24846
7.5 HIGH

Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker …

Mar 3, 2025
CVE-2025-24654
7.1 HIGH

Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo.This issue affects SEO Plugin by Squirrly SEO: from n/a through <= 12.4.07.

Mar 3, 2025
CVE-2025-1859
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file /login.php. …

Mar 3, 2025
CVE-2025-1858
7.3 HIGH

A vulnerability classified as critical was found in Codezips Online Shopping Website 1.0. This vulnerability affects unknown code of the file /success.php. The manipulation of …

Mar 3, 2025
CVE-2025-1857
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. …

Mar 3, 2025
CVE-2025-1856
7.3 HIGH

A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of …

Mar 3, 2025
CVE-2025-1723
8.1 HIGH

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only …

Mar 3, 2025
CVE-2025-1853
8.8 HIGH

A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file /goform/SetIpMacBind of the component …

Mar 3, 2025
CVE-2025-1852
8.8 HIGH

A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation …

Mar 3, 2025
CVE-2025-1851
8.8 HIGH

A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The …

Mar 3, 2025
CVE-2025-1850
7.3 HIGH

A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Affected by this issue is some unknown functionality of …

Mar 3, 2025
CVE-2025-20645
7.8 HIGH

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if …

Mar 3, 2025
CVE-2025-25951
7.5 HIGH

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive …

Mar 3, 2025
CVE-2025-25950
8.1 HIGH

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, …

Mar 3, 2025
CVE-2025-1841
7.3 HIGH

A vulnerability classified as critical has been found in ESAFENET CDG 5.6.3.154.205. This affects an unknown part of the file /CDGServer3/logManagement/ClientSortLog.jsp. The manipulation of the …

Mar 3, 2025
CVE-2025-1840
7.3 HIGH

A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by this issue is some unknown functionality of the file …

Mar 3, 2025
CVE-2025-1815
7.3 HIGH

A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \resource\resource.go. The …

Mar 2, 2025
CVE-2025-1814
8.8 HIGH

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file …

Mar 2, 2025
CVE-2025-1811
7.3 HIGH

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been declared as critical. Affected by this vulnerability is an unknown …

Mar 2, 2025
CVE-2025-1809
7.3 HIGH

A vulnerability was found in Pixsoft Sol up to 7.6.6c and classified as critical. This issue affects some unknown processing of the file /pix_projetos/servlet?act=login&submit=1&evento=0&pixrnd=0125021816444195731041 of …

Mar 2, 2025
CVE-2025-1808
7.3 HIGH

A vulnerability has been found in Pixsoft E-Saphira 1.7.24 and classified as critical. This vulnerability affects unknown code of the file /servlet?act=login&tipo=1 of the component …

Mar 2, 2025
CVE-2025-1804
7.0 HIGH

A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in …

Mar 1, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.