CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-31494
3.5 LOW

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebSocket API …

Apr 15, 2025
CVE-2025-3592
3.5 LOW

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/v1/link/edit. The manipulation …

Apr 14, 2025
CVE-2025-3591
3.5 LOW

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/v1/blog/edit. The …

Apr 14, 2025
CVE-2023-27272
3.1 LOW

IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system.

Apr 14, 2025
CVE-2025-3570
3.5 LOW

A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0. It has been classified as problematic. This affects the function Save of the file ContentController.java. The manipulation …

Apr 14, 2025
CVE-2025-2424
3.1 LOW

Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker …

Apr 14, 2025
CVE-2025-3568
3.5 LOW

A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of …

Apr 14, 2025
CVE-2025-3560
3.5 LOW

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /product. The manipulation of …

Apr 14, 2025
CVE-2025-3556
3.7 LOW

A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation …

Apr 14, 2025
CVE-2025-3555
3.7 LOW

A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected is an unknown function of the file /login.php. The manipulation leads to …

Apr 14, 2025
CVE-2025-30516
2.0 LOW

Mattermost Mobile Apps versions <=2.25.0 fail to terminate sessions during logout under certain conditions (e.g. poor connectivity), allowing unauthorized users on shared devices to access …

Apr 14, 2025
CVE-2023-42969
3.3 LOW

An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS …

Apr 11, 2025
CVE-2025-31362
3.7 LOW

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The …

Apr 11, 2025
CVE-2025-32816
3.1 LOW

CodeLit CourseLit before 0.57.5 allows Parameter Tampering via a payment plan associated with the wrong entity.

Apr 11, 2025
CVE-2025-0124
3.8 LOW

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to …

Apr 11, 2025
CVE-2025-24866
2.7 LOW

Mattermost versions 9.11.x <= 9.11.8 fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with delegated granular administration roles who lack access …

Apr 10, 2025
CVE-2025-2469
3.7 LOW

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a …

Apr 10, 2025
CVE-2025-32205
2.7 LOW

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in piotnetdotcom Piotnet Forms piotnetforms.This issue affects Piotnet Forms: from n/a through <= …

Apr 10, 2025
CVE-2025-26479
3.1 LOW

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data …

Apr 10, 2025
CVE-2025-23378
3.3 LOW

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially …

Apr 10, 2025
CVE-2025-29989
3.1 LOW

Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this …

Apr 10, 2025
CVE-2025-31003
2.7 LOW

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Bogdan Bendziukov Squeeze squeeze allows Retrieve Embedded Sensitive Data.This issue affects Squeeze: from …

Apr 9, 2025
CVE-2025-27192
2.7 LOW

Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature …

Apr 8, 2025
CVE-2025-3416
3.7 LOW

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined …

Apr 8, 2025
CVE-2025-32035
2.6 LOW

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 9.13.2, when uploading files (e.g. when uploading assets), …

Apr 8, 2025
CVE-2025-27443
2.8 LOW

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.

Apr 8, 2025
CVE-2025-32026
3.8 LOW

Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be …

Apr 8, 2025
CVE-2025-22855
2.7 LOW

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send …

Apr 8, 2025
CVE-2024-50565
3.1 LOW

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 …

Apr 8, 2025
CVE-2024-32122
2.3 LOW

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions …

Apr 8, 2025
CVE-2025-3403
2.7 LOW

A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function …

Apr 8, 2025
CVE-2025-3393
3.5 LOW

A vulnerability was found in mrcen springboot-ucan-admin up to 5f35162032cbe9288a04e429ef35301545143509. It has been classified as problematic. This affects an unknown part of the file /ucan-admin/index …

Apr 8, 2025
CVE-2025-3392
3.5 LOW

A vulnerability was found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file …

Apr 8, 2025
CVE-2025-3391
3.5 LOW

A vulnerability has been found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the …

Apr 8, 2025
CVE-2025-3390
3.5 LOW

A vulnerability, which was classified as problematic, was found in hailey888 oa_system up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of …

Apr 8, 2025
CVE-2025-3389
3.5 LOW

A vulnerability, which was classified as problematic, has been found in hailey888 oa_system up to 2025.01.01. This issue affects the function testMess of the file …

Apr 8, 2025
CVE-2025-3387
3.5 LOW

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The …

Apr 7, 2025
CVE-2025-3386
2.4 LOW

A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file …

Apr 7, 2025
CVE-2025-3385
2.4 LOW

A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component …

Apr 7, 2025
CVE-2025-29087
3.2 LOW

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If …

Apr 7, 2025
CVE-2025-27686
2.7 LOW

Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an …

Apr 7, 2025
CVE-2025-3360
3.7 LOW

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

Apr 7, 2025
CVE-2025-27534
3.3 LOW

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.

Apr 7, 2025
CVE-2025-25057
3.3 LOW

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.

Apr 7, 2025
CVE-2025-24304
3.3 LOW

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write.

Apr 7, 2025
CVE-2025-22842
3.3 LOW

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.

Apr 7, 2025
CVE-2025-22452
3.3 LOW

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.

Apr 7, 2025
CVE-2025-20102
3.3 LOW

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.

Apr 7, 2025
CVE-2025-3329
3.1 LOW

A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3.2/15.0.0.8. This affects an unknown part of the component Restaurant Order …

Apr 7, 2025
CVE-2025-3327
3.5 LOW

A vulnerability was found in iteaj iboot 物联网网关 1.1.3 and classified as problematic. This issue affects some unknown processing of the file /common/upload/batch of the …

Apr 7, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.