CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-29923
3.7 LOW

go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when …

Mar 20, 2025
CVE-2024-7598
3.1 LOW

A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The …

Mar 20, 2025
CVE-2024-13922
2.7 LOW

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the …

Mar 20, 2025
CVE-2025-30259
3.5 LOW

The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote …

Mar 20, 2025
CVE-2025-30258
2.7 LOW

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has …

Mar 19, 2025
CVE-2025-30197
3.1 LOW

Jenkins Zoho QEngine Plugin 1.0.29.vfa_cc23396502 and earlier does not mask the QEngine API Key form field, increasing the potential for attackers to observe and capture …

Mar 19, 2025
CVE-2024-42176
2.6 LOW

HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability occurs when simultaneous active sessions are allowed for a single credential allowing an …

Mar 19, 2025
CVE-2025-30235
3.5 LOW

Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of …

Mar 19, 2025
CVE-2025-25040
3.3 LOW

A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and …

Mar 18, 2025
CVE-2025-2491
2.4 LOW

A vulnerability classified as problematic has been found in Dromara ujcms 9.7.5. This affects the function update of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileTemplateController.java of the component Edit …

Mar 18, 2025
CVE-2025-2490
2.4 LOW

A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file …

Mar 18, 2025
CVE-2025-2397
2.4 LOW

A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been declared as problematic. This vulnerability affects …

Mar 17, 2025
CVE-2025-29431
3.2 LOW

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/department.php via the id, code, and name parameters.

Mar 17, 2025
CVE-2025-25618
3.3 LOW

Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers.

Mar 17, 2025
CVE-2025-1398
3.3 LOW

Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via …

Mar 17, 2025
CVE-2019-17659
3.7 LOW

A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as …

Mar 17, 2025
CVE-2025-2377
3.5 LOW

A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file …

Mar 17, 2025
CVE-2025-2375
3.5 LOW

A vulnerability, which was classified as problematic, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an unknown function of the file …

Mar 17, 2025
CVE-2025-2371
3.5 LOW

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown …

Mar 17, 2025
CVE-2025-2366
2.4 LOW

A vulnerability, which was classified as problematic, was found in gougucms 4.08.18. This affects the function add of the file /admin/department/add of the component Add …

Mar 17, 2025
CVE-2025-2364
3.5 LOW

A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. …

Mar 17, 2025
CVE-2025-2356
3.7 LOW

A vulnerability was found in BlackVue App 3.65 on Android. It has been classified as problematic. This affects the function deviceDelete of the component API …

Mar 17, 2025
CVE-2025-2355
3.3 LOW

A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component …

Mar 17, 2025
CVE-2025-2352
2.4 LOW

A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/indexConfigs/save of …

Mar 16, 2025
CVE-2025-2349
3.1 LOW

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown …

Mar 16, 2025
CVE-2025-2341
3.1 LOW

A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of …

Mar 16, 2025
CVE-2025-2340
2.4 LOW

A vulnerability was found in otale Tale Blog 2.0.5. It has been declared as problematic. This vulnerability affects the function saveOptions of the file /options/save …

Mar 16, 2025
CVE-2025-1624
3.5 LOW

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as …

Mar 16, 2025
CVE-2025-1623
3.5 LOW

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as …

Mar 16, 2025
CVE-2025-1622
3.5 LOW

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as …

Mar 16, 2025
CVE-2025-2335
3.5 LOW

A vulnerability classified as problematic was found in Drivin Soluções up to 20250226. This vulnerability affects unknown code of the file /api/school/registerSchool of the component …

Mar 16, 2025
CVE-2025-2157
3.3 LOW

A flaw was found in Foreman/Red Hat Satellite. Improper file permissions allow low-privileged OS users to monitor and access temporary files under /var/tmp, exposing sensitive …

Mar 15, 2025
CVE-2025-2295
3.5 LOW

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability …

Mar 14, 2025
CVE-2022-29059
2.7 LOW

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb version 7.0.1 and below, 6.4.2 and below, 6.3.20 …

Mar 14, 2025
CVE-2025-27496
3.3 LOW

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 …

Mar 13, 2025
CVE-2024-8402
3.7 LOW

An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting …

Mar 13, 2025
CVE-2024-7296
2.7 LOW

An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which …

Mar 13, 2025
CVE-2025-21860
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency when zswap_store_page() fails Commit b7c0ccdfbafd ("mm: zswap: support large folios in zswap_store()") …

Mar 12, 2025
CVE-2025-21851
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y, …

Mar 12, 2025
CVE-2025-24912
3.7 LOW

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and …

Mar 12, 2025
CVE-2025-2220
3.3 LOW

A vulnerability was found in Odyssey CMS up to 10.34. It has been classified as problematic. Affected is an unknown function of the file /modules/odyssey_contact_form/odyssey_contact_form.php …

Mar 12, 2025
CVE-2025-2214
3.5 LOW

A vulnerability was found in Microweber 2.0.19. It has been rated as problematic. This issue affects some unknown processing of the file userfiles/modules/settings/group/website_group/index.php of the …

Mar 12, 2025
CVE-2025-2213
2.4 LOW

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp …

Mar 11, 2025
CVE-2025-2212
2.4 LOW

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been classified as problematic. This affects an unknown part of the file /RgSwInfo.asp. …

Mar 11, 2025
CVE-2025-2211
2.4 LOW

A vulnerability was found in aitangbao springboot-manager 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sysDictDetail/add. The …

Mar 11, 2025
CVE-2025-2210
2.4 LOW

A vulnerability has been found in aitangbao springboot-manager 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /sysJob/add. …

Mar 11, 2025
CVE-2025-2209
2.4 LOW

A vulnerability, which was classified as problematic, was found in aitangbao springboot-manager 3.0. Affected is an unknown function of the file /sysDict/add. The manipulation of …

Mar 11, 2025
CVE-2025-2208
2.4 LOW

A vulnerability, which was classified as problematic, has been found in aitangbao springboot-manager 3.0. This issue affects some unknown processing of the file /sysFiles/upload of …

Mar 11, 2025
CVE-2025-0900
3.3 LOW

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Mar 11, 2025
CVE-2025-2207
2.4 LOW

A vulnerability classified as problematic was found in aitangbao springboot-manager 3.0. This vulnerability affects unknown code of the file /sys/dept. The manipulation of the argument …

Mar 11, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.