CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-0760
2.7 LOW

A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption.

Feb 26, 2025
CVE-2025-22211
3.4 LOW

A SQL injection vulnerability in the JoomShopping component versions 1.0.0-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the country management …

Feb 25, 2025
CVE-2024-53879
2.8 LOW

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed …

Feb 25, 2025
CVE-2024-53878
2.8 LOW

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed …

Feb 25, 2025
CVE-2024-53877
3.3 LOW

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a …

Feb 25, 2025
CVE-2024-53876
3.3 LOW

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed …

Feb 25, 2025
CVE-2024-53875
3.3 LOW

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed …

Feb 25, 2025
CVE-2024-53874
3.3 LOW

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed …

Feb 25, 2025
CVE-2024-53873
3.3 LOW

NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF …

Feb 25, 2025
CVE-2024-53872
3.3 LOW

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed …

Feb 25, 2025
CVE-2024-53871
3.3 LOW

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed …

Feb 25, 2025
CVE-2024-53870
3.3 LOW

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed …

Feb 25, 2025
CVE-2025-27146
2.7 LOW

matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command …

Feb 25, 2025
CVE-2025-26977
3.8 LOW

Authorization Bypass Through User-Controlled Key vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through …

Feb 25, 2025
CVE-2024-51539
2.3 LOW

The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements …

Feb 25, 2025
CVE-2024-10545
3.5 LOW

The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.9 does not sanitise and escape some of its Image settings, which could allow high privilege …

Feb 25, 2025
CVE-2025-27145
3.6 LOW

copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone a …

Feb 25, 2025
CVE-2025-26532
3.1 LOW

Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.

Feb 24, 2025
CVE-2025-26531
3.1 LOW

Insufficient capability checks made it possible to disable badges a user does not have permission to access.

Feb 24, 2025
CVE-2025-26528
3.4 LOW

The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.

Feb 24, 2025
CVE-2025-1632
3.3 LOW

A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The …

Feb 24, 2025
CVE-2025-1412
3.1 LOW

Mattermost versions 9.11.x <= 9.11.6, 10.4.x <= 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted …

Feb 24, 2025
CVE-2025-1629
3.5 LOW

A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has been classified as problematic. Affected is an unknown function …

Feb 24, 2025
CVE-2025-1617
2.4 LOW

A vulnerability, which was classified as problematic, was found in Netis WF2780 2.1.41925. This affects an unknown part of the component Wireless 2.4G Menu. The …

Feb 24, 2025
CVE-2025-1615
2.4 LOW

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT …

Feb 24, 2025
CVE-2025-1614
2.4 LOW

A vulnerability classified as problematic has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected is an unknown function of the file /goform/portForwardingCfg of the …

Feb 24, 2025
CVE-2025-1613
2.4 LOW

A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It has been rated as problematic. This issue affects some unknown processing of the file …

Feb 24, 2025
CVE-2025-1612
3.5 LOW

A vulnerability was found in Edimax BR-6288ACL 1.30. It has been declared as problematic. This vulnerability affects unknown code of the file wireless5g_basic.asp. The manipulation …

Feb 24, 2025
CVE-2025-1597
3.5 LOW

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been classified as problematic. Affected is an unknown function of the file …

Feb 23, 2025
CVE-2025-1592
2.4 LOW

A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality …

Feb 23, 2025
CVE-2025-1591
2.4 LOW

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of …

Feb 23, 2025
CVE-2025-1586
3.5 LOW

A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /Blood/A-.php. …

Feb 23, 2025
CVE-2025-1585
2.4 LOW

A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file …

Feb 23, 2025
CVE-2025-1579
2.4 LOW

A vulnerability was found in code-projects Blood Bank System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/user.php. The …

Feb 23, 2025
CVE-2025-1577
3.5 LOW

A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected by this issue is some unknown functionality of …

Feb 23, 2025
CVE-2024-47896
3.3 LOW

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU …

Feb 22, 2025
CVE-2025-1553
3.5 LOW

A vulnerability was found in pankajindevops scale up to 3633544a00245d3df88b6d13d9b3dd0f411be7f6. It has been classified as problematic. Affected is an unknown function of the file /scale/project. …

Feb 22, 2025
CVE-2024-45674
3.3 LOW

IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for …

Feb 22, 2025
CVE-2025-25878
3.8 LOW

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL …

Feb 21, 2025
CVE-2025-25877
3.8 LOW

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /admin.php. The attack can use SQL …

Feb 21, 2025
CVE-2025-1548
3.5 LOW

A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The …

Feb 21, 2025
CVE-2024-13585
3.5 LOW

The Ajax Search Lite WordPress plugin before 4.12.5 does not sanitise and escape some of its settings, which could allow high privilege users such as …

Feb 21, 2025
CVE-2024-13314
3.5 LOW

The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.7.4 does not sanitise and escape some of its settings, which could allow high privilege …

Feb 21, 2025
CVE-2024-12173
3.5 LOW

The Master Slider WordPress plugin before 3.10.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor …

Feb 19, 2025
CVE-2025-27113
2.9 LOW

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

Feb 18, 2025
CVE-2024-57257
2.0 LOW

A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting.

Feb 18, 2025
CVE-2024-4028
3.8 LOW

A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource …

Feb 18, 2025
CVE-2025-1392
3.5 LOW

A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. …

Feb 17, 2025
CVE-2025-1378
3.3 LOW

A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component …

Feb 17, 2025
CVE-2025-1377
3.3 LOW

A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of …

Feb 17, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.