CVE Database

111589+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-66325
6.2 MEDIUM

Permission control vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Dec 8, 2025
CVE-2025-58279
4.4 MEDIUM

Permission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Dec 8, 2025
CVE-2025-26489
6.5 MEDIUM

Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and reboot the appliance, thus causing a …

Dec 8, 2025
CVE-2025-26488
7.5 HIGH

Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of the appliance, thus causing a …

Dec 8, 2025
CVE-2025-26487
8.6 HIGH

Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows remote unauthenticated users to gain access to other network resources using HTTPS requests through the …

Dec 8, 2025
CVE-2025-14224
4.3 MEDIUM

A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File …

Dec 8, 2025
CVE-2025-12956
8.7 HIGH

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary …

Dec 8, 2025
CVE-2025-66326
6.7 MEDIUM

Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability.

Dec 8, 2025
CVE-2025-66324
8.4 HIGH

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity.

Dec 8, 2025
CVE-2025-66323
5.3 MEDIUM

Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability.

Dec 8, 2025
CVE-2025-66322
5.1 MEDIUM

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Dec 8, 2025
CVE-2025-66321
5.1 MEDIUM

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Dec 8, 2025
CVE-2025-66320
5.1 MEDIUM

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Dec 8, 2025
CVE-2025-14255
6.5 MEDIUM

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

Dec 8, 2025
CVE-2025-14254
6.5 MEDIUM

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

Dec 8, 2025
CVE-2025-14253
4.9 MEDIUM

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary …

Dec 8, 2025
CVE-2025-14223
7.3 HIGH

A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation …

Dec 8, 2025
CVE-2025-14222
6.3 MEDIUM

A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /print_personnel_report.php. This manipulation of the …

Dec 8, 2025
CVE-2025-14221
3.5 LOW

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First …

Dec 8, 2025
CVE-2025-14220
4.3 MEDIUM

A security vulnerability has been detected in ORICO CD3510 1.9.12. This affects an unknown function of the component File Upload. The manipulation leads to path …

Dec 8, 2025
CVE-2025-14219
4.7 MEDIUM

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/admin_running.php. Executing …

Dec 8, 2025
CVE-2025-14218
7.3 HIGH

A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation …

Dec 8, 2025
CVE-2025-14217
7.3 HIGH

A vulnerability was identified in code-projects Currency Exchange System 1.0. Impacted is an unknown function of the file /edittrns.php. Such manipulation of the argument ID …

Dec 8, 2025
CVE-2025-14216
7.3 HIGH

A vulnerability was determined in code-projects Currency Exchange System 1.0. This issue affects some unknown processing of the file /viewserial.php. This manipulation of the argument …

Dec 8, 2025
CVE-2025-14215
7.3 HIGH

A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID …

Dec 8, 2025
CVE-2025-14214
6.3 MEDIUM

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /section_edit1.php. The manipulation of the argument …

Dec 8, 2025
CVE-2025-14212
7.3 HIGH

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /member_search.php. Executing …

Dec 8, 2025
CVE-2025-14211
7.3 HIGH

A vulnerability was detected in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /delete_book.php. Performing a …

Dec 8, 2025
CVE-2025-14210
7.3 HIGH

A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /delete_member.php. Such manipulation of …

Dec 8, 2025
CVE-2025-14209
7.3 HIGH

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /update_query.php. This manipulation of the …

Dec 8, 2025
CVE-2023-53769

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which …

Dec 8, 2025
CVE-2023-53768

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling …

Dec 8, 2025
CVE-2023-53767

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work() Currently the buffer pointed by event is not …

Dec 8, 2025
CVE-2023-53766

In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for …

Dec 8, 2025
CVE-2023-53765

In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btracker_destroy Otherwise the kernel can BUG with: …

Dec 8, 2025
CVE-2023-53764

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peer_id find ath12k_peer_find_by_id() requires that the caller hold the ab->base_lock. …

Dec 8, 2025
CVE-2023-53763

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs …

Dec 8, 2025
CVE-2023-53762

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync Use-after-free can occur in hci_disconnect_all_sync if a connection is …

Dec 8, 2025
CVE-2023-53761

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem …

Dec 8, 2025
CVE-2023-53760

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq->cq_lock deadlock issue When ufshcd_err_handler() is executed, CQ event interrupt …

Dec 8, 2025
CVE-2023-53759

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidraw_open() function increments the hidraw device …

Dec 8, 2025
CVE-2023-53758

In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove() An early error exit …

Dec 8, 2025
CVE-2023-53757

In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe of_irq_find_parent() returns a node pointer with refcount incremented, We …

Dec 8, 2025
CVE-2023-53756

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR …

Dec 8, 2025
CVE-2023-53755

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur …

Dec 8, 2025
CVE-2023-53754

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() When if_type equals zero and pci_resource_start(pdev, PCI_64BIT_BAR4) returns …

Dec 8, 2025
CVE-2023-53753

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of …

Dec 8, 2025
CVE-2023-53752

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmalloc_reserve() Blamed commit changed: ptr = kmalloc(size); if (ptr) …

Dec 8, 2025
CVE-2023-53751

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times …

Dec 8, 2025
CVE-2023-53750

In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when num_configs is 1 The config passed …

Dec 8, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.