CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-1376
2.5 LOW

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. …

Feb 17, 2025
CVE-2025-1373
3.3 LOW

A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the …

Feb 17, 2025
CVE-2025-1371
3.3 LOW

A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the …

Feb 17, 2025
CVE-2025-1368
2.3 LOW

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects the function ReadConfiguration of the …

Feb 17, 2025
CVE-2025-1360
3.5 LOW

A vulnerability, which was classified as problematic, was found in Internet Web Solutions Sublime CRM up to 20250207. Affected is an unknown function of the …

Feb 16, 2025
CVE-2025-1341
3.7 LOW

A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. This affects an unknown part of the component Setting Handler. The manipulation leads …

Feb 16, 2025
CVE-2025-1337
3.5 LOW

A vulnerability was found in Eastnets PaymentSafe 2.5.26.0. It has been classified as problematic. This affects an unknown part of the component BIC Search. The …

Feb 16, 2025
CVE-2025-1332
2.4 LOW

A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This vulnerability affects unknown code of the file /fastcms.html#/template/menu of the …

Feb 16, 2025
CVE-2024-31144
3.8 LOW

For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.html#object-model-overview Xapi contains functionality to backup and restore metadata about Virtual Machines and Storage Repositories (SRs). The …

Feb 14, 2025
CVE-2025-0503
3.1 LOW

Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other …

Feb 14, 2025
CVE-2023-34406
3.3 LOW

An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) …

Feb 13, 2025
CVE-2023-34401
3.7 LOW

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary …

Feb 13, 2025
CVE-2025-25899
3.5 LOW

A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter at /userRpm/WanDynamicIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of …

Feb 13, 2025
CVE-2024-47266
2.7 LOW

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, …

Feb 13, 2025
CVE-2025-0692
3.5 LOW

The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such …

Feb 13, 2025
CVE-2024-13125
3.5 LOW

The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin …

Feb 13, 2025
CVE-2024-13121
3.5 LOW

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some …

Feb 13, 2025
CVE-2024-34521
3.5 LOW

A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an administrative user to access system files with the …

Feb 12, 2025
CVE-2024-39286
3.3 LOW

Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to …

Feb 12, 2025
CVE-2024-39271
2.6 LOW

Improper restriction of communication channel to intended endpoints in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software before version 23.80 may allow an unauthenticated user …

Feb 12, 2025
CVE-2024-37020
3.8 LOW

Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially …

Feb 12, 2025
CVE-2024-26021
2.3 LOW

Improper initialization in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local …

Feb 12, 2025
CVE-2024-25571
2.3 LOW

Improper input validation in some Intel(R) SPS firmware before SPS_E5_06.01.04.059.0 may allow a privileged user to potentially enable denial of service via local access.

Feb 12, 2025
CVE-2025-1215
2.8 LOW

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the …

Feb 12, 2025
CVE-2025-1213
3.5 LOW

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file …

Feb 12, 2025
CVE-2025-1209
3.5 LOW

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is the function searchuser of the file /search_resualts.php. The manipulation of …

Feb 12, 2025
CVE-2025-1208
3.5 LOW

A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /Profile.php. …

Feb 12, 2025
CVE-2025-1207
3.1 LOW

A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The …

Feb 12, 2025
CVE-2024-23563
3.9 LOW

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused …

Feb 12, 2025
CVE-2025-1196
3.5 LOW

A vulnerability, which was classified as problematic, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file …

Feb 12, 2025
CVE-2025-1195
3.5 LOW

A vulnerability, which was classified as problematic, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of …

Feb 12, 2025
CVE-2025-1190
3.5 LOW

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /_parse/load_user-profile.php. The manipulation …

Feb 12, 2025
CVE-2024-51324
3.8 LOW

An issue in the BdApiUtil driver of Baidu Antivirus v5.2.3.116083 allows attackers to terminate arbitrary process via executing a BYOVD (Bring Your Own Vulnerable Driver) …

Feb 11, 2025
CVE-2023-31331
3.0 LOW

Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially …

Feb 11, 2025
CVE-2023-20581
2.5 LOW

Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity.

Feb 11, 2025
CVE-2023-20507
2.3 LOW

An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity.

Feb 11, 2025
CVE-2024-12548
3.3 LOW

Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten …

Feb 11, 2025
CVE-2025-24432
3.7 LOW

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a …

Feb 11, 2025
CVE-2025-24430
3.7 LOW

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a …

Feb 11, 2025
CVE-2025-24429
3.5 LOW

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature …

Feb 11, 2025
CVE-2025-21337
3.3 LOW

Windows NTFS Elevation of Privilege Vulnerability

Feb 11, 2025
CVE-2024-52966
2.3 LOW

An exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0 through 7.6.0 allows attacker to cause information disclosure via filter manipulation.

Feb 11, 2025
CVE-2024-27780
2.2 LOW

Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilities [CWE-79] in FortiSIEM 7.1 all versions, 7.0 all versions, 6.7 all versions incident …

Feb 11, 2025
CVE-2025-1180
3.1 LOW

A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. …

Feb 11, 2025
CVE-2024-52611
3.5 LOW

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could …

Feb 11, 2025
CVE-2024-52606
3.5 LOW

SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input sanitation was not applied allowing for the possibility of a malicious web request.

Feb 11, 2025
CVE-2025-1174
2.4 LOW

A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file process_book_add.php …

Feb 11, 2025
CVE-2025-1171
3.5 LOW

A vulnerability classified as problematic was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the …

Feb 11, 2025
CVE-2025-1170
3.5 LOW

A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/Category.php. …

Feb 11, 2025
CVE-2025-1169
3.5 LOW

A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as problematic. This issue affects some unknown processing of the file …

Feb 11, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.