CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-0784
3.7 LOW

A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. This vulnerability affects unknown code of the file /v1/usuario/ of …

Jan 28, 2025
CVE-2024-11954
2.4 LOW

A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation …

Jan 28, 2025
CVE-2024-0149
3.3 LOW

NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might …

Jan 28, 2025
CVE-2025-24145
3.3 LOW

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia …

Jan 27, 2025
CVE-2025-24141
3.3 LOW

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to …

Jan 27, 2025
CVE-2025-24121
3.3 LOW

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may …

Jan 27, 2025
CVE-2025-24100
3.3 LOW

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may …

Jan 27, 2025
CVE-2024-54516
3.3 LOW

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. An app may be able to …

Jan 27, 2025
CVE-2024-54475
3.3 LOW

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS …

Jan 27, 2025
CVE-2024-44172
3.3 LOW

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.3, macOS …

Jan 27, 2025
CVE-2025-0730
3.7 LOW

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usr_account_set.cgi …

Jan 27, 2025
CVE-2024-43446
3.5 LOW

An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This …

Jan 27, 2025
CVE-2024-13116
3.8 LOW

The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin …

Jan 27, 2025
CVE-2024-28766
2.4 LOW

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks …

Jan 27, 2025
CVE-2025-0720
3.3 LOW

A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes …

Jan 26, 2025
CVE-2024-13450
3.8 LOW

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable …

Jan 25, 2025
CVE-2025-0710
3.5 LOW

A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /notice-list of the …

Jan 24, 2025
CVE-2025-0709
2.4 LOW

A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the …

Jan 24, 2025
CVE-2025-0708
3.5 LOW

A vulnerability was found in fumiao opencms 2.2. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/model/addOrUpdate of the …

Jan 24, 2025
CVE-2025-0706
2.4 LOW

A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this issue is some unknown functionality of the file …

Jan 24, 2025
CVE-2024-35122
2.8 LOW

IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to a file level local denial of service caused by an insufficient authority requirement. A local …

Jan 24, 2025
CVE-2025-24034
3.2 LOW

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is …

Jan 23, 2025
CVE-2024-52328
2.3 LOW

ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the camera is on. An attacker with access to the /data filesystem …

Jan 23, 2025
CVE-2024-12079
3.3 LOW

ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An attacker can steal a lawnmower, read the PIN, and reset the …

Jan 23, 2025
CVE-2024-42186
2.8 LOW

BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can allow improper handling of SSL certificates validation.

Jan 23, 2025
CVE-2024-42185
2.5 LOW

BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. This allows an attacker to exploit this vulnerability …

Jan 23, 2025
CVE-2024-42184
2.5 LOW

BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to download files using …

Jan 23, 2025
CVE-2024-42183
2.5 LOW

BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without …

Jan 23, 2025
CVE-2024-42182
2.5 LOW

BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server …

Jan 23, 2025
CVE-2025-0625
3.1 LOW

A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. …

Jan 22, 2025
CVE-2025-21546
3.8 LOW

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior …

Jan 21, 2025
CVE-2025-21520
1.8 LOW

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and …

Jan 21, 2025
CVE-2025-0581
3.5 LOW

A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the …

Jan 20, 2025
CVE-2025-0578
3.5 LOW

A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as problematic. Affected is an unknown function of the …

Jan 20, 2025
CVE-2025-0575
3.9 LOW

A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the …

Jan 19, 2025
CVE-2025-0560
2.4 LOW

A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of …

Jan 18, 2025
CVE-2025-0559
2.4 LOW

A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file …

Jan 18, 2025
CVE-2025-0538
3.5 LOW

A vulnerability, which was classified as problematic, was found in code-projects Tourism Management System 1.0. Affected is an unknown function of the file /admin/manage-pages.php. The …

Jan 17, 2025
CVE-2025-0537
2.4 LOW

A vulnerability, which was classified as problematic, has been found in code-projects Car Rental Management System 1.0. This issue affects some unknown processing of the …

Jan 17, 2025
CVE-2024-54681
3.5 LOW

Multiple bash files were present in the application's private directory. Bash files can be used on their own, by an attacker that has already full …

Jan 17, 2025
CVE-2025-0530
3.5 LOW

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /_parse/_feedback_system.php. The manipulation …

Jan 17, 2025
CVE-2024-37181
2.6 LOW

Time-of-check time-of-use race condition in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable information disclosure via adjacent …

Jan 16, 2025
CVE-2024-57611
3.5 LOW

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId.

Jan 16, 2025
CVE-2024-57159
3.5 LOW

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html.

Jan 16, 2025
CVE-2024-55503
3.3 LOW

An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES component.

Jan 15, 2025
CVE-2024-53407
3.3 LOW

In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access …

Jan 15, 2025
CVE-2025-0485
3.5 LOW

A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfig_doedit.php. The manipulation …

Jan 15, 2025
CVE-2025-0483
3.5 LOW

A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic. This vulnerability affects unknown code of the file /fladmin/jump.php. The manipulation of …

Jan 15, 2025
CVE-2024-40839
2.4 LOW

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an …

Jan 15, 2025
CVE-2024-5198
3.3 LOW

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a …

Jan 15, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.