CVE Database

9262+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-30433
9.8 CRITICAL

This issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma …

Mar 31, 2025
CVE-2025-30430
9.8 CRITICAL

This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. …

Mar 31, 2025
CVE-2025-30426
9.8 CRITICAL

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, …

Mar 31, 2025
CVE-2025-30424
9.8 CRITICAL

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Deleting a …

Mar 31, 2025
CVE-2025-24273
9.8 CRITICAL

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An …

Mar 31, 2025
CVE-2025-24269
9.8 CRITICAL

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to cause unexpected system …

Mar 31, 2025
CVE-2025-24266
9.8 CRITICAL

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app …

Mar 31, 2025
CVE-2025-24265
9.8 CRITICAL

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app …

Mar 31, 2025
CVE-2025-24264
9.8 CRITICAL

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, …

Mar 31, 2025
CVE-2025-24263
9.8 CRITICAL

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be …

Mar 31, 2025
CVE-2025-24260
9.8 CRITICAL

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in …

Mar 31, 2025
CVE-2025-24259
9.8 CRITICAL

This issue was addressed with additional entitlement checks. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An …

Mar 31, 2025
CVE-2025-24256
9.8 CRITICAL

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may …

Mar 31, 2025
CVE-2025-24253
9.8 CRITICAL

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app …

Mar 31, 2025
CVE-2025-24250
9.8 CRITICAL

This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app …

Mar 31, 2025
CVE-2025-24249
9.8 CRITICAL

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app …

Mar 31, 2025
CVE-2025-24247
9.8 CRITICAL

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker …

Mar 31, 2025
CVE-2025-24246
9.8 CRITICAL

An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may …

Mar 31, 2025
CVE-2025-24245
9.8 CRITICAL

This issue was addressed by adding a delay between verification code attempts. This issue is fixed in macOS Sequoia 15.4. A malicious app may be …

Mar 31, 2025
CVE-2025-24241
9.8 CRITICAL

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may …

Mar 31, 2025
CVE-2025-24238
9.8 CRITICAL

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS …

Mar 31, 2025
CVE-2025-24237
9.8 CRITICAL

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS …

Mar 31, 2025
CVE-2025-24233
9.8 CRITICAL

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app …

Mar 31, 2025
CVE-2025-24232
9.8 CRITICAL

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app …

Mar 31, 2025
CVE-2025-24231
9.8 CRITICAL

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be …

Mar 31, 2025
CVE-2025-24230
9.8 CRITICAL

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, …

Mar 31, 2025
CVE-2025-24211
9.8 CRITICAL

This issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma …

Mar 31, 2025
CVE-2025-24207
9.8 CRITICAL

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may …

Mar 31, 2025
CVE-2025-24204
9.8 CRITICAL

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.

Mar 31, 2025
CVE-2025-24195
9.8 CRITICAL

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user …

Mar 31, 2025
CVE-2025-24190
9.8 CRITICAL

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma …

Mar 31, 2025
CVE-2025-24181
9.8 CRITICAL

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may …

Mar 31, 2025
CVE-2025-24178
9.8 CRITICAL

This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma …

Mar 31, 2025
CVE-2025-24172
9.8 CRITICAL

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. "Block All …

Mar 31, 2025
CVE-2025-24167
9.8 CRITICAL

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. …

Mar 31, 2025
CVE-2025-31691
9.8 CRITICAL

Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.This issue affects OAuth2 Server: from 0.0.0 before 2.1.0.

Mar 31, 2025
CVE-2025-31685
9.1 CRITICAL

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.

Mar 31, 2025
CVE-2025-31681
9.8 CRITICAL

Missing Authorization vulnerability in Drupal Authenticator Login allows Forceful Browsing.This issue affects Authenticator Login: from 0.0.0 before 2.0.6.

Mar 31, 2025
CVE-2024-54809
9.8 CRITICAL

Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in …

Mar 31, 2025
CVE-2024-54808
9.8 CRITICAL

Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows …

Mar 31, 2025
CVE-2024-54807
9.8 CRITICAL

In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the …

Mar 31, 2025
CVE-2024-54806
9.8 CRITICAL

Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface.

Mar 31, 2025
CVE-2024-54805
9.8 CRITICAL

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter get_email. …

Mar 31, 2025
CVE-2024-54804
9.8 CRITICAL

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter wan_hostname …

Mar 31, 2025
CVE-2024-54803
9.8 CRITICAL

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoe_peer_mac …

Mar 31, 2025
CVE-2024-54802
9.8 CRITICAL

In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header.

Mar 31, 2025
CVE-2025-30223
9.3 CRITICAL

Beego is an open-source web framework for the Go programming language. Prior to 2.3.6, a Cross-Site Scripting (XSS) vulnerability exists in Beego's RenderForm() function due …

Mar 31, 2025
CVE-2025-30095
9.0 CRITICAL

VyOS 1.3 through 1.5 (fixed in 1.4.2) or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across …

Mar 31, 2025
CVE-2025-22941
9.8 CRITICAL

A command injection vulnerability in the web interface of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands.

Mar 31, 2025
CVE-2025-22940
9.1 CRITICAL

Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to arbitrarily set the admin password.

Mar 31, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.