17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 9701-9750 of 17282 CVEs Page 195 of 346
CVE-2025-65563
7.5
Unknown Multiple Products

A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2

2025-12-20
CVE-2025-65562
7.5
Unknown Multiple Products

The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests

2025-12-20
CVE-2025-65561
7.5
Unknown Multiple Products

An issue was discovered in function LocalNode

2025-12-20
CVE-2025-65559
7.5
Unknown Multiple Products

An issue was discovered in Open5GS 2

2025-12-20
CVE-2025-6554
KEV Analyzed
8.1
Google Multiple Products

Type confusion in V8 in Google Chrome prior to 138

2025-07-05
CVE-2025-65530
Analyzed
8.8
Linux Multiple Products

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32

2025-12-13
CVE-2025-6553
Analyzed
9.8
WordPress Multiple Products

The Ovatheme Events Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_checkout()...

2025-10-12
CVE-2025-65518
7.5
Obsidian Multiple Products

Plesk Obsidian versions 8

2026-01-09
CVE-2025-65512
7.5
Unknown Multiple Products

A Server-Side Request Forgery (SSRF) vulnerability was discovered in the webpage-to-markdown conversion feature of markdownify-mcp v0

2025-12-12
CVE-2025-65503
Analyzed
7.5
Unknown Multiple Products

Use after free in endpoint destructors in Redboltz async_mqtt 10

2025-11-25
CVE-2025-65495
Analyzed
7.5
Integer Multiple Products

Integer signedness error in tls_verify_call_back() in src/coap_openssl

2025-11-25
CVE-2025-65494
Analyzed
7.5
Unknown Multiple Products

NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_openssl

2025-11-25
CVE-2025-65493
Analyzed
7.5
Unknown Multiple Products

NULL pointer dereference in src/coap_openssl

2025-11-25
CVE-2025-65480
8.8
Unison Multiple Products

An issue was discovered in Pacom Unison Client 5

2026-02-13
CVE-2025-65473
Analyzed
9.1
HP Multiple Products

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privil...

2025-12-12
CVE-2025-6544
Analyzed
9.8
Unknown Multiple Products

A deserialization vulnerability exists in h2oai/h2o-3 versions <= 3.46.0.8, allowing attackers to read arbitrary system files and execute arbitrary co...

2025-09-22
CVE-2025-6543
KEV Analyzed
9.5
Citrix NetScaler ADC and Gateway

Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability - Recently added to CISA KEV.

2025-07-05
CVE-2025-65397
8.4
Unknown Multiple Products

An insecure authentication mechanism in the safe_exec

2026-01-15
CVE-2025-65363
7.2
Ruijie Multiple Products

Authenticated append-style command-injection Ruijie APs (AP_RGOS 11

2025-12-09
CVE-2025-65358
Analyzed
9.8
HP Multiple Products

Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php.

2025-12-04
CVE-2025-65354
Analyzed
9.8
HP Multiple Products

Improper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_name POST par...

2025-12-24
CVE-2025-65346
Analyzed
9.1
Unknown Multiple Products

alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive cont...

2025-12-06
CVE-2025-65320
7.5
Abacre Multiple Products

Abacre Restaurant Point of Sale (POS) up to 15

2025-12-03
CVE-2025-65297
7.5
Aqara Multiple Products

Aqara Hub devices including Camera Hub G3 4

2025-12-12
CVE-2025-65295
8.1
Unknown Multiple Products

Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4

2025-12-12
CVE-2025-65292
7.3
Aqara Hub devices Multiple Products

Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4

2025-12-12
CVE-2025-65290
7.4
Aqara Multiple Products

Aqara Hub devices including Camera Hub G3 4

2025-12-12
CVE-2025-65267
Analyzed
9
Intel Multiple Products

In ERPNext v15.83.2 and Frappe Framework v15.86.0, improper validation of uploaded SVG avatar images allows attackers to embed malicious JavaScript. T...

2025-12-03
CVE-2025-6523
7.7
Devolutions Multiple Products

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via br...

2025-07-23
CVE-2025-65213
Analyzed
9.8
Intel Multiple Products

MooreThreads torch_musa through all versions contains an unsafe deserialization vulnerability in torch_musa.utils.compare_tool. The compare_for_single...

2025-12-16
CVE-2025-65212
Analyzed
9.8
Unknown Multiple Products

An issue was discovered in NJHYST HY511 POE core before 2.1 and plugins before 0.1. The vulnerability stems from the device's insufficient cookie veri...

2026-01-07
CVE-2025-65203
7.1
Browser Multiple Products

KeePassXC-Browser thru 1

2025-12-18
CVE-2025-6520
Analyzed
9.8
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Abis Technology BAPSIS allows Blind SQL Injectio...

2025-10-31
CVE-2025-65199
7.8
Linux Multiple Products

A command injection vulnerability exists in Windscribe for Linux Desktop App that allows a local user who is a member of the windscribe group to execu...

2025-12-11
CVE-2025-65176
7.5
OneAgent Multiple Products

An issue was discovered in Dynatrace OneAgent before 1

2025-12-17
CVE-2025-6514
Analyzed
9.6
Unknown Multiple Products

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response U...

2025-07-10
CVE-2025-65135
Analyzed
9.8
HP through the

In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.ph...

2026-04-15
CVE-2025-65127
7.5
Infor Multiple Products

A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23

2026-02-13
CVE-2025-65122
7.5
Unknown Multiple Products

Regex Denial of Service in youtube-regex npm package through version 1

2026-05-09
CVE-2025-65118
8.8
Unknown Multiple Products

The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbit...

2026-01-16
CVE-2025-65115
8.8
Microsoft Multiple Products

Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows,...

2026-04-07
CVE-2025-65114
Analyzed
7.5
Apache Traffic Server

Apache Traffic Server allows request smuggling if chunked messages are malformed

2026-04-03
CVE-2025-65112
Analyzed
9.4
Unknown Multiple Products

PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated user...

2025-11-30
CVE-2025-65110
8.1
Vega Multiple Products

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs

2026-01-06
CVE-2025-65108
Analyzed
10
Google Multiple Products

md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prior to version 5.2.5, a Markdown front-matter block...

2025-11-22
CVE-2025-65104
7.9
Infor Multiple Products

Firebird is an open-source relational database management system

2026-04-18
CVE-2025-65103
8.8
OpenSTAManager Multiple Products

OpenSTAManager is an open source management software for technical assistance and invoicing

2025-11-20
CVE-2025-65098
7.4
Typebot Multiple Products

Typebot is an open-source chatbot builder

2026-01-24
CVE-2025-65091
Analyzed
10
Unknown Multiple Products

XWiki Full Calendar Macro displays objects from the wiki on the calendar. Prior to version 2.4.5, users with the right to view the Calendar.JSONServic...

2026-01-10
CVE-2025-65073
7.5
Keystone Multiple Products

OpenStack Keystone before 26

2025-11-18