17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 9801-9850 of 17282 CVEs Page 197 of 346
CVE-2025-64678
Analyzed
8.8
Microsoft Multiple Products

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

2025-12-10
CVE-2025-64677
Analyzed
8.2
Microsoft Multiple Products

Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker t...

2025-12-19
CVE-2025-64676
7.2
Unknown Multiple Products

'

2025-12-20
CVE-2025-64675
Analyzed
8.3
Microsoft Multiple Products

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spo...

2025-12-19
CVE-2025-64673
7.8
Unknown Multiple Products

Improper access control in Storvsp

2025-12-10
CVE-2025-64672
8.8
Microsoft Multiple Products

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to p...

2025-12-10
CVE-2025-64671
8.4
Unknown Multiple Products

Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally

2025-12-10
CVE-2025-64669
Analyzed
7.8
Microsoft Multiple Products

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges locally

2025-12-12
CVE-2025-64663
Analyzed
9.9
Unknown Multiple Products

Custom Question Answering Elevation of Privilege Vulnerability

2025-12-19
CVE-2025-64661
7.8
Microsoft Multiple Products

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate...

2025-12-10
CVE-2025-64657
Analyzed
9.8
Microsoft Multiple Products

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network.

2025-11-27
CVE-2025-64656
Analyzed
9.4
Unknown Multiple Products

Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network.

2025-11-27
CVE-2025-64655
8.8
Unknown Multiple Products

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network

2025-11-20
CVE-2025-64645
Analyzed
7.7
IBM Multiple Products

IBM Concert 1

2025-12-27
CVE-2025-64642
8
Unknown Multiple Products

NMIS/BioDose V22

2025-12-03
CVE-2025-6464
7.5
HP Multiple Products

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up...

2025-07-06
CVE-2025-6463
Analyzed
8.8
WordPress Multiple Products

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insuffici...

2025-07-05
CVE-2025-6459
Analyzed
8.8
WordPress Multiple Products

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up t...

2025-07-05
CVE-2025-6454
8.5
GitLab Multiple Products

An issue has been discovered in GitLab CE/EE affecting all versions from 16

2025-09-12
CVE-2025-64539
Analyzed
9.3
Adobe Multiple Products

Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could lead to arbitrary...

2025-12-11
CVE-2025-64538
Analyzed
9.3
Adobe Multiple Products

Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could lead to arbitrary...

2025-12-11
CVE-2025-64537
Analyzed
9.3
Adobe Multiple Products

Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could lead to arbitrary...

2025-12-11
CVE-2025-64531
7.8
Stager Multiple Products

Substance3D - Stager versions 3

2025-11-13
CVE-2025-64530
7.5
Apollo Multiple Products

Apollo Federation is an architecture for declaratively composing APIs into a unified graph

2025-11-14
CVE-2025-64522
Analyzed
9.1
Unknown Multiple Products

Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where webhook URLs are not validated...

2025-11-11
CVE-2025-64519
Analyzed
8.8
HP Multiple Products

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php

2025-11-11
CVE-2025-64518
Analyzed
7.5
Intel Multiple Products

The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs

2025-11-11
CVE-2025-64516
7.5
GLPI Multiple Products

GLPI is a free asset and IT management software package

2026-01-16
CVE-2025-64512
8.6
Unknown Multiple Products

Pdfminer

2025-11-11
CVE-2025-64511
7.4
MaxKB Multiple Products

MaxKB is an open-source AI assistant for enterprise

2025-11-14
CVE-2025-64509
7.5
Bugsink Multiple Products

Bugsink is a self-hosted error tracking tool

2025-11-11
CVE-2025-64508
7.5
Bugsink Multiple Products

Bugsink is a self-hosted error tracking tool

2025-11-11
CVE-2025-64501
7.6
ProsemirrorToHtml Multiple Products

ProsemirrorToHtml is a JSON converter which takes ProseMirror-compatible JSON and outputs HTML

2025-11-11
CVE-2025-64500
7.3
HP Multiple Products

Symfony is a PHP framework for web and console applications and a set of reusable PHP components

2025-11-14
CVE-2025-64496
Analyzed
7.3
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2025-11-09
CVE-2025-64495
Analyzed
8.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2025-11-09
CVE-2025-64492
Analyzed
8.8
SuiteCRM Multiple Products

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application

2025-11-09
CVE-2025-64490
Analyzed
8.3
SuiteCRM Multiple Products

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application

2025-11-09
CVE-2025-64489
Analyzed
8.3
Intel Multiple Products

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application

2025-11-09
CVE-2025-64487
7.6
Unknown Multiple Products

Outline is a service that allows for collaborative documentation

2026-02-13
CVE-2025-64484
Analyzed
8.5
Unknown Multiple Products

OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy...

2025-11-11
CVE-2025-64469
7.8
Unknown Multiple Products

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file

2025-12-20
CVE-2025-64468
7.8
Unknown Multiple Products

There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file

2025-12-20
CVE-2025-64467
7.8
Unknown Multiple Products

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file

2025-12-20
CVE-2025-64466
7.8
Unknown Multiple Products

There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost() when parsing a corrupted VI file

2025-12-20
CVE-2025-64465
7.8
Unknown Multiple Products

There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR() when parsing a corrupted VI file

2025-12-20
CVE-2025-64464
7.8
Unknown Multiple Products

There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile() when parsing a corrupted VI file

2025-12-20
CVE-2025-64463
7.8
Unknown Multiple Products

There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource() when parsing a corrupted VI file

2025-12-20
CVE-2025-64462
7.8
Unknown Multiple Products

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMemFileHandle() when parsing a corrupted VI file

2025-12-20
CVE-2025-64461
7.8
Unknown Multiple Products

There is an out of bounds write vulnerability in NI LabVIEW in mgocre_SH_25_3!RevBL() when parsing a corrupted VI file

2025-12-20