17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 10851-10900 of 17282 CVEs Page 218 of 346
CVE-2025-59460
7.5
Unknown Multiple Products

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access

2025-10-27
CVE-2025-59458
8.3
Junie Multiple Products

In JetBrains Junie before 252

2025-09-17
CVE-2025-59457
7.7
TeamCity Multiple Products

In JetBrains TeamCity before 2025

2025-09-17
CVE-2025-59439
Analyzed
7.5
Samsung Mobile Processor

An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123

2026-02-05
CVE-2025-59434
Analyzed
9.6
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to August 2025 Cloud-Hosted Flowise, an authenticated v...

2025-09-22
CVE-2025-59430
8.2
Unknown Multiple Products

Mesh Connect JS SDK contains JS libraries for integrating with Mesh Connect

2025-09-22
CVE-2025-59425
7.5
Unknown Multiple Products

vLLM is an inference and serving engine for large language models (LLMs)

2025-10-07
CVE-2025-59424
7.3
LinkAce Multiple Products

LinkAce is a self-hosted archive to collect website links

2025-09-18
CVE-2025-59420
Analyzed
7.5
Unknown Multiple Products

Authlib is a Python library which builds OAuth and OpenID Connect servers

2025-09-22
CVE-2025-59409
Analyzed
7.5
Flock Multiple Products

Flock Safety Falcon and Sparrow License Plate Readers OPM1

2025-10-02
CVE-2025-59408
7.3
Flock Multiple Products

Flock Safety Bravo Edge AI Compute Device BRAVO_00

2025-09-26
CVE-2025-59407
Analyzed
9.8
Google Multiple Products

The Flock Safety DetectionProcessing com.flocksafety.android.objects application 6.35.33 for Android (installed on Falcon and Sparrow License Plate Re...

2025-10-02
CVE-2025-59405
7.5
Flock Multiple Products

The Flock Safety Peripheral com

2025-10-02
CVE-2025-59404
7.5
Flock Multiple Products

Flock Safety Bravo Edge AI Compute Device BRAVO_00

2025-09-26
CVE-2025-59390
Analyzed
9.8
Apache Multiple Products

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration is...

2025-11-27
CVE-2025-59379
7.5
DwyerOmega Multiple Products

DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1

2026-01-07
CVE-2025-59375
Analyzed
7.5
Expat Multiple Products

libexpat in Expat before 2

2025-09-15
CVE-2025-59374
KEV
9.5
Asus Live Update

ASUS Live Update Embedded Malicious Code Vulnerability - Active in CISA KEV catalog.

2025-12-18
CVE-2025-59363
Analyzed
7.7
Intel Multiple Products

In One Identity OneLogin before 2025

2025-09-14
CVE-2025-59362
8.2
Squid Multiple Products

Squid through 7

2025-09-26
CVE-2025-59361
Analyzed
9.8
Kubernetes Multiple Products

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthen...

2025-09-15
CVE-2025-59360
Analyzed
9.8
Kubernetes Multiple Products

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthen...

2025-09-15
CVE-2025-59359
Analyzed
9.8
Kubernetes Multiple Products

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthentica...

2025-09-15
CVE-2025-59358
Analyzed
7.5
Kubernetes Multiple Products

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides...

2025-09-15
CVE-2025-59353
7.5
Dragonfly Multiple Products

Dragonfly is an open source P2P-based file distribution and image acceleration system

2025-09-18
CVE-2025-59352
Analyzed
9.8
Unknown Multiple Products

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the gRPC API and HTTP APIs allow peers to send...

2025-09-18
CVE-2025-59348
7.5
Dragonfly Multiple Products

Dragonfly is an open source P2P-based file distribution and image acceleration system

2025-09-18
CVE-2025-59344
7.7
Unknown Multiple Products

AliasVault is a privacy-first password manager with built-in email aliasing

2025-09-19
CVE-2025-59340
Analyzed
9.8
Unknown Multiple Products

jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFa...

2025-09-17
CVE-2025-59334
Analyzed
9.6
Unknown Multiple Products

Linkr is a lightweight file delivery system that downloads files from a webserver. Linkr versions through 2.0.0 do not verify the integrity or authent...

2025-09-16
CVE-2025-59333
Analyzed
8.1
MCP Multiple Products

The mcp-database-server (MCP Server) 1

2025-09-16
CVE-2025-59332
Analyzed
8.6
Unknown Multiple Products

3DAlloy is a lightWeight 3D-viewer for MediaWiki

2025-09-15
CVE-2025-5931
Analyzed
8.8
WordPress Multiple Products

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4

2025-08-26
CVE-2025-59305
7.6
Unknown Multiple Products

Improper authorization in the background migration endpoints of Langfuse 3

2025-09-24
CVE-2025-59304
Analyzed
9.8
HP Multiple Products

A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote attacker to achieve Remote Code Execution via a crafted...

2025-09-17
CVE-2025-59295
8.8
Unknown Multiple Products

Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network

2025-10-14
CVE-2025-59292
8.2
Microsoft Multiple Products

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59291
8.2
Microsoft Multiple Products

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59287
KEV Analyzed
9.8
Microsoft Multiple Products

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

2025-10-14
CVE-2025-59278
7.8
Microsoft Multiple Products

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally

2025-10-15
CVE-2025-59277
7.8
Microsoft Multiple Products

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59275
7.8
Microsoft Multiple Products

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59273
Analyzed
7.3
Microsoft Multiple Products

Improper access control in Azure Event Grid allows an unauthorized attacker to elevate privileges over a network

2025-10-23
CVE-2025-59271
Analyzed
8.7
Redis Multiple Products

Redis Enterprise Elevation of Privilege Vulnerability

2025-10-09
CVE-2025-59255
7.8
Microsoft Multiple Products

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59254
7.8
Microsoft Multiple Products

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59251
Analyzed
7.6
Microsoft Multiple Products

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

2025-09-24
CVE-2025-59250
8.1
Unknown Multiple Products

Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network

2025-10-14
CVE-2025-59249
Analyzed
8.8
Microsoft Multiple Products

Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network

2025-10-14