17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 11551-11600 of 17282 CVEs Page 232 of 346
CVE-2025-54912
7.8
Microsoft Multiple Products

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally

2025-09-09
CVE-2025-54910
Analyzed
8.4
Microsoft Multiple Products

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54908
7.8
Microsoft Multiple Products

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54907
7.8
Microsoft Multiple Products

Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54906
7.8
Microsoft Multiple Products

Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54904
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54903
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54902
7.8
Microsoft Multiple Products

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54900
Analyzed
7.8
Microsoft Multiple Products

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54899
7.8
Microsoft Multiple Products

Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54898
7.8
Microsoft Multiple Products

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54897
Analyzed
8.8
Microsoft Multiple Products

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

2025-09-09
CVE-2025-54896
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-09-09
CVE-2025-54895
7.8
Microsoft Multiple Products

Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally

2025-09-09
CVE-2025-54894
7.8
Unknown Multiple Products

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

2025-09-09
CVE-2025-54887
Analyzed
9.1
Unknown Multiple Products

jwe is a Ruby implementation of the RFC 7516 JSON Web Encryption (JWE) standard. In versions 1.1.0 and below, authentication tags of encrypted JWEs ca...

2025-08-08
CVE-2025-54886
Analyzed
8.4
Intel Multiple Products

skops is a Python library which helps users share and ship their scikit-learn based models

2025-08-08
CVE-2025-54882
Analyzed
7.1
Microsoft Multiple Products

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune

2025-08-07
CVE-2025-54878
Analyzed
8.6
CryptoLib Multiple Products

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications...

2025-08-11
CVE-2025-54875
Analyzed
9.8
Unknown Multiple Products

FreshRSS is a free, self-hostable RSS aggregator. In versions 1.16.0 and above through 1.26.3, an unprivileged attacker can create a new admin user wh...

2025-09-30
CVE-2025-54868
7.5
LibreChat Multiple Products

LibreChat is a ChatGPT clone with additional features

2025-08-05
CVE-2025-54865
7.3
Tilesheets Multiple Products

Tilesheets MediaWiki Extension adds a table lookup parser function for an item and returns the requested image

2025-08-05
CVE-2025-54863
Analyzed
10
Unknown Multiple Products

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to...

2025-11-04
CVE-2025-54860
7.7
Cognex Multiple Products

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device...

2025-09-18
CVE-2025-54858
7.5
Unknown Multiple Products

When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security...

2025-10-16
CVE-2025-54857
Analyzed
9.8
Unknown Multiple Products

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge BASIC MB-A130 Ver.1.5.8 and earli...

2025-09-02
CVE-2025-54854
7.5
Resource Multiple Products

When a BIG-IP APM OAuth access profile (Resource Server or Resource Client) is configured on a virtual server, undisclosed traffic can cause the apmd...

2025-10-16
CVE-2025-54851
7.5
Unknown Multiple Products

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1

2025-12-02
CVE-2025-54850
7.5
Unknown Multiple Products

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1

2025-12-02
CVE-2025-54849
7.5
Unknown Multiple Products

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1

2025-12-02
CVE-2025-54848
7.5
Unknown Multiple Products

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1

2025-12-02
CVE-2025-54831
Analyzed
7.5
Apache Multiple Products

Apache Airflow 3 introduced a change to the handling of sensitive information in Connections

2025-09-26
CVE-2025-5483
Analyzed
8.1
WordPress Multiple Products

The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wp_user

2025-11-08
CVE-2025-54820
8.1
Fortinet FortiManager

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7

2026-03-11
CVE-2025-54818
8
TCP Multiple Products

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modif...

2025-09-18
CVE-2025-54816
Analyzed
9.4
Unknown Multiple Products

This vulnerability occurs when a WebSocket endpoint does not enforce proper authentication mechanisms, allowing unauthorized users to establish conn...

2026-01-23
CVE-2025-54815
8.8
Unknown Multiple Products

Server-side template injection (SSTI) vulnerability in PPress 0

2025-09-19
CVE-2025-54811
7.1
Unknown Multiple Products

OpenPLC_V3 has a vulnerability in the enipThread function that occurs due to the lack of a return value

2025-10-01
CVE-2025-54810
8
TCP Multiple Products

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modif...

2025-09-18
CVE-2025-54808
7.8
Oxford Multiple Products

Oxford Nanopore Technologies' MinKNOW software at or prior to version 24

2025-10-23
CVE-2025-54807
Analyzed
9.8
Unknown Multiple Products

The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key...

2025-09-18
CVE-2025-54802
Analyzed
9.8
Unknown Multiple Products

pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there is an opportunity for path trav...

2025-08-05
CVE-2025-54796
Analyzed
7.5
Unknown Multiple Products

Copyparty is a portable file server

2025-08-04
CVE-2025-54788
8.8
SuiteCRM Multiple Products

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application

2025-08-07
CVE-2025-54785
8.8
SuiteCRM Multiple Products

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application

2025-08-07
CVE-2025-54780
7.7
Unknown Multiple Products

The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI

2025-08-05
CVE-2025-54769
Analyzed
8.8
Unknown Multiple Products

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing

2025-07-29
CVE-2025-54763
7.2
FutureNet Multiple Products

FutureNet MA and IP-K series provided by Century Systems Co

2025-10-31
CVE-2025-54762
Analyzed
9.8
HP Multiple Products

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS co...

2025-08-28
CVE-2025-54761
8
Unknown Multiple Products

An issue was discovered in PPress 0

2025-09-19