17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 15751-15800 of 17282 CVEs Page 316 of 346
CVE-2025-0080
7.8
Unknown Multiple Products

In multiple locations, there is a possible way to overlay the installation confirmation dialog due to a tapjacking/overlay attack

2025-08-27
CVE-2025-0079
7.8
Unknown Multiple Products

In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code

2025-08-27
CVE-2025-0078
8.8
Unknown Multiple Products

In main of main

2025-08-27
CVE-2025-0075
Analyzed
9.8
Unknown Multiple Products

In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to rem...

2025-08-27
CVE-2025-0074
Analyzed
9.8
Unknown Multiple Products

In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote...

2025-08-27
CVE-2025-0032
7.2
AMD Multiple Products

Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potent...

2025-09-07
CVE-2025-0005
7.3
Unknown Multiple Products

Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash...

2025-11-25
CVE-2025-0003
7.3
Inadequate Multiple Products

Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-Free condition potentially resulting in loss of co...

2025-11-25
CVE-2024-9684
7.5
Unknown Multiple Products

FreyrSCADA/IEC-60870-5-104 server v21

2025-12-24
CVE-2024-9408
Analyzed
9.8
Unknown Multiple Products

In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.

2025-07-16
CVE-2024-9342
Analyzed
9.8
Unknown Multiple Products

In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed l...

2025-07-16
CVE-2024-9183
7.7
GitLab Multiple Products

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18

2025-12-06
CVE-2024-9126
Analyzed
7.5
Apple Multiple Products

Use after free in Internals in Google Chrome on iOS prior to 127

2025-11-15
CVE-2024-8419
7.5
Unknown Multiple Products

The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authent...

2025-07-06
CVE-2024-8069
KEV
9.5
Citrix Session Recording

Citrix Session Recording Deserialization of Untrusted Data Vulnerability - Active in CISA KEV catalog.

2025-08-25
CVE-2024-8068
KEV
9.5
Citrix Session Recording

Citrix Session Recording Improper Privilege Management Vulnerability - Active in CISA KEV catalog.

2025-08-25
CVE-2024-7694
KEV
9.5
TeamT5 ThreatSonar Anti-Ransomware

TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability - Active in CISA KEV catalog.

2026-02-18
CVE-2024-7593
KEV Analyzed
9.8
Ivanti vTM (Virtual Traffic Manager)

An authentication bypass vulnerability in the Ivanti vTM admin panel allows remote unauthenticated attackers to gain unauthorized administrative acces...

2026-06-05
CVE-2024-7399
KEV
9.5
Samsung MagicINFO 9 Server

Samsung MagicINFO 9 Server Path Traversal Vulnerability - Active in CISA KEV catalog.

2026-04-25
CVE-2024-7017
Analyzed
7.5
Google Multiple Products

Inappropriate implementation in DevTools in Google Chrome prior to 126

2025-11-15
CVE-2024-6107
Analyzed
9.6
Unknown Multiple Products

Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has...

2025-07-22
CVE-2024-5986
Analyzed
9.1
Unknown Multiple Products

A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploit...

2026-02-02
CVE-2024-5958
Analyzed
8.8
Eliz Software Eliz Software Panel

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eliz Software Panel allows Command Line Executio...

2026-06-04
CVE-2024-58351
Analyzed
9.8
Flowise Flowise

Flowise versions before 2.1.4 are vulnerable to remote code execution and sandbox escape via an insecure overrideConfig option in the Chainflow execut...

2026-06-21
CVE-2024-58349
Analyzed
9.8
WordPress Theme Travelscape

WordPress Theme Travelscape 1.0.3 is susceptible to remote code execution due to insufficient validation of file uploads in the theme directory.

2026-06-08
CVE-2024-58348
Analyzed
9.8
WordPress Background Image Cropper

WordPress Background Image Cropper 1.2 allows unauthenticated attackers to execute arbitrary code via an insecure file upload endpoint.

2026-06-08
CVE-2024-58341
8.2
OpenCart Core

OpenCart Core 4

2026-03-26
CVE-2024-58338
Analyzed
9.8
Anevia Flamingo XL Multiple Products

Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the tracer...

2025-12-31
CVE-2024-58337
7.5
Akuvox Multiple Products

Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings an...

2025-12-31
CVE-2024-58336
Analyzed
9.8
Akuvox Smart Intercom Multiple Products

Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video...

2025-12-31
CVE-2024-58316
7.5
Unknown Multiple Products

Online Shopping System Advanced 1

2025-12-13
CVE-2024-58315
8.4
Key Multiple Products

Tosibox Key Service 3

2025-12-31
CVE-2024-58314
Analyzed
8.8
Atcom Multiple Products

Atcom 100M IP Phones firmware version 2

2025-12-13
CVE-2024-58311
Analyzed
9.8
Intel Multiple Products

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique ide...

2025-12-13
CVE-2024-58305
Analyzed
8.8
WonderCMS Multiple Products

WonderCMS 4

2025-12-13
CVE-2024-58304
7.5
CART Multiple Products

SPA-CART CMS 1

2025-12-13
CVE-2024-58299
Analyzed
9.8
Unknown Multiple Products

PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers c...

2025-12-13
CVE-2024-58274
8.3
Hikvision Multiple Products

Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2024-08-01 allows execution of a command within $( ) in /center/api...

2025-10-22
CVE-2024-58267
8
Rancher Multiple Products

A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attack...

2025-10-02
CVE-2024-58260
7.6
Rancher Multiple Products

A vulnerability has been identified within Rancher Manager where a missing server-side validation on the `

2025-10-02
CVE-2024-58259
Analyzed
8.2
Kubernetes Multiple Products

A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated)...

2025-09-02
CVE-2024-58258
Analyzed
7.2
SugarCRM Multiple Products

SugarCRM before 13

2025-07-14
CVE-2024-58041
Analyzed
9.1
Unknown Smolder (Perl)

Smolder versions through 1.51 use the insecure Perl rand() function for cryptographic operations. This lack of cryptographically secure entropy weaken...

2026-02-25
CVE-2024-58040
Analyzed
9.1
Intel Multiple Products

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption.

2025-09-30
CVE-2024-57728
KEV
9.5
SimpleHelp SimpleHelp

SimpleHelp Path Traversal Vulnerability - Active in CISA KEV catalog.

2026-04-25
CVE-2024-57726
KEV
9.5
SimpleHelp SimpleHelp

SimpleHelp Missing Authorization Vulnerability - Active in CISA KEV catalog.

2026-04-25
CVE-2024-57695
7.7
Unknown Multiple Products

An issue in Agnitum Outpost Security Suite 7

2025-11-13
CVE-2024-57521
Analyzed
10
Intel Multiple Products

SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.jav...

2025-12-24
CVE-2024-57491
8.8
Unknown Multiple Products

Authentication Bypass vulnerability in jobx up to v1

2025-08-20
CVE-2024-57157
Analyzed
9.8
Unknown Multiple Products

Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token.

2025-08-21