382 Total CVEs
344 AI Analyzed
2 CISA KEV
123 Critical
All Vendors
Showing 1-382 of 382 CVEs
INVT-VTDESIGNER-MULTIPLE
Analyzed
7.8
Intel VT-Designer

Multiple memory corruption vulnerabilities in INVT VT-Designer affecting PM3 project file parsing. All 9 vulnerabilities have CVSS 7.8 and allow remot...

2025-07-22
CVE-2026-7858
Analyzed
9.8
Intel Teamwork Cloud / Magic Collaboration Studio

A deserialization vulnerability in Teamwork Cloud and Magic Collaboration Studio allows unauthenticated remote code execution.

2026-06-02
CVE-2026-7727
Analyzed
7.3
Intel PDM Product Data Management System

A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to 8

2026-05-04
CVE-2026-58423
Analyzed
7.7
Intel Gitea Open Source Git Server

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

2026-07-04
CVE-2026-58419
Analyzed
7.5
Intel Gitea Open Source Git Server

Notification API leaks private issue metadata after access revocation

2026-07-07
CVE-2026-58168
Analyzed
8.8
Intel DeepTutor

DeepTutor before version 1

2026-07-01
CVE-2026-5757
Analyzed
7.5
Intel Ollama

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server...

2026-06-28
CVE-2026-56663
Analyzed
8.5
Intel AutoGPT

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents

2026-06-27
CVE-2026-56447
Analyzed
9.3
Intel MISP

An authenticated MISP administrator can trigger arbitrary code execution by providing a malicious configuration file path for the Kafka_rdkafka_config...

2026-06-23
CVE-2026-56446
Analyzed
8.7
Intel MISP (Malware Information Sharing Platform)

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool

2026-06-23
CVE-2026-56424
Analyzed
7.1
Intel MISP

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editab...

2026-06-23
CVE-2026-56423
Analyzed
9.4
Intel MISP

MISP Core contains broken access-control checks in bulk deletion flows for Event Reports and Sharing Groups, allowing unauthorized deletion of data ac...

2026-06-23
CVE-2026-56422
Analyzed
9.4
Intel MISP

MISP core controllers fail to properly validate ownership and primary keys, allowing authenticated users to perform unauthorized data modifications on...

2026-06-23
CVE-2026-56340
Analyzed
8.8
Intel vLLM

vLLM versions >= 0

2026-06-21
CVE-2026-56230
Analyzed
8.8
Intel Capgo

Capgo before 12

2026-07-01
CVE-2026-56137
Analyzed
8.4
Intel RPG MAKER MV and MZ

RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc

2026-06-30
CVE-2026-55721
Analyzed
9.3
Intel Storage Concentrator

StoneFly Storage Concentrator is vulnerable to unauthenticated SQL injection via cookie values in login.pl and debug.pl, allowing for sensitive data e...

2026-07-01
CVE-2026-55607
Analyzed
7.7
Intel Claude Code

Claude Code is an agentic coding tool

2026-06-30
CVE-2026-55237
Analyzed
8.8
Intel Workflow Automation Platform

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents

2026-06-19
CVE-2026-54839
Analyzed
7.5
Intel Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups

Unauthenticated Sensitive Data Exposure in Trinity Backup &#8211; Backup, Migrate, Restore, Clone &amp; Schedule Backups <= 2

2026-06-28
CVE-2026-54018
Analyzed
7.7
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-06-24
CVE-2026-54011
Analyzed
8.7
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-06-24
CVE-2026-54010
Analyzed
8.3
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-06-24
CVE-2026-54008
Analyzed
8.5
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-06-24
CVE-2026-52885
Analyzed
7.5
Intel Notepad++

Notepad++ is a free and open-source source code editor

2026-06-28
CVE-2026-52813
Analyzed
10
Intel Gogs

A path traversal vulnerability in Gogs allows attackers to write files to arbitrary locations, enabling remote code execution via malicious Git hook c...

2026-06-25
CVE-2026-52805
Analyzed
8.7
Intel Gogs

Gogs is an open source self-hosted Git service

2026-06-25
CVE-2026-52801
Analyzed
8.1
Intel Gogs

Gogs is an open source self-hosted Git service

2026-06-25
CVE-2026-52798
Analyzed
8.9
Intel Gogs

Gogs is an open source self-hosted Git service

2026-06-25
CVE-2026-52797
Analyzed
8.5
Intel Gogs

Gogs is an open source self-hosted Git service

2026-06-25
CVE-2026-52783
Analyzed
8.2
Intel OpenProject

OpenProject is open-source, web-based project management software

2026-06-27
CVE-2026-52780
Analyzed
9.6
Intel OpenProject

OpenProject is vulnerable to cache store poisoning, which can be leveraged by attackers to achieve Remote Code Execution on the host system.

2026-06-27
CVE-2026-52758
Analyzed
8.8
Intel Ghidra

Ghidra before 12

2026-06-11
CVE-2026-52751
Analyzed
8.8
Intel Ghidra

Ghidra before 12

2026-06-11
CVE-2026-50549
Analyzed
9.3
Intel Cursor

A path canonicalization flaw in the Cursor AI code editor allows malicious agents to bypass sandbox restrictions and write arbitrary files, facilitati...

2026-06-26
CVE-2026-50016
Analyzed
8.8
Intel pnpm

pnpm is a package manager

2026-06-26
CVE-2026-49498
Analyzed
8.8
Intel Ghidra

Ghidra 11

2026-06-11
CVE-2026-48721
Analyzed
8.6
Intel Warp

Warp is an agentic development environment

2026-06-25
CVE-2026-48720
Analyzed
8.8
Intel Warp Development Environment

Warp is an agentic development environment

2026-06-25
CVE-2026-48704
Analyzed
8.8
Intel Warp Development Environment

Warp is an agentic development environment

2026-06-25
CVE-2026-47267
Analyzed
8.3
Intel Gogs

Gogs is an open source self-hosted Git service

2026-06-25
CVE-2026-46606
Analyzed
7.8
Intel Glances

Glances is an open-source system cross-platform monitoring tool

2026-06-27
CVE-2026-46558
Analyzed
8.3
Intel Plane

Plane is an open-source project management tool

2026-06-12
CVE-2026-46481
Analyzed
8.3
Intel OpenMetadata Platform

OpenMetadata is a unified metadata platform

2026-06-09
CVE-2026-46476
Analyzed
8.8
Intel Flowise

Flowise is a drag & drop user interface to build a customized large language model flow

2026-06-16
CVE-2026-46444
Analyzed
8.8
Intel Flowise

Flowise is a drag & drop user interface to build a customized large language model flow

2026-06-11
CVE-2026-45945
Analyzed
8.8
Intel VT-d

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix race condition during PASID entry replacement The Intel VT-d PAS...

2026-05-31
CVE-2026-45894
Analyzed
7.8
Intel VT-d

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down PASID entry The Intel VT-d Sca...

2026-06-01
CVE-2026-45675
Analyzed
8.1
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45672
Analyzed
8.8
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45671
Analyzed
8
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45665
Analyzed
8.1
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45402
Analyzed
8.1
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45401
Analyzed
8.5
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45400
Analyzed
8.5
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45399
Analyzed
7.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-45398
Analyzed
7.5
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-45395
Analyzed
7.2
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-45350
Analyzed
7.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-45349
Analyzed
7.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-45338
Analyzed
7.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45331
Analyzed
8.5
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45315
Analyzed
8.7
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45303
7.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45301
8.1
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45013
Analyzed
8.1
Intel ApostropheCMS

ApostropheCMS is an open-source Node

2026-06-14
CVE-2026-44721
Analyzed
7.3
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-44570
Analyzed
8.3
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-44569
Analyzed
7.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-44567
Analyzed
7.3
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-44566
Analyzed
7.3
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-44565
8.1
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-44556
Analyzed
7.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-44555
Analyzed
7.6
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-44554
8.1
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-44553
Analyzed
8.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-44552
Analyzed
8.7
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-44551
Analyzed
9.1
Intel Open WebUI

The LDAP authentication endpoint in Open WebUI fails to validate non-empty passwords, allowing unauthenticated attackers to bypass authentication and...

2026-05-16
CVE-2026-44549
Analyzed
7.3
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-43900
Analyzed
9.3
Intel DeepChat AI Platform

A Cross-Site Scripting (XSS) vulnerability exists in DeepChat due to improper sanitization of SVG artifacts, allowing arbitrary JavaScript execution.

2026-05-12
CVE-2026-43899
Analyzed
9.6
Intel DeepChat AI Platform

DeepChat contains an arbitrary protocol execution bypass allowing Remote Code Execution (RCE) via improper handling of native Electron pop-up windows.

2026-05-12
CVE-2026-41882
Analyzed
7.4
Intel IntelliJ IDEA

In JetBrains IntelliJ IDEA before 2024

2026-05-01
CVE-2026-41432
Analyzed
7.1
Intel New API

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system

2026-05-10
CVE-2026-40595
Analyzed
7.5
Intel Chartbrew

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts

2026-05-01
CVE-2026-39980
Analyzed
9.1
Intel OpenCTI

OpenCTI prior to 6.9.5 contains an EJS template injection vulnerability allowing authenticated users with Manage customization capabilities to execute...

2026-04-10
CVE-2026-35561
Analyzed
7.4
Intel Athena ODBC Driver

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2

2026-04-04
CVE-2026-34717
Analyzed
9.9
Intel OpenProject

A SQL injection vulnerability in OpenProject's reporting module allows attackers to execute unauthorized database queries via unparameterized user inp...

2026-04-03
CVE-2026-34448
Analyzed
9
Intel SiYuan

SiYuan is vulnerable to a stored XSS-to-RCE chain in its Attribute View. Malicious URLs in the mAsse field trigger JavaScript execution with full OS a...

2026-04-01
CVE-2026-34222
7.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-04-02
CVE-2026-34163
Analyzed
7.7
Intel and Redis

FastGPT is an AI Agent building platform

2026-04-01
CVE-2026-33233
Analyzed
7.6
Intel Workflow Automation Platform

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents

2026-05-19
CVE-2026-33232
Analyzed
7.5
Intel Workflow Automation Platform

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents

2026-05-19
CVE-2026-33203
Analyzed
7.5
Intel SiYuan Knowledge Management System

SiYuan is a personal knowledge management system

2026-03-22
CVE-2026-33175
Analyzed
8.8
Intel OAuthenticator

OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub

2026-04-04
CVE-2026-32698
Analyzed
9.1
Intel OpenProject

OpenProject is vulnerable to an SQL injection via custom field names, which can be leveraged to manipulate git checkout paths and achieve arbitrary Ru...

2026-03-19
CVE-2026-31782
Analyzed
7.8
Intel Linux Kernel (perf/x86)

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container_of in intel_pmu_hw_config Auto counter rel...

2026-05-03
CVE-2026-30950
Analyzed
7.1
Intel Workflow Automation Platform

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents

2026-05-19
CVE-2026-30304
Analyzed
9.6
Intel AI Code

AI Code's "Execute safe commands" feature is vulnerable to prompt injection, allowing attackers to bypass user approval and execute arbitrary terminal...

2026-03-28
CVE-2026-29075
Analyzed
8.3
Intel Mesa (Python Library)

Mesa is an open-source Python library for agent-based modeling, simulating complex systems and exploring emergent behaviors

2026-03-07
CVE-2026-28740
Analyzed
7.1
Intel Gitea Open Source Git Server

Gitea versions up to and including 1

2026-07-05
CVE-2026-28737
Analyzed
8.7
Intel Gitea Open Source Git Server

Gitea versions from 1

2026-07-04
CVE-2026-28699
Analyzed
8.1
Intel Gitea Open Source Git Server

Gitea versions up to and including 1

2026-07-04
CVE-2026-28536
Analyzed
9.6
Intel Device Authentication Module

An authentication bypass vulnerability in a device authentication module allows unauthenticated attackers to compromise the integrity and confidential...

2026-03-05
CVE-2026-27960
Analyzed
9.8
Intel OpenCTI Platform

OpenCTI contains a privilege escalation vulnerability allowing unauthenticated attackers to query the API as any user, including the default administr...

2026-05-06
CVE-2026-27771
Analyzed
8.2
Intel Gitea Open Source Git Server

Gitea versions up to and including 1

2026-07-04
CVE-2026-27483
Analyzed
8.8
Intel Multiple Products

MindsDB is a platform for building artificial intelligence from enterprise data

2026-02-25
CVE-2026-27449
Analyzed
7.5
Intel Multiple Products

Umbraco Engage is a business intelligence platform

2026-02-27
CVE-2026-27197
Analyzed
9.1
Intel Sentry (SAML SSO)

A critical flaw in Sentry's SAML SSO implementation allows account takeover via malicious Identity Providers in multi-organization or specifically con...

2026-02-21
CVE-2026-26193
7.3
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-02-21
CVE-2026-26192
7.3
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-02-20
CVE-2026-25802
Analyzed
7.6
Intel New API LLM Gateway

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system

2026-02-24
CVE-2026-2564
Analyzed
8.1
Intel VIP 3260 Z IA 2

A security flaw has been discovered in Intelbras VIP 3260 Z IA 2

2026-02-17
CVE-2026-25526
Analyzed
9.8
Intel JinJava

JinJava is vulnerable to arbitrary Java execution via a sandbox bypass in the ForTag component, allowing unauthorized class instantiation and file acc...

2026-02-05
CVE-2026-25505
Analyzed
9.8
Intel Bambuddy

Bambuddy versions prior to 0.1.7 contain a hardcoded JWT secret key and lack authentication checks on many API routes, allowing unauthenticated access...

2026-02-05
CVE-2026-24451
Analyzed
9.1
Intel Gitea Open Source Git Server

A vulnerability in Gitea 1.26.2 allows unauthorized data access by failing to terminate fork synchronization when a parent repository transitions from...

2026-07-07
CVE-2026-24123
Analyzed
7.4
Intel Multiple Products

BentoML is a Python library for building online serving systems optimized for AI apps and model inference

2026-01-27
CVE-2026-24060
Analyzed
9.1
Intel WebCTRL / BACnet

Service information in WebCTRL is transmitted unencrypted over BACnet, allowing attackers to sniff, intercept, and modify sensitive PLC update data an...

2026-03-21
CVE-2026-23950
Analyzed
8.8
Intel Multiple Products

node-tar,a Tar for Node

2026-01-20
CVE-2026-23880
Analyzed
7.3
Intel Multiple Products

OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida

2026-01-20
CVE-2026-23842
Analyzed
7.5
Intel Multiple Products

ChatterBot is a machine learning, conversational dialog engine for creating chat bots

2026-01-20
CVE-2026-23625
Analyzed
8.7
Intel Multiple Products

OpenProject is an open-source, web-based project management software

2026-01-20
CVE-2026-23554
7.8
Intel EPT paging

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications...

2026-03-24
CVE-2026-23493
Analyzed
8.6
Intel Multiple Products

Pimcore is an Open Source Data & Experience Management Platform

2026-01-16
CVE-2026-22864
Analyzed
8.1
Intel Multiple Products

Deno is a JavaScript, TypeScript, and WebAssembly runtime

2026-01-16
CVE-2026-22818
Analyzed
8.2
Intel Multiple Products

Hono is a Web application framework that provides support for any JavaScript runtime

2026-01-14
CVE-2026-22817
Analyzed
8.2
Intel Multiple Products

Hono is a Web application framework that provides support for any JavaScript runtime

2026-01-14
CVE-2026-22812
Analyzed
8.8
Intel Multiple Products

OpenCode is an open source AI coding agent

2026-01-13
CVE-2026-22793
Analyzed
9.6
Intel Multiple Products

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe option parsin...

2026-01-22
CVE-2026-22792
Analyzed
9.6
Intel Multiple Products

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe HTML renderin...

2026-01-22
CVE-2026-22619
Analyzed
7.8
Intel Intelligent Power Protector (IPP)

Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an...

2026-04-17
CVE-2026-22555
Analyzed
8.1
Intel Gitea Open Source Git Server

Gitea versions before 1

2026-07-04
CVE-2026-22038
Analyzed
8.1
Intel AutoGPT

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows

2026-02-05
CVE-2026-22031
Analyzed
8.4
Intel Multiple Products

@fastify/middie is the plugin that adds middleware support on steroids to Fastify

2026-01-20
CVE-2026-21887
Analyzed
7.7
Intel OpenCTI

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables

2026-03-14
CVE-2026-21881
Analyzed
9.1
Intel Multiple Products

Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below is vulnerable to a critical authentication bypass whe...

2026-01-08
CVE-2026-21858
Analyzed
10
Intel Multiple Products

n8n is an open source workflow automation platform. Versions below 1.121.0 enable an attacker to access files on the underlying server through executi...

2026-01-08
CVE-2026-21721
Analyzed
8.1
Intel Multiple Products

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards

2026-01-27
CVE-2026-2101
Analyzed
8.7
Intel ENOVIAvpm

A Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm Version 1 Release 16 through ENOVIAvpm Version 1 Re...

2026-02-17
CVE-2026-20779
Analyzed
7.1
Intel Gitea Open Source Git Server

Gitea versions from 1

2026-07-05
CVE-2026-20706
Analyzed
9.1
Intel Open Source Git Server

A security flaw in Gitea allows unauthorized users to bypass token scope checks when downloading repository archives via the web interface.

2026-07-07
CVE-2026-1777
Analyzed
7.2
Intel Multiple Products

The Amazon SageMaker Python SDK before v3

2026-02-03
CVE-2026-1333
Analyzed
7.8
Intel eDrawings

A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 t...

2026-02-17
CVE-2026-12957
Analyzed
7.8
Intel Language Servers for AWS

Improper trust boundary enforcement in Language Servers for AWS before version 1

2026-06-24
CVE-2026-1283
Analyzed
7.8
Intel Multiple Products

A Heap-based Buffer Overflow vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS 2025 through Rele...

2026-01-27
CVE-2026-1181
Analyzed
9
Intel Multiple Products

A stored cross-site scripting (XSS) vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An a...

2026-01-20
CVE-2026-10789
Analyzed
9.6
Intel Fusion

A critical flaw in the Autodesk Fusion MCP extension allows arbitrary code execution when a user visits a maliciously crafted webpage.

2026-06-23
CVE-2026-1009
Analyzed
9
Intel Multiple Products

A stored cross-site scripting (XSS) vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An a...

2026-01-16
CVE-2026-10055
Analyzed
8.5
Intel Theia

In Eclipse Theia since version 1

2026-07-03
CVE-2026-10045
Analyzed
9.8
Intel DR300 Router

The Shenzhen Kangda Xin DR300 router contains hardcoded credentials and has Telnet enabled by default, allowing for full device compromise.

2026-06-10
CVE-2026-0881
Analyzed
10
Intel Multiple Products

Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147.

2026-01-14
CVE-2026-0661
Analyzed
7.8
Intel 3ds Max

A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability

2026-02-05
CVE-2026-0660
Analyzed
7.8
Intel 3ds Max

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability

2026-02-05
CVE-2026-0659
Analyzed
7.8
Intel Arnold and 3ds Max

A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability

2026-02-05
CVE-2026-0538
Analyzed
7.8
Intel 3ds Max

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability

2026-02-05
CVE-2026-0537
Analyzed
7.8
Intel 3ds Max

A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability

2026-02-05
CVE-2026-0508
Analyzed
7.3
Intel BusinessObjects Business Intelligence Platform

The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert malicious URL within the applic...

2026-02-10
CVE-2025-9976
Analyzed
9
Intel Multiple Products

An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPER...

2025-10-13
CVE-2025-9804
Analyzed
9.6
Intel Multiple Products

An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Se...

2025-10-16
CVE-2025-9255
Analyzed
7.5
Intel Multiple Products

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read datab...

2025-08-23
CVE-2025-9187
Analyzed
9.8
Intel Multiple Products

Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough...

2025-08-20
CVE-2025-9121
Analyzed
8.8
Intel Multiple Products

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10

2025-12-16
CVE-2025-8913
Analyzed
9.8
Intel Multiple Products

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbi...

2025-08-13
CVE-2025-8853
Analyzed
9.8
Intel Multiple Products

Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers...

2025-08-11
CVE-2025-8355
Analyzed
7.5
Intel Multiple Products

In Xerox FreeFlow Core version 8

2025-08-08
CVE-2025-8276
Analyzed
10
Intel Multiple Products

Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Improper...

2025-09-16
CVE-2025-7976
Analyzed
7.8
Intel Multiple Products

Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-09-02
CVE-2025-7975
Analyzed
7.8
Intel Multiple Products

Anritsu ShockLine CHX File Parsing Directory Traversal Remote Code Execution Vulnerability

2025-09-02
CVE-2025-7918
Analyzed
9.8
Intel Multiple Products

WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrar...

2025-07-22
CVE-2025-7512
Analyzed
7.3
Intel Multiple Products

A vulnerability was found in code-projects Modern Bag 1

2025-07-14
CVE-2025-7343
Analyzed
9.8
Intel Multiple Products

The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, mo...

2025-07-22
CVE-2025-7222
Analyzed
7.8
Intel Multiple Products

Luxion KeyShot 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

2025-07-22
CVE-2025-71354
Analyzed
8.1
Intel Picklescan

picklescan before 0

2026-06-25
CVE-2025-70982
Analyzed
9.9
Intel Multiple Products

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive u...

2026-01-27
CVE-2025-68669
Analyzed
9.6
Intel Multiple Products

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerabili...

2025-12-24
CVE-2025-68616
Analyzed
7.5
Intel Multiple Products

WeasyPrint helps web developers to create PDF documents

2026-01-20
CVE-2025-68570
Analyzed
9.8
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in captivateaudio Captivate Sync captivatesync-trad...

2025-12-25
CVE-2025-68494
Analyzed
7.5
Intel Multiple Products

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-ele...

2025-12-26
CVE-2025-68472
8.1
Intel Multiple Products

MindsDB is a platform for building artificial intelligence from enterprise data

2026-01-13
CVE-2025-68270
Analyzed
9.9
Intel Multiple Products

The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are ab...

2025-12-17
CVE-2025-68054
Analyzed
8.5
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown With Image or Video Backg...

2025-12-17
CVE-2025-68053
Analyzed
8.5
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup xPromoter top_bar_promoter allows B...

2025-12-17
CVE-2025-67744
Analyzed
9.6
Intel Multiple Products

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to version 0.5.3, a security vulnerabi...

2025-12-16
CVE-2025-67489
Analyzed
9.8
Intel Multiple Products

@vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Versions 0.5.5 and below are vulnerable to arbitrary remote code execution...

2025-12-10
CVE-2025-67288
Analyzed
10
Intel Multiple Products

An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.

2025-12-23
CVE-2025-67108
Analyzed
10
Intel Multiple Products

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

2025-12-24
CVE-2025-67070
8.2
Intel Multiple Products

A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2

2026-01-10
CVE-2025-66481
Analyzed
9.6
Intel Multiple Products

DeepChat is an open-source AI chat platform that supports cloud models and LLMs. Versions 0.5.1 and below are vulnerable to XSS attacks through improp...

2025-12-10
CVE-2025-66480
Analyzed
9.8
Intel Multiple Products

Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component rel...

2026-02-03
CVE-2025-66423
Analyzed
7.1
Intel Multiple Products

Tryton trytond 6

2025-12-01
CVE-2025-66222
Analyzed
9.6
Intel Multiple Products

DeepChat is a smart assistant uses artificial intelligence. In 0.5.0 and earlier, there is a Stored Cross-Site Scripting (XSS) vulnerability in the Me...

2025-12-03
CVE-2025-65959
8.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2025-12-05
CVE-2025-65958
8.5
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2025-12-05
CVE-2025-65821
Analyzed
7.5
Intel Multiple Products

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sens...

2025-12-12
CVE-2025-65267
Analyzed
9
Intel Multiple Products

In ERPNext v15.83.2 and Frappe Framework v15.86.0, improper validation of uploaded SVG avatar images allows attackers to embed malicious JavaScript. T...

2025-12-03
CVE-2025-65213
Analyzed
9.8
Intel Multiple Products

MooreThreads torch_musa through all versions contains an unsafe deserialization vulnerability in torch_musa.utils.compare_tool. The compare_for_single...

2025-12-16
CVE-2025-6520
Analyzed
9.8
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Abis Technology BAPSIS allows Blind SQL Injectio...

2025-10-31
CVE-2025-64689
Analyzed
9.6
Intel Multiple Products

In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token

2025-11-11
CVE-2025-64518
Analyzed
7.5
Intel Multiple Products

The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs

2025-11-11
CVE-2025-64496
Analyzed
7.3
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2025-11-09
CVE-2025-64495
Analyzed
8.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2025-11-09
CVE-2025-64489
Analyzed
8.3
Intel Multiple Products

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application

2025-11-09
CVE-2025-64314
Analyzed
9.3
Intel Multiple Products

Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.

2025-11-29
CVE-2025-64180
Analyzed
10
Intel Multiple Products

Manager-io/Manager is accounting software. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorize...

2025-11-08
CVE-2025-63664
Analyzed
7.5
Intel Multiple Products

Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2

2025-12-23
CVE-2025-63663
Analyzed
7.5
Intel Multiple Products

Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2

2025-12-23
CVE-2025-62944
Analyzed
9.8
Intel Multiple Products

Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows Exploiting Incorrectly Configured Access Control Secu...

2025-10-28
CVE-2025-62712
Analyzed
9.6
Intel Multiple Products

JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4....

2025-10-30
CVE-2025-62610
Analyzed
8.1
Intel Multiple Products

Hono is a Web application framework that provides support for any JavaScript runtime

2025-10-22
CVE-2025-62368
Analyzed
9
Intel Multiple Products

Taiga is an open source project management platform. In versions 6.8.3 and earlier, a remote code execution vulnerability exists in the Taiga API due...

2025-10-28
CVE-2025-62155
Analyzed
8.5
Intel Multiple Products

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system

2025-11-26
CVE-2025-6205
KEV Analyzed
9.1
Intel Multiple Products

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access...

2025-08-05
CVE-2025-61781
7.1
Intel Multiple Products

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables

2026-01-06
CVE-2025-61385
Analyzed
9.6
Intel Multiple Products

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list inpu...

2025-10-28
CVE-2025-60785
Analyzed
8.8
Intel Multiple Products

A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7

2025-11-04
CVE-2025-60355
Analyzed
9.8
Intel Multiple Products

zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.

2025-10-29
CVE-2025-60118
Analyzed
8.5
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Potenzaglobalsolutions PGS Core allows SQL Injec...

2025-09-26
CVE-2025-59543
Analyzed
9
Intel Chamilo LMS

Chamilo LMS prior to 1.11.34 is vulnerable to stored XSS in the course description field, enabling authenticated trainers to capture administrator ses...

2026-03-07
CVE-2025-59363
Analyzed
7.7
Intel Multiple Products

In One Identity OneLogin before 2025

2025-09-14
CVE-2025-59152
Analyzed
7.5
Intel Multiple Products

Litestar is an Asynchronous Server Gateway Interface (ASGI) framework

2025-10-06
CVE-2025-59146
8.5
Intel Multiple Products

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system

2025-10-09
CVE-2025-59053
Analyzed
9.6
Intel Multiple Products

AIRI is a self-hosted, artificial intelligence based Grok Companion. In v0.7.2-beta.2 in the `packages/stage-ui/src/components/MarkdownRenderer.vue` p...

2025-09-12
CVE-2025-58951
Analyzed
9.3
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smartcms Advance Seat Reservation Management for...

2025-12-19
CVE-2025-58768
Analyzed
9.6
Intel Multiple Products

DeepChat is a smart assistant uses artificial intelligence. Prior to version 0.3.5, in the Mermaid chart rendering component, there is a risky operati...

2025-09-09
CVE-2025-58439
Analyzed
8.1
Intel Multiple Products

ERP is a free and open source Enterprise Resource Planning tool

2025-09-07
CVE-2025-58437
Analyzed
8.1
Intel Multiple Products

Coder allows organizations to provision remote development environments via Terraform

2025-09-07
CVE-2025-58407
Analyzed
7.4
Intel Multiple Products

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read...

2025-11-18
CVE-2025-58374
Analyzed
7.8
Intel Multiple Products

Roo Code is an AI-powered autonomous coding agent that lives in users' editors

2025-09-07
CVE-2025-58362
Analyzed
7.5
Intel Multiple Products

Hono is a Web application framework that provides support for any JavaScript runtime

2025-09-05
CVE-2025-58357
Analyzed
9.6
Intel Multiple Products

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the c...

2025-09-04
CVE-2025-58142
Analyzed
9.8
Intel Multiple Products

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple i...

2025-09-12
CVE-2025-57317
Analyzed
7.5
Intel Multiple Products

apidoc-core is the core parser library to generate apidoc result following the apidoc-spec

2025-09-25
CVE-2025-57141
Analyzed
9.8
Intel Multiple Products

rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc.

2025-09-08
CVE-2025-57052
Analyzed
9.8
Intel Multiple Products

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to...

2025-09-03
CVE-2025-56447
Analyzed
9.8
Intel Multiple Products

TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.

2025-10-22
CVE-2025-55976
8.4
Intel Multiple Products

Intelbras IWR 3000N 1

2025-09-10
CVE-2025-55730
Analyzed
10
Intel Multiple Products

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to versi...

2025-09-09
CVE-2025-55728
Analyzed
10
Intel Multiple Products

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to versi...

2025-09-09
CVE-2025-55526
Analyzed
9.1
Intel Multiple Products

n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py

2025-08-27
CVE-2025-55282
Analyzed
9.1
Intel Multiple Products

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to s...

2025-08-19
CVE-2025-55278
Analyzed
8.1
Intel Multiple Products

Improper authentication in the API authentication middleware of HCL DevOps Loop allows authentication tokens to be accepted without proper validation...

2025-11-06
CVE-2025-55010
Analyzed
9.1
Intel Multiple Products

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in th...

2025-08-12
CVE-2025-54886
Analyzed
8.4
Intel Multiple Products

skops is a Python library which helps users share and ship their scikit-learn based models

2025-08-08
CVE-2025-54725
Analyzed
9.8
Intel Multiple Products

Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows Authentication Abuse. This issue affects Golo: from n/a th...

2025-08-28
CVE-2025-54720
Analyzed
9.3
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SteelThemes Nest Addons allows SQL Injection. Th...

2025-08-28
CVE-2025-54586
Analyzed
7.1
Intel Multiple Products

GitProxy is an application that stands between developers and a Git remote endpoint

2025-07-30
CVE-2025-54525
Analyzed
7.5
Intel Multiple Products

Mattermost Confluence Plugin version <1

2025-08-11
CVE-2025-54478
Analyzed
7.2
Intel Multiple Products

Mattermost Confluence Plugin version <1

2025-08-11
CVE-2025-54430
Analyzed
9.1
Intel Multiple Products

dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Befor...

2025-07-30
CVE-2025-54382
Analyzed
9.6
Intel Multiple Products

Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution (RCE) vulnerability exists in th...

2025-08-13
CVE-2025-54322
Analyzed
10
Intel Multiple Products

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and...

2025-12-28
CVE-2025-54317
Analyzed
8.4
Intel Multiple Products

An issue was discovered in Logpoint before 7

2025-07-21
CVE-2025-53944
7.7
Intel Multiple Products

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents

2025-07-30
CVE-2025-53899
Analyzed
7.2
Intel Multiple Products

Kiteworks MFT orchestrates end-to-end file transfer workflows

2025-11-30
CVE-2025-53705
Analyzed
7.8
Intel Multiple Products

In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12

2025-08-19
CVE-2025-53691
Analyzed
8.8
Intel Multiple Products

Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (R...

2025-09-03
CVE-2025-53557
Analyzed
9.8
Intel Multiple Products

A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa)...

2025-08-25
CVE-2025-52931
Analyzed
7.5
Intel Multiple Products

Mattermost Confluence Plugin version <1

2025-08-11
CVE-2025-52694
Analyzed
10
Intel Multiple Products

Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vul...

2026-01-12
CVE-2025-52584
Analyzed
7.8
Intel Multiple Products

In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12

2025-08-19
CVE-2025-52494
Analyzed
7.5
Intel Multiple Products

Adacore Ada Web Server (AWS) before 25

2025-09-03
CVE-2025-52478
Analyzed
8.7
Intel Multiple Products

n8n is a workflow automation platform

2025-08-19
CVE-2025-52461
Analyzed
8.2
Intel Multiple Products

An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3

2025-08-25
CVE-2025-52161
Analyzed
9.8
Intel Multiple Products

Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross-site scripting (XSS) vulnerability.

2025-09-08
CVE-2025-51536
Analyzed
9.8
Intel Multiple Products

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password.

2025-08-05
CVE-2025-51535
Analyzed
9.1
Intel Multiple Products

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability.

2025-08-05
CVE-2025-50944
Analyzed
8.8
Intel Multiple Products

An issue was discovered in the method push

2025-09-15
CVE-2025-50735
Analyzed
7.5
Intel Multiple Products

Directory traversal vulnerability in NextChat thru 2

2025-11-04
CVE-2025-48317
Analyzed
7.5
Intel Multiple Products

Path Traversal vulnerability in Stefan Keller WooCommerce Payment Gateway for Saferpay allows Path Traversal

2025-09-05
CVE-2025-48006
Analyzed
8.2
Intel Multiple Products

Improper restriction of XML external entity reference issue exists in DataSpider Servista 4

2025-09-29
CVE-2025-4686
Analyzed
8.6
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kodmatic Computer Software Tourism Construction...

2026-01-31
CVE-2025-46269
Analyzed
7.8
Intel Multiple Products

In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12

2025-08-19
CVE-2025-46068
Analyzed
8.8
Intel Multiple Products

An issue in Automai Director v

2026-01-13
CVE-2025-45150
Analyzed
9.8
Intel Multiple Products

Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying a crafted...

2025-08-01
CVE-2025-44004
Analyzed
7.2
Intel Multiple Products

Mattermost Confluence Plugin version <1

2025-08-11
CVE-2025-43978
7.4
Intel Multiple Products

Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1

2025-08-05
CVE-2025-43468
7.5
Intel Multiple Products

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions

2025-11-04
CVE-2025-41723
Analyzed
9.8
Intel Multiple Products

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload fi...

2025-10-22
CVE-2025-41715
Analyzed
9.8
Intel Multiple Products

The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and po...

2025-09-24
CVE-2025-41392
Analyzed
7.8
Intel Multiple Products

In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12

2025-08-19
CVE-2025-41243
Analyzed
10
Intel Multiple Products

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable whe...

2025-09-16
CVE-2025-41033
Analyzed
9.8
Intel Multiple Products

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the...

2025-09-04
CVE-2025-41032
Analyzed
9.8
Intel Multiple Products

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the...

2025-09-04
CVE-2025-40897
Analyzed
8.1
Intel Multiple Products

An access control vulnerability was discovered in the Threat Intelligence functionality due to a specific access restriction not being properly enforc...

2026-04-16
CVE-2025-4046
Analyzed
8.5
Intel Multiple Products

A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization

2025-08-19
CVE-2025-39484
Analyzed
9.3
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Waituk Entrada allows SQL Injection.This issue a...

2026-01-06
CVE-2025-36855
Analyzed
8.8
Intel Multiple Products

A vulnerability ( CVE-2025-21176 https://www

2025-09-08
CVE-2025-36854
Analyzed
8.1
Intel Multiple Products

A vulnerability ( CVE-2024-38229 https://www

2025-09-08
CVE-2025-3646
Analyzed
7.3
Intel Multiple Products

Petlibro Smart Pet Feeder Platform versions up to 1

2026-01-04
CVE-2025-35998
Analyzed
7.9
Intel Quick Assist Technology (QAT)

Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kerne...

2026-02-11
CVE-2025-35984
Analyzed
8.8
Intel Multiple Products

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0

2025-08-25
CVE-2025-35051
Analyzed
9.8
Intel Multiple Products

Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticat...

2025-10-09
CVE-2025-3465
Analyzed
7.1
Intel Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ABB CoreSense™ HM, ABB CoreSense™ M10

2025-10-20
CVE-2025-33000
8.8
Intel Multiple Products

Improper input validation for some Intel QuickAssist Technology before version 2

2025-11-13
CVE-2025-32992
Analyzed
8.5
Intel Multiple Products

Thermo Fisher Scientific ePort through 3

2025-08-19
CVE-2025-32942
Analyzed
7.2
Intel Multiple Products

SSH Tectia Server before 6

2025-10-02
CVE-2025-32091
8.2
Intel Multiple Products

Incorrect default permissions in some firmware for the Intel(R) Arc(TM) B-series GPUs within Ring 1: Device Drivers may allow an escalation of privile...

2025-11-13
CVE-2025-32008
Analyzed
8.6
Intel AMT and Standard Manageability

Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) Standard Manageability within Ring 3: User Applications may allow a denial of se...

2026-02-11
CVE-2025-31044
Analyzed
8.5
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Premium SEO Pack allows SQL Injection

2026-01-06
CVE-2025-30973
Analyzed
9.8
Intel Multiple Products

Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object Injection. This issue affects CoSchool LMS: from n/a thro...

2025-07-16
CVE-2025-30185
7.9
Intel Multiple Products

Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege

2025-11-13
CVE-2025-28961
Analyzed
9.8
Intel Multiple Products

Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener allows Object Injection. This issue affects URL Shortener: from n...

2025-07-16
CVE-2025-27845
Analyzed
9.8
Intel Multiple Products

In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This all...

2025-08-15
CVE-2025-27614
Analyzed
8.6
Intel Multiple Products

Gitk is a Tcl/Tk based Git history browser

2025-07-11
CVE-2025-27034
Analyzed
9.8
Intel Multiple Products

Memory corruption while selecting the PLMN from SOR failed list.

2025-09-24
CVE-2025-26858
Analyzed
8.6
Intel Multiple Products

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1

2025-12-02
CVE-2025-26065
7.3
Intel Multiple Products

A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2

2025-08-05
CVE-2025-26064
7.3
Intel Multiple Products

A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2

2025-07-31
CVE-2025-26063
Analyzed
9.8
Intel Multiple Products

An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into...

2025-07-31
CVE-2025-26062
Analyzed
9.8
Intel Multiple Products

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain...

2025-07-31
CVE-2025-25737
Analyzed
9.8
Intel Multiple Products

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password...

2025-08-27
CVE-2025-25341
Analyzed
7.5
Intel Multiple Products

A vulnerability exists in the libxmljs 1

2025-12-27
CVE-2025-25273
7.8
Intel Multiple Products

Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2

2025-08-12
CVE-2025-24853
Analyzed
7.5
Intel Multiple Products

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the vi...

2025-07-31
CVE-2025-24838
8.8
Intel Multiple Products

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2

2025-11-13
CVE-2025-24486
7.8
Intel Multiple Products

Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2

2025-08-12
CVE-2025-24484
7.8
Intel Multiple Products

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1

2025-08-12
CVE-2025-24325
8.8
Intel Multiple Products

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1

2025-08-12
CVE-2025-24303
7.8
Intel Multiple Products

Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1

2025-08-12
CVE-2025-24299
8.8
Intel Multiple Products

Improper input validation for some Intel(R) CIP software before version WIN_DCA_2

2025-11-13
CVE-2025-22893
7.8
Intel Multiple Products

Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1

2025-08-12
CVE-2025-22889
7.9
Intel Multiple Products

Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to po...

2025-08-12
CVE-2025-22836
7.8
Intel Multiple Products

Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1

2025-08-12
CVE-2025-20371
Analyzed
7.5
Intel Multiple Products

In Splunk Enterprise versions below 10

2025-10-01
CVE-2025-20109
7.8
Intel Multiple Products

Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially e...

2025-08-12
CVE-2025-20093
8.2
Intel Multiple Products

Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1

2025-08-12
CVE-2025-20074
7.8
Intel Multiple Products

Time-of-check Time-of-use race condition for some Intel(R) Connectivity Performance Suite software installers before version 40

2025-08-12
CVE-2025-20010
7.8
Intel Multiple Products

Use of unmaintained third party components for some Intel(R) Processor Identification Utility before version 8

2025-11-13
CVE-2025-15447
Analyzed
7.3
Intel Multiple Products

A vulnerability has been found in Seeyon Zhiyuan OA Web Application System up to 20251223

2026-01-05
CVE-2025-15272
Analyzed
8.8
Intel Multiple Products

FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

2025-12-31
CVE-2025-15271
Analyzed
8.8
Intel Multiple Products

FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability

2025-12-31
CVE-2025-15270
Analyzed
8.8
Intel Multiple Products

FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability

2025-12-31
CVE-2025-15269
Analyzed
8.8
Intel Multiple Products

FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability

2025-12-31
CVE-2025-15227
Analyzed
7.5
Intel Multiple Products

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute...

2025-12-29
CVE-2025-15225
Analyzed
7.5
Intel Multiple Products

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to re...

2025-12-29
CVE-2025-15103
Analyzed
8.1
Intel Multiple Products

DVP-12SE11T - Authentication Bypass via Partial Password Disclosure

2025-12-30
CVE-2025-15015
Analyzed
7.5
Intel Multiple Products

Enterprise Cloud Database developed by Ragic has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Pa...

2025-12-22
CVE-2025-14929
Analyzed
7.8
Intel Multiple Products

Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14927
Analyzed
7.8
Intel Multiple Products

Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14924
Analyzed
7.8
Intel Multiple Products

Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14922
Analyzed
7.8
Intel Multiple Products

Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14921
Analyzed
7.8
Intel Multiple Products

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14279
Analyzed
8.1
Intel Multiple Products

MLFlow versions up to and including 3

2026-01-12
CVE-2025-14261
Analyzed
7.1
Intel Multiple Products

The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, whi...

2025-12-09
CVE-2025-13708
Analyzed
7.8
Intel Multiple Products

Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13233
Analyzed
7.3
Intel Multiple Products

A vulnerability has been found in itsourcecode Inventory Management System 1

2025-11-17
CVE-2025-12638
Analyzed
8
Intel Multiple Products

Keras version 3

2025-11-29
CVE-2025-12548
Analyzed
9
Intel Multiple Products

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration...

2026-01-14
CVE-2025-12488
Analyzed
9.8
Intel Multiple Products

oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote a...

2025-11-06
CVE-2025-12487
Analyzed
9.8
Intel Multiple Products

oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote a...

2025-11-06
CVE-2025-12421
Analyzed
9.9
Intel Multiple Products

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code...

2025-11-28
CVE-2025-12059
Analyzed
9.8
Intel Logo j-Platform

Logo j-Platform is vulnerable to the insertion of sensitive information into externally accessible files due to incorrectly configured access control...

2026-02-12
CVE-2025-11953
KEV Analyzed
9.8
Intel Multiple Products

The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoi...

2025-11-04
CVE-2025-11898
Analyzed
7.5
Intel Multiple Products

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traver...

2025-10-17
CVE-2025-11709
Analyzed
9.8
Intel Multiple Products

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulne...

2025-10-15
CVE-2025-11393
Analyzed
8.7
Intel Multiple Products

A flaw was found in runtimes-inventory-rhel8-operator

2025-12-16
CVE-2025-11287
Analyzed
7.3
Intel Multiple Products

A vulnerability was identified in samanhappy MCPHub up to 0

2025-10-05
CVE-2025-11201
Analyzed
8.1
Intel Multiple Products

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability

2025-10-29
CVE-2025-11148
Analyzed
9.8
Intel Multiple Products

All versions of the package check-branches are vulnerable to Command Injection check-branches is a command-line tool that is interacted with locally,...

2025-09-30
CVE-2025-10894
Analyzed
9.6
Intel Multiple Products

Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software reg...

2025-09-24
CVE-2025-10558
Analyzed
8.7
Intel Multiple Products

A stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrar...

2025-10-13
CVE-2025-10556
Analyzed
8.7
Intel Multiple Products

A stored Cross-site Scripting (XSS) vulnerability affecting Specification Management in ENOVIA Specification Manager from Release 3DEXPERIENCE R2023x...

2025-10-13
CVE-2025-10552
Analyzed
8.7
Intel Multiple Products

A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary...

2025-10-13
CVE-2025-10537
Analyzed
8.8
Intel Multiple Products

Memory safety bugs present in Firefox ESR 140

2025-09-16
CVE-2025-10452
Analyzed
9.8
Intel Multiple Products

Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify,...

2025-09-15
CVE-2025-10266
Analyzed
9.8
Intel Multiple Products

NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands t...

2025-09-12
CVE-2025-10203
Analyzed
7.8
Intel Multiple Products

Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that may result in arbitrary code execution

2025-09-15
CVE-2024-58311
Analyzed
9.8
Intel Multiple Products

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique ide...

2025-12-13
CVE-2024-58040
Analyzed
9.1
Intel Multiple Products

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption.

2025-09-30
CVE-2024-57521
Analyzed
10
Intel Multiple Products

SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.jav...

2025-12-24
CVE-2024-52786
Analyzed
9.8
Intel Multiple Products

An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated attackers to execute arbitrary code via a crafted UR...

2025-08-23
CVE-2023-53968
Analyzed
9.8
Intel Multiple Products

Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting...

2025-12-23
CVE-2023-36331
Analyzed
8.2
Intel Multiple Products

Incorrect access control in the /member/orderList API of xmall v1

2026-01-13
CVE-2022-50792
Analyzed
9.8
Intel Multiple Products

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vulnerability that allows remote attackers to access s...

2025-12-31
CVE-2022-38693
Analyzed
9.8
Intel Multiple Products

In FDL1, there is a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges.

2025-09-02
CVE-2021-47918
Analyzed
8.1
Intel Multiple Products

Simple CMS 2

2026-02-02
CVE-2020-36963
7.5
Intel Multiple Products

Intelbras Router RF 301K firmware version 1

2026-01-29
CVE-2020-36935
Analyzed
7.8
Intel Multiple Products

KMSpico 17

2026-01-26
CVE-2020-36925
Analyzed
9.8
Intel Multiple Products

Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass au...

2026-01-07
CVE-2019-25274
Analyzed
7.8
Intel ProShow Producer

ProShow Producer 9

2026-02-05
CVE-2019-25268
Analyzed
9.8
Intel Multiple Products

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application...

2026-01-08
CVE-2018-25413
Analyzed
8.2
Intel AiOPMSD Final

AiOPMSD Final 1

2026-06-01
CVE-2017-16715
Analyzed
8.6
Intel NPort

An Information Exposure issue was discovered in Moxa NPort 5110 Version 2

2026-06-04