Filter and search through 196,617 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-46735 | ## Impact: A security issue has been found in `terraform-provider-windns` before version `1.0.5`. The `windns_record` resource did not santize the inp... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-46729 | julmud/phpDVDProfiler is an adoption of the defunct phpDVDProfiler project, which allows users to display on the web their DVD collections maintained ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-46723 | The fix to https://cantina.xyz/code/c486d600-bed0-4fc6-aed1-de759fd29fa2/findings/21 has a typo that still results in the highest limb of `pc` being r... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4668 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-46573 | ### Overview This vulnerability allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response. This ca... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-46572 | ### Overview This vulnerability allows an attacker to impersonate any user during SAML authentication by crafting a SAMLResponse. This can be done by ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-46569 | ### Impact When run as a server, OPA exposes an HTTP[ Data API](https://www.openpolicyagent.org/docs/latest/rest-api/#data-api) for reading and writi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-46552 | KHC-INVITATION-AUTOMATION is a GitHub automation script that automatically invites followers of a bot account to join your organization. In some commi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4653 | Improper Neutralization of Special Elements in the backup name field may allow OS command injection. This issue affects Pandora ITSM 5.0.105. | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-4644 | A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could creat... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4643 | Payload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted to... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4642 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-46413 | Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router 'WSR-1800AX4 series'. When WPS is enabled, PIN code a... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4641 | Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager on Windows, MacOS, Linux (XML parsing components mo... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-46409 | Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4640 | Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4639 | CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder() method of WebDav servlet in Peergos. This issue affects Peer... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-46381 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-46380 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-46379 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |