Filter and search through 196,494 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-43774 | A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.17 allows a remote aut... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-43772 | Kaleo Forms Admin in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GA, 7.3 GA through update 27, and older unsupported versions does not r... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4377 | Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.p... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4376 | Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue af... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4375 | Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cros... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4364 | The affected products could allow an unauthenticated attacker to access system information that could enable further access to sensitive files and obt... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43490 | A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow e... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43264 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43219 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43210 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4321 | In a Bluetooth device, using RS9116-WiseConnect SDK experiences a Denial of Service, if it receives malformed L2CAP packets, only hard reset will brin... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4318 | The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially a... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43018 | Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address book. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4280 | MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4273 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-42620 | In affected versions, vulnerability-lookup handled user-controlled content in comments and bundles in an unsafe way, which could lead to stored Cros... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-42616 | Some endpoints in vulnerability-lookup that modified application state (e.g. changing database entries, user data, configurations, or other privileg... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-42615 | In affected versions, vulnerability-lookup did not track or limit failed One-Time Password (OTP) attempts during Two-Factor Authentication (2FA) ver... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-42605 | This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on certain API endpoints for the initiation, modification, ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-42604 | This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerabil... | 0.0 | 0 | Neutral | No | No |