Filter and search through 197,139 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-54433 | ## Summary In affected versions, ingestion paths construct file locations directly from untrusted `event_id` input without validation. A specially cr... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-54432 | Rejected reason: This CVE is a duplicate of another CVE. See CVE-2018-25031 and CVE-2021-46708. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54429 | Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. There are various account address types in Frontier, e.g. pre... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54427 | Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The extrinsic note_min_gas_price_target is an inherent extrin... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54426 | Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Cu... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54420 | Rejected reason: This CVE is a duplicate of CVE-2025-8129. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54415 | dag-factory is a library for Apache Airflow® to construct DAGs declaratively via configuration files. In versions 0.23.0a8 and below, a high-severity ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54414 | Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources fro... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54413 | ## Summary An inconsistency in `MethodNode` can be exploited to access unexpected object fields through dot notation. This can be used to achieve **a... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54412 | ## Summary An inconsistency in `OperatorFuncNode` can be exploited to hide the execution of untrusted `operator.xxx` methods. This can then be used in... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54407 | Stored cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSess... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54373 | OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a vulnerability ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54371 | ### Withdrawn Advisory This advisory has been withdrawn because users of Axios 1.10.0 have the flexibility to use a patched version of form-data, the ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54370 | **Product:** PhpSpreadsheet **Version:** 3.8.0 **CWE-ID:** CWE-918: Server-Side Request Forgery (SSRF) **CVSS vector v.3.1:** 7.5 (AV:N/AC:L/PR:N/UI:N... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54369 | Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signatu... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54368 | ## Impact In versions 0.8.5 and earlier of uv, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54364 | ### Withdrawn Advisory This advisory has been withdrawn because the attack surface of this vulnerability is outside of Knack's intended functionality.... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54363 | ### Withdrawn Advisory This advisory has been withdrawn because the attack surface of this vulnerability is outside of Knack's intended functionality.... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54362 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54361 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |