Filter and search through 198,094 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-64726 | Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. ... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-64724 | Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64723 | Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security ent... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64716 | ### Summary When using subrequest authentication, Anubis did not perform validation of the redirect URL and redirects user to any URL scheme. While m... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64712 | A Path Traversal vulnerability in the `partition_msg` function allows an attacker to write or overwrite arbitrary files on the filesystem when process... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64710 | Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting (XSS) vulnerabil... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64701 | QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privilege escalation vulnerability, which may allow a user who can log in to a Windows s... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64700 | Cross-site request forgery vulnerability exists in GROWI v7.3.3 and earlier. If a user views a malicious page while logged in, the user may be tricked... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64696 | Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files ma... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64695 | Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64693 | Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow vulnerability in processing Content-Length. Receiving a speci... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64690 | In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64689 | In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64688 | In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64687 | In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64686 | In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64528 | Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-64513 | ### Impact _What kind of vulnerability is it? Who is impacted?_ An unauthenticated attacker can exploit this vulnerability to bypass all authenticatio... | 0.0 | 0 | Neutral | Yes | Yes |
| CVE-2025-64502 | ### Impact The MongoDB `explain()` method provides detailed information about query execution plans, including index usage, collection scanning behav... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-64486 | calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an ... | 0.0 | 0 | Neutral | No | Yes |