Filter and search through 198,179 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-66453 | When an application passed an attacker controlled float poing number into the `toFixed()` function, it might lead to high CPU consumption and a potent... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-6645 | PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-6644 | PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-6643 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose se... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-6642 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66416 | ### Description The Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66415 | ### Summary By crafting a malicious URL, an attacker could access routes that are not allowed, even though the `reply.from` is defined for specific ro... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66414 | The Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP ser... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66412 | A **Stored Cross-Site Scripting ([XSS](https://angular.dev/best-practices/security#preventing-cross-site-scripting-xss))** vulnerability has been iden... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66410 | ### Impact Attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileM... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-6641 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose se... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66409 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on E... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-66405 | ### Summary The gateway determines the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66400 | ### Impact Multiple (unprefixed) classnames could be added in markdown source by using character references. This could make rendered user supplied m... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-6640 | PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66385 | UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a higher role su... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66374 | CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to achieve privilege escalation through policy elevation of an Administr... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-66357 | CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-66288 | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Toolbox. An attacker must first obtain the abi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-66284 | Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSes... | 0.0 | 0 | Neutral | No | No |