Filter and search through 198,669 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-6985 | The HTMLSectionSplitter class in langchain-text-splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing. This vulnerab... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-6984 | The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-6983 | A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to trick users into performing unintended actions via re... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6982 | Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= 200407 ), allows attackers to decrypt the config... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69604 | An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package tha... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6950 | An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6949 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A critical authorization... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6947 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69460 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-69459 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-69458 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-69457 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-69426 | The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an i... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69425 | The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) expose a command execution service on TCP port 2004 running with root privileg... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69421 | Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summar... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-69291 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues duri... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69290 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues duri... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69285 | SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.5.0 contain a missing authentication vulnerabi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69261 | WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in `WasmEdge/include/runtime/instance/memory.h` can wrap, causing... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-69211 | A NestJS application is vulnerable if it meets all of the following criteria: 1. Platform: Uses `@nestjs/platform-fastify`. 2. Security Mechanism: Re... | 0.0 | 0 | Neutral | No | Yes |