Filter and search through 198,703 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-7071 | Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to re... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-70600 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-70560 | Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserializ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-70559 | pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deser... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-70545 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-70311 | JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do i... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-7020 | An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. in the model ATTO3). An attack... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-7012 | An issue in Cato Networks' CatoClient for Linux, before version 5.5, allows a local attacker to escalate privileges to root by exploiting improper sym... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6999 | An HTTP Request Smuggling [CWE-444] vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request par... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69983 | FUXA v1.2.7 allows Remote Code Execution (RCE) via the project import functionality. The application does not properly sanitize or sandbox user-suppli... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69981 | FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the `/api/upload` API endpoint. The endpoint lacks authentication mechanisms, allowi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6998 | ReDoS in strip_whitespaces() function in cps/string_helper.py in Calibre Web and Autocaliweb allows unauthenticated remote attackers to cause denial o... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-69971 | FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verif... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69970 | FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by defau... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6992 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-69875 | A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and i... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-6985 | The HTMLSectionSplitter class in langchain-text-splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing. This vulnerab... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-69848 | NetBox is an open-source infrastructure resource modeling and IP address management platform. A reflected cross-site scripting (XSS) vulnerability exi... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-6984 | The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-6983 | A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to trick users into performing unintended actions via re... | 0.0 | 0 | Neutral | No | No |