Filter and search through 199,041 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-8917 | A vulnerability in clearml versions before 2.0.2 allows for path traversal due to improper handling of symbolic and hard links in the `safe_extract` f... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-8916 | Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-f... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-8915 | Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious adversary to do a Mann-in-the-middle attack via the ne... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8890 | Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8885 | A resource allocation vulnerability exists in Bouncy Castle for Java (by Legion of the Bouncy Castle Inc.) that affects all API modules. The vulnerabi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-8869 | When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. No... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-8866 | YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could e... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8865 | The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8864 | Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8863 | YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8862 | YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8860 | No description available | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-8782 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8771 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigati... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8768 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-12020. Reason: This candidate is a reservation duplicate of CVE-2... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8734 | A vulnerability classified as problematic has been found in GNU Bison up to 3.8.2. Affected is the function code_free of the file src/scan-code.c. The... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-8733 | A vulnerability was found in GNU Bison up to 3.8.2. It has been rated as problematic. This issue affects the function __obstack_vprintf_internal of th... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-8716 | In Content Management versions 20.4- 25.3 authenticated attackers may exploit a complex cache poisoning technique to download unprotected files from t... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-8709 | A SQL injection vulnerability exists in the langchain-ai/langgraph repository, specifically in the LangGraph's SQLite store implementation. The affect... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-8700 | Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unpr... | 0.0 | 0 | Neutral | No | No |