Filter and search through 887 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-4428 | Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely e... | 8.8 | 999 | Neutral | Yes |
| Yes |
| CVE-2025-4427 | Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected... | 7.5 | 682 | Neutral | Yes | Yes |
| CVE-2025-43300 | Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework. | 10.0 | 999 | Rising | Yes | Yes |
| CVE-2025-43200 | Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via ... | 4.2 | 481 | Neutral | Yes | Yes |
| CVE-2025-42599 | Qualitia Active! Mail contains a stack-based buffer overflow vulnerability that allows a remote, unauthenticated attacker to execute arbitrary or trig... | 9.8 | 885 | Neutral | Yes | Yes |
| CVE-2025-41244 | Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-admin... | 7.8 | 771 | Neutral | Yes | Yes |
| CVE-2025-40602 | SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affec... | 6.6 | 638 | Neutral | Yes | Yes |
| CVE-2025-3928 | Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells. | 8.8 | 927 | Neutral | Yes | Yes |
| CVE-2025-38352 | Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and avai... | 7.4 | 664 | Neutral | Yes | Yes |
| CVE-2025-33053 | Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV lo... | 8.8 | 964 | Neutral | Yes | Yes |
| CVE-2025-32756 | Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker t... | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2025-32709 | Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privile... | 7.8 | 857 | Neutral | Yes | Yes |
| CVE-2025-32706 | Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to eleva... | 7.8 | 814 | Neutral | Yes | Yes |
| CVE-2025-32701 | Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privilege... | 7.8 | 857 | Neutral | Yes | Yes |
| CVE-2025-32432 | ### Impact This is an additional fix for https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g This is a high-impact, low-complexi... | 10.0 | 999 | Neutral | Yes | Yes |
| CVE-2025-31324 | SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload pote... | 9.8 | 999 | Viral | Yes | Yes |
| CVE-2025-31201 | Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authent... | 9.8 | 885 | Neutral | Yes | Yes |
| CVE-2025-31200 | Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio s... | 9.8 | 999 | Low | Yes | Yes |
| CVE-2025-30406 | Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for Vi... | 9.8 | 999 | Low | Yes | Yes |
| CVE-2025-30400 | Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | 7.8 | 857 | Neutral | Yes | Yes |