Filter and search through 887 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-30397 | Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a s... | 7.5 | 676 | Neutral | Yes |
| Yes |
| CVE-2025-30355 | ### Impact A malicious server can craft events with a `depth` outside the integer range allowed by Canonical JSON. When such an event is received by S... | 7.5 | 667 | Neutral | No | Yes |
| CVE-2025-30154 | reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs. | 8.6 | 833 | Neutral | Yes | Yes |
| CVE-2025-30066 | tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading ... | 8.6 | 833 | Neutral | Yes | Yes |
| CVE-2025-29824 | Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privilege... | 7.8 | 857 | Neutral | Yes | Yes |
| CVE-2025-27920 | Srimax Output Messenger contains a directory traversal vulnerability that allows an attacker to access sensitive files outside the intended directory,... | 8.8 | 964 | Neutral | Yes | Yes |
| CVE-2025-27915 | Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that exists in the Classic Web Client due to insufficient sanit... | 5.4 | 520 | Neutral | Yes | Yes |
| CVE-2025-2783 | Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided... | 8.3 | 883 | Neutral | Yes | Yes |
| CVE-2025-27038 | Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adre... | 7.5 | 804 | Neutral | Yes | Yes |
| CVE-2025-26633 | Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security... | 7.0 | 670 | Neutral | Yes | Yes |
| CVE-2025-25256 | An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3... | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2025-25181 | Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via th... | 7.5 | 819 | Neutral | Yes | No |
| CVE-2025-24993 | Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execut... | 7.8 | 728 | Neutral | Yes | Yes |
| CVE-2025-24991 | Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose inform... | 5.5 | 508 | Neutral | Yes | Yes |
| CVE-2025-24990 | Microsoft Windows Agere Modem Driver contains an untrusted pointer dereference vulnerability that allows for privilege escalation. An attacker who suc... | 7.8 | 728 | Neutral | Yes | Yes |
| CVE-2025-24985 | Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute... | 7.8 | 728 | Neutral | Yes | Yes |
| CVE-2025-24984 | Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthor... | 4.6 | 405 | Neutral | Yes | Yes |
| CVE-2025-24983 | Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | 7.0 | 713 | Neutral | Yes | Yes |
| CVE-2025-24201 | Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web conte... | 10.0 | 999 | Neutral | Yes | Yes |
| CVE-2025-24200 | Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked devi... | 6.1 | 532 | Neutral | Yes | Yes |