Filter and search through 887 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-0994 | Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a... | 8.8 | 970 | Neutral | Yes |
| Yes |
| CVE-2025-0626 | The affected product sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so. This could serv... | 7.5 | 684 | Neutral | Yes | No |
| CVE-2025-0411 | 7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arb... | 7.0 | 584 | Rising | Yes | Yes |
| CVE-2025-0289 | Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by th... | 7.8 | 712 | Neutral | No | Yes |
| CVE-2025-0283 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for Z... | 7.0 | 611 | Neutral | No | Yes |
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution. | 9.0 | 988 | Trending | Yes | Yes |
| CVE-2024-9680 | Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process. | 9.8 | 999 | Low | Yes | Yes |
| CVE-2024-9537 | ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component. | 9.8 | 971 | Neutral | Yes | Yes |
| CVE-2024-9474 | Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interfa... | 7.2 | 773 | Neutral | Yes | Yes |
| CVE-2024-9381 | Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions. | 7.2 | 672 | Neutral | No | Yes |
| CVE-2024-9380 | Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated at... | 7.2 | 773 | Neutral | Yes | Yes |
| CVE-2024-9379 | Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a re... | 7.2 | 773 | Neutral | Yes | Yes |
| CVE-2024-8963 | Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted... | 9.1 | 999 | Neutral | Yes | Yes |
| CVE-2024-8190 | Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated at... | 7.2 | 773 | Neutral | Yes | Yes |
| CVE-2024-7971 | Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vuln... | 9.6 | 874 | Neutral | Yes | Yes |
| CVE-2024-7965 | Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a c... | 8.8 | 970 | Neutral | Yes | Yes |
| CVE-2024-7263 | Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.13489 on Windows allows an attac... | 7.8 | 749 | Neutral | No | Yes |
| CVE-2024-7262 | Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows ... | 7.8 | 850 | Neutral | Yes | Yes |
| CVE-2024-58136 | Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnera... | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2024-57968 | Advantive VeraCore contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload files to unintended fold... | 8.8 | 970 | Neutral | Yes | Yes |