Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
14,961 matching · page 154/300Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-67288(opens NVD record) | Critical | 10.0 | An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code by uploading a crafted PDF file. NOTE: this is disputed by the Supplier because the responsibility for file validation (as shown in the documentation) belongs to the system administrator who is implementing Umbraco CMS in their environment, not to Umbraco CMS itself. The Supplier also states that PDF JavaScript runs in a completely isolated sandbox, not the browser's DOM context, which means that privilege boundaries would not be crossed, a related issue to CVE-2023-49279. | Dec 22, 2025 |
| CVE-2025-67289(opens NVD record) | Critical | 9.6 | An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file. | Dec 22, 2025 |
| CVE-2025-66499(opens NVD record) | High | 7.8 | A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code. | Dec 19, 2025 |
| CVE-2025-66498(opens NVD record) | Medium | 5.3 | A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing U3D data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption. | Dec 19, 2025 |
| CVE-2025-66497(opens NVD record) | Medium | 5.3 | A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption. | Dec 19, 2025 |
| CVE-2025-66496(opens NVD record) | Medium | 5.3 | A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption. | Dec 19, 2025 |
| CVE-2025-66495(opens NVD record) | High | 7.8 | A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code. | Dec 19, 2025 |
| CVE-2025-66494(opens NVD record) | High | 7.8 | A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code. | Dec 19, 2025 |
| CVE-2025-66493(opens NVD record) | High | 7.8 | A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code. | Dec 19, 2025 |
| CVE-2025-13941(opens NVD record) | High | 8.8 | A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which are later executed by the service, resulting in execution of arbitrary code with SYSTEM privileges. | Dec 19, 2025 |
| CVE-2025-14733(opens NVD record) | Critical | 9.8 | An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3. | Dec 19, 2025 |
| CVE-2025-64675(opens NVD record) | High | 8.3 | Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spoofing over a network. | Dec 19, 2025 |
| CVE-2025-65046(opens NVD record) | Low | 3.1 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Dec 18, 2025 |
| CVE-2025-65041(opens NVD record) | Critical | 10.0 | Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network. | Dec 18, 2025 |
| CVE-2025-65037(opens NVD record) | Critical | 10.0 | Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network. | Dec 18, 2025 |
| CVE-2025-64677(opens NVD record) | High | 8.2 | Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker to perform spoofing over a network. | Dec 18, 2025 |
| CVE-2025-64676(opens NVD record) | High | 7.2 | '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network. | Dec 18, 2025 |
| CVE-2025-64663(opens NVD record) | Critical | 9.9 | Custom Question Answering Elevation of Privilege Vulnerability | Dec 18, 2025 |
| CVE-2025-65568(opens NVD record) | High | 7.5 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During parsing, parseFAR() calls ip2int(), which performs an out-of-bounds read on the IPv4 address buffer and triggers an index-out-of-range panic. An attacker who can send PFCP Session Establishment Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services. | Dec 18, 2025 |
| CVE-2025-56157(opens NVD record) | Critical | 9.8 | Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. NOTE: the Supplier reports that the Docker configuration does not make PostgreSQL (on TCP port 5432) exposed by default in version 1.0.1 or later. | Dec 18, 2025 |
| CVE-2025-9787(opens NVD record) | Medium | 6.1 | Zohocorp ManageEngine Applications Manager versions 177400 and below are vulnerable to Stored Cross-Site Scripting vulnerability in the NOC view. | Dec 18, 2025 |
| CVE-2025-40602(opens NVD record) | Medium | 6.6 | A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC). | Dec 18, 2025 |
| CVE-2025-14874(opens NVD record) | High | 7.5 | A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser. | Dec 18, 2025 |
| CVE-2025-68129(opens NVD record) | Medium | 6.8 | Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. In applications built with the Auth0-PHP SDK, the audience validation in access tokens is performed improperly. Without proper validation, affected applications may accept ID tokens as Access tokens. Projects are affected if they use Auth0-PHP SDK versions between v8.0.0 and v8.17.0, or applications using the following SDKs that rely on the Auth0-PHP SDK versions between v8.0.0 and v8.17.0: Auth0/symfony versions between 5.0.0 and 5.5.0, Auth0/laravel-auth0 versions between 7.0.0 and 7.19.0, and/or Auth0/wordpress plugin versions between 5.0.0-BETA0 and 5.4.0. Auth0/Auth0-PHP version 8.18.0 contains a patch for the issue. | Dec 17, 2025 |
| CVE-2025-53000(opens NVD record) | High | 7.8 | The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. This issue has been patched in version 7.17.0. | Dec 17, 2025 |
| CVE-2025-20393(opens NVD record) | Critical | 10.0 | A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. | Dec 17, 2025 |
| CVE-2025-14727(opens NVD record) | High | 8.3 | A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | Dec 17, 2025 |
| CVE-2025-34288(opens NVD record) | Medium | 6.7 | Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a lower‑privileged user. A local attacker with access to the application account can modify this file to introduce malicious code, which is then executed with elevated privileges when the script is run. Successful exploitation results in arbitrary code execution as the root user. | Dec 16, 2025 |
| CVE-2025-14766(opens NVD record) | High | 8.8 | Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Dec 16, 2025 |
| CVE-2025-14765(opens NVD record) | High | 8.8 | Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Dec 16, 2025 |
| CVE-2025-68154(opens NVD record) | High | 8.1 | systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command injection on Windows systems. The optional `drive` parameter is directly concatenated into a PowerShell command without sanitization, allowing arbitrary command execution when user-controlled input reaches this function. The actual exploitability depends on how applications use this function. If an application does not pass user-controlled input to `fsSize()`, it is not vulnerable. Version 5.27.14 contains a patch. | Dec 16, 2025 |
| CVE-2025-33235(opens NVD record) | High | 7.8 | NVIDIA Resiliency Extension for Linux contains a vulnerability in the checkpointing core, where an attacker may cause a race condition. A successful exploit of this vulnerability might lead to information disclosure, data tampering, denial of service, or escalation of privileges. | Dec 16, 2025 |
| CVE-2025-33226(opens NVD record) | High | 7.8 | NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | Dec 16, 2025 |
| CVE-2025-33225(opens NVD record) | High | 8.4 | NVIDIA Resiliency Extension for Linux contains a vulnerability in log aggregation, where an attacker could cause predictable log-file names. A successful exploit of this vulnerability may lead to escalation of privileges, code execution, denial of service, information disclosure, and data tampering. | Dec 16, 2025 |
| CVE-2025-33212(opens NVD record) | High | 7.3 | NVIDIA NeMo Framework contains a vulnerability in model loading that could allow an attacker to exploit improper control mechanisms if a user loads a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering. | Dec 16, 2025 |
| CVE-2025-33210(opens NVD record) | Critical | 9.0 | NVIDIA Isaac Lab contains a deserialization vulnerability. A successful exploit of this vulnerability might lead to code execution. | Dec 16, 2025 |
| CVE-2025-65427(opens NVD record) | Medium | 6.5 | An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force password enumerations. | Dec 16, 2025 |
| CVE-2025-65319(opens NVD record) | Critical | 9.1 | When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software. | Dec 16, 2025 |
| CVE-2025-65318(opens NVD record) | Critical | 9.1 | When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software. | Dec 16, 2025 |
| CVE-2025-14432(opens NVD record) | Medium | 4.9 | In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration changes made using the provisioning server or the device WebUI. | Dec 16, 2025 |
| CVE-2025-36360(opens NVD record) | Medium | 5.0 | IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated, potentially enabling unauthorized access under certain network conditions. | Dec 15, 2025 |
| CVE-2025-14148(opens NVD record) | Medium | 6.5 | IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token. | Dec 15, 2025 |
| CVE-2025-13489(opens NVD record) | Medium | 5.9 | IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques. | Dec 15, 2025 |
| CVE-2025-66963(opens NVD record) | Medium | 5.5 | An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html | Dec 15, 2025 |
| CVE-2024-44599(opens NVD record) | High | 8.3 | FNT Command 13.4.0 is vulnerable to Directory Traversal. | Dec 15, 2025 |
| CVE-2024-44598(opens NVD record) | High | 8.8 | FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module. | Dec 15, 2025 |
| CVE-2025-11670(opens NVD record) | Medium | 6.4 | Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled. | Dec 15, 2025 |
| CVE-2025-14373(opens NVD record) | Medium | 4.3 | Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium) | Dec 12, 2025 |
| CVE-2025-14372(opens NVD record) | Medium | 6.1 | Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | Dec 12, 2025 |
| CVE-2025-14174(opens NVD record) | High | 8.8 | Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | Dec 12, 2025 |