Search

Expected end of text, found '.' (at char 32), (line:1, col:33)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (310460 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-6237 2025-09-18 N/A
A vulnerability in invokeai version v6.0.0a1 and below allows attackers to perform path traversal and arbitrary file deletion via the GET /api/v1/images/download/{bulk_download_item_name} endpoint. By manipulating the filename arguments, attackers can read and delete any files on the server, including critical system files such as SSH keys, databases, and configuration files. This vulnerability results in high confidentiality, integrity, and availability impacts.
CVE-2025-8463 2025-09-18 5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in SecHard Information Technologies SecHard allows Parameter Injection.This issue affects SecHard: before 3.6.2-20250805.
CVE-2025-46593 1 Huawei 1 Harmonyos 2025-09-18 5.1 Medium
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-46591 1 Huawei 1 Harmonyos 2025-09-18 6.2 Medium
Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-46589 1 Huawei 1 Harmonyos 2025-09-18 4.4 Medium
Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2025-46588 1 Huawei 1 Harmonyos 2025-09-18 4.4 Medium
Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2025-46586 1 Huawei 1 Harmonyos 2025-09-18 5.1 Medium
Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-31174 1 Huawei 1 Harmonyos 2025-09-18 6.8 Medium
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-31171 1 Huawei 1 Harmonyos 2025-09-18 6.8 Medium
File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-27521 1 Huawei 1 Harmonyos 2025-09-18 6.8 Medium
Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-10493 2025-09-18 5.3 Medium
The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to hijack and modify other users' quiz attempts by manipulating the chained_completion_id cookie value, allowing them to alter quiz answers, scores, and results of any user. The vulnerability was partially patched in versions 1.3.4 and 1.3.5.
CVE-2024-9136 1 Huawei 2 Emui, Harmonyos 2025-09-18 6.7 Medium
Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-58050 1 Huawei 1 Harmonyos 2025-09-18 6.2 Medium
Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-58046 1 Huawei 1 Harmonyos 2025-09-18 6.2 Medium
Permission management vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-57955 1 Huawei 1 Harmonyos 2025-09-18 6.1 Medium
Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-57954 1 Huawei 1 Harmonyos 2025-09-18 6.2 Medium
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56439 1 Huawei 1 Harmonyos 2025-09-18 7.5 High
Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56438 1 Huawei 2 Emui, Harmonyos 2025-09-18 6 Medium
Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56436 1 Huawei 1 Harmonyos 2025-09-18 5.5 Medium
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56435 1 Huawei 1 Harmonyos 2025-09-18 6.2 Medium
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.