Search

Expected end of text, found '.' (at char 32), (line:1, col:33)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (311380 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-59885 2025-09-23 N/A
Not used
CVE-2025-59884 2025-09-23 N/A
Not used
CVE-2025-59883 2025-09-23 N/A
Not used
CVE-2025-59882 2025-09-23 N/A
Not used
CVE-2025-59881 2025-09-23 N/A
Not used
CVE-2025-59880 2025-09-23 N/A
Not used
CVE-2025-59879 2025-09-23 N/A
Not used
CVE-2025-59878 2025-09-23 N/A
Not used
CVE-2025-59877 2025-09-23 N/A
Not used
CVE-2025-59876 2025-09-23 N/A
Not used
CVE-2025-59813 2025-09-23 N/A
Not used
CVE-2025-59812 2025-09-23 N/A
Not used
CVE-2025-59811 2025-09-23 N/A
Not used
CVE-2024-37404 1 Ivanti 2 Connect Secure, Policy Secure 2025-09-23 8.8 High
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.
CVE-2020-26308 2 Ansman, Validatejs 2 Validate.js, Validate.js 2025-09-23 7.5 High
Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.
CVE-2024-48910 2 Cure53, Redhat 4 Dompurify, Advanced Cluster Security, Openshift and 1 more 2025-09-23 9.1 Critical
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to prototype pollution. This vulnerability is fixed in 2.4.2.
CVE-2024-50354 1 Consensys 1 Gnark 2025-09-23 5.5 Medium
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory.
CVE-2024-48463 1 Usebruno 1 Bruno 2025-09-23 6.5 Medium
Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for opening windows within the Markdown docs viewer.
CVE-2024-6238 1 Pgadmin 1 Pgadmin 4 2025-09-23 7.4 High
pgAdmin <= 8.8 has an installation Directory permission issue. Because of this issue, attackers can gain unauthorised access to the installation directory on the Debian or RHEL 8 platforms.
CVE-2024-37678 2 Finesoft Project, Hangzhou Meisoft Information Technology 2 Finesoft, Finesoft 2025-09-23 5.3 Medium
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script.