Beyond security
Language
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
Vulnerability Database & Cybersecurity Intelligence Platform
Real-time CVE vulnerability tracking, CVSS scoring, CISA KEV alerts, and EPSS data to protect your infrastructure from emerging threats.
Highest priority threats requiring immediate attention
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite local…
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with…
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own…
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens…
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess…
All the tools you need to monitor, analyze, and respond to vulnerabilities
Access 225,975+ vulnerabilities with CVSS scores, technical details, and affected products.
Prioritize vulnerabilities with CVSS v3.1 severity scores and EPSS exploit probability data.
Track vulnerabilities by vendor: Microsoft, Google, Apple, Linux, and thousands more.
Search vulnerabilities by specific product and get alerts for the technologies in your stack.
Filter by severity, product, vendor, date, CWE type, and exploitation status.
Actively exploited vulnerabilities from the CISA Known Exploited Vulnerabilities catalog.
Most recently added CVEs to our database
A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function frmL7ImForm of the file /goform/L7Im. The manipulation…
A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The…
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a…
A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter.…
A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the…
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization…
Vendors and products with the highest number of reported vulnerabilities
Explore our comprehensive CVE vulnerability database and stay informed about the latest threats.