Beyond security
Language
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
Vulnerability Database & Cybersecurity Intelligence Platform
Real-time CVE vulnerability tracking, CVSS scoring, CISA KEV alerts, and EPSS data to protect your infrastructure from emerging threats.
Highest priority threats requiring immediate attention
@fastify/middie versions 9.3.1 and earlier do not register inherited middleware directly on child plugin engine instances. When a Fastify application registers authentication middleware in a parent scope and then registers…
The Riaxe Product Customizer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.2. The plugin registers an unauthenticated AJAX action ('wp_ajax_nopriv_install-imprint') that maps…
MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.
Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string literals at global…
All the tools you need to monitor, analyze, and respond to vulnerabilities
Access 239,157+ vulnerabilities with CVSS scores, technical details, and affected products.
Prioritize vulnerabilities with CVSS v3.1 severity scores and EPSS exploit probability data.
Track vulnerabilities by vendor: Microsoft, Google, Apple, Linux, and thousands more.
Search vulnerabilities by specific product and get alerts for the technologies in your stack.
Filter by severity, product, vendor, date, CWE type, and exploitation status.
Actively exploited vulnerabilities from the CISA Known Exploited Vulnerabilities catalog.
Most recently added CVEs to our database
A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured…
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_employee.php.
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=.
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php.
Vendors and products with the highest number of reported vulnerabilities
Explore our comprehensive CVE vulnerability database and stay informed about the latest threats.