Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (328883 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-36755 1 Cleverdisplay 1 Blueone 2025-12-14 N/A
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers demonstrated that, after cicumventing the device’s protective enclosure, it was possible to connect a USB keyboard and press ESC during boot to access the BIOS setup interface. BIOS settings could be viewed but not modified. This behavior slightly increases the attack surface by exposing internal system information (CWE-1244) once the enclosure is removed, but does not allow integrity or availability compromise under standard or tested configurations.
CVE-2025-13506 1 Nebim 1 Nebim V3 Erp 2025-12-14 8.8 High
Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database.This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1.
CVE-2025-14876 2025-12-14 5.5 Medium
A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host system by causing the QEMU process to terminate unexpectedly.
CVE-2025-13832 2025-12-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-67871 2025-12-13 N/A
Not used
CVE-2025-67870 2025-12-13 N/A
Not used
CVE-2025-67869 2025-12-13 N/A
Not used
CVE-2025-67868 2025-12-13 N/A
Not used
CVE-2025-67867 2025-12-13 N/A
Not used
CVE-2025-67866 2025-12-13 N/A
Not used
CVE-2025-67865 2025-12-13 N/A
Not used
CVE-2025-67864 2025-12-13 N/A
Not used
CVE-2025-67863 2025-12-13 N/A
Not used
CVE-2025-14066 2025-12-12 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-56045 2 Vibethemes, Wordpress 2 Wordpress Learning Management System, Wordpress 2025-12-12 9.3 Critical
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.
CVE-2024-56047 2 Vibethemes, Wordpress 2 Wordpress Learning Management System, Wordpress 2025-12-12 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3.
CVE-2024-56048 2 Vibethemes, Wordpress 2 Wordpress Learning Management System, Wordpress 2025-12-12 8.8 High
Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through 1.9.9.
CVE-2025-14538 1 Yangshare 1 Warehousemanager 2025-12-12 3.5 Low
A security vulnerability has been detected in yangshare warehouseManager 仓库管理系统 1.1.0. This affects the function addCustomer of the file CustomerManageHandler.java. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVE-2024-56049 2 Vibethemes, Wordpress 2 Wordpress Learning Management System, Wordpress 2025-12-12 8.5 High
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2.
CVE-2024-56050 2 Vibethemes, Wordpress 2 Wordpress Learning Management System, Wordpress 2025-12-12 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.3.