Skip to main content
CVE-2025-6754 HIGH This Week

The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks in both the seo_metrics_handle_connect_button_click() AJAX handler and the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-23284 HIGH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23283 HIGH PATCH This Month

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Denial Of Service +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23281 HIGH This Month

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. Rated high severity (CVSS 7.0). No vendor patch available.

Nvidia Memory Corruption RCE Use After Free Microsoft +3
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-23279 HIGH PATCH This Month

NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service RCE Nvidia Information Disclosure Suse
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-23278 HIGH PATCH This Month

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Microsoft Windows Suse
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-23277 HIGH PATCH This Month

NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Linux Microsoft Authentication Bypass Denial Of Service +3
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-23276 HIGH This Month

NVIDIA Installer for Windows contains a vulnerability where an attacker may be able to escalate privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia RCE Microsoft Denial Of Service Path Traversal +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-6076 HIGH This Month

Partner Software's Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an authenticated attacker to upload a malicious file and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-54796 HIGH POC PATCH This Month

Copyparty is a portable file server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Copyparty
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-54386 HIGH PATCH This Month

Traefik is an HTTP reverse proxy and load balancer. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Privilege Escalation Denial Of Service RCE Path Traversal Traefik +2
NVD GitHub
CVSS 4.0
7.3
EPSS
0.9%
CVE-2025-54136 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE Cursor
NVD GitHub
CVSS 3.1
7.2
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy