Skip to main content
CVE-2025-20093 HIGH This Month

Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Linux Intel Linux Kernel
NVD
CVSS 4.0
8.6
EPSS
0.0%
CVE-2025-55164 HIGH PATCH This Month

content-security-policy-parser parses content security policy directives. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Prototype Pollution Information Disclosure
NVD GitHub
CVSS 4.0
8.8
EPSS
0.1%
CVE-2025-54800 HIGH PATCH This Month

Hydra is a continuous integration service for Nix based projects. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Hydra
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2025-5462 HIGH This Month

A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Denial Of Service Buffer Overflow Ivanti Connect Secure +3
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2025-5456 HIGH This Month

A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Ivanti Connect Secure +3
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2025-3831 HIGH This Month

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Harmony Sase
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-22830 HIGH This Month

APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Race Condition Aptio V
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2025-40743 HIGH This Month

A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
8.7
EPSS
0.0%
CVE-2025-30033 HIGH This Month

The affected setup component is vulnerable to DLL hijacking. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2024-52504 HIGH This Month

A vulnerability has been identified in SIPROTEC 4 6MD61 (All versions), SIPROTEC 4 6MD63 (All versions), SIPROTEC 4 6MD66 (All versions), SIPROTEC 4 6MD665 (All versions), SIPROTEC 4 7SA522 (All. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2024-41979 HIGH This Month

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 <. Rated high severity (CVSS 7.5). No vendor patch available.

Authentication Bypass Opcenter Quality
NVD
CVSS 4.0
7.5
EPSS
0.0%
CVE-2025-41686 HIGH This Month

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-8418 HIGH This Month

The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary Plugin Installation in all versions up to, and including, 1.1.30. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress RCE PHP
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6253 HIGH This Month

The UiCore Elements - Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the prepare_template() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-42976 HIGH This Month

SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow SAP Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-42951 HIGH This Month

Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain administrator privileges of a database by invoking the corresponding API.�As a result , it has a high. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
8.8
EPSS
0.1%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy